Good Times Virus Hoax FAQ

• Messages sorted by:[ date ][ thread ][ subject ][ author ]

>      -----------------------------------------------------------------------> 
> Is an email virus possible?
> 
>      The short answer is no, not the way Good Times was described.
> 
>      The longer answer is that this is a difficult question that's open to
>      nitpicking. Keep three things in mind when considering the question:
> 
>        1. A virus is computer specific. IBM PC viruses don't affect
>           Macintoshes, and vice versa. That greatly limits the destructive
>           power of viruses. (And notice that none of the Good Times warnings
>           mention which types of computers are affected.)
> 
>        2. A virus, by definition, can't exist by itself. It must infect an
>           executable program. To transmit a virus by email, someone would
>           have to infect a file and attach the file to the email message. To
>           activate the virus, you would have to download and decode the file
>           attachment, then run the infected program. In that situation, the
>           email message is just a carrier for an infected file, just like a
>           floppy disk carrying an infected file.
> 
>        3. Some of the situations that people have dreamed up involve Trojan
>           horses rather than viruses. A virus can only exist inside another
>           program, which then automatically infects other programs. A Trojan
>           horse is a program that pretends to do something useful, but
>           instead does something nefarious. Trojans aren't infectious, so
>           they're much less common than viruses.
> 
>      There are some email programs that can be set to automatically download
>      a file attachment, decode it, and execute the file attachment. If you
>      use such a program, you would be well advised to disable the option to
>      automatically execute file attachments.
> 
>      You should, of course, be wary of any file attachments a stranger sends
>      you. At the least, you should check such file attachments for viruses
>      before running them.
>      -----------------------------------------------------------------------> 

The real nit-picking only becomes apparent if you subscribe to the
security alert bullitens from CERT -- the Computer Emergency Response
Team.  These people email bullitens out to system administrators to
keep them abreast of various computer security threats and incidents.

Some email programs on very popular big name computer systems like Sun
and Hewlett Packard have been found to contain bugs that permit
devious people to do devious things by exploiting these bugs.

On trick that comes to mind was an email program, a version of
sendmail, that did not expect any single line of text in an email to
exceed a certain rather huge number of characters, but it only
allocated a buffer that big, it never actually checked to see if the
buffer was going to overflow.  By deliberately composing email that
overflowed this long line (4096 chars?) and having the cont4ents after
that point actually be executable object code in that computer's
machine language, the intruder was able to gain root access and to
cute things, such as creating an account for himself so he could later
log in, or changing the password for root, or...

-- 
--------  "And there came a writing to him from Elijah"  [2Ch 21:12]  --------
Robert Jay Brown III  rj@eli.wariat.org  http://eli.wariat.org  1 847 705-0424
Elijah Laboratories Inc.;  37 South Greenwood Avenue;  Palatine, IL 60067-6328
-----  M o d e l i n g   t h e   M e t h o d s   o f   t h e   M i n d  ------