Virus

Question 1:

How to solve the virus crisis ?


Introduction and Purpose

As a regular reader of the newsgroup news:alt.comp.virus I know how serious the virus problem is. Every day there are new ones. The question immediate pops up: Can we solve the virus problem. IMO we can, however we have to pay a price.

Part of the problem in this newsgroup is that the readers are not allowed to discuss what virusses are in detail. IMO that is wrong. IMO there is nothing wrong in discussing what a virus is. It is wrong to write a virus. It is wrong to modify a program, adding actions that where not intended by the original creator of the program.
Explaining how a virus works will help to understand the general public what a virus does, how to prevent the virus to perform its deadly work and to solve the damage in case it has caused. Not only that if you know how virusses currently operate, you can study how they change, predict what they could do in the future and take protective actions.


Description

If you want to discus virusses than first we have to define what a virus is. IMO there are two different types: Only the second type are subject of this discussion.

A virus program performs two tasks:

Reproduction uses two strategies: diskettes or e-mail.


Answer part 1

IMO

The first rule allows a program to create files and directories relative to their own directory in which they reside i.e. in their child or offspring directories. That means programs should by preference only use relative disc addressing and not absolute disc addressing.

Most application programs under Windows 98 (ME ?) already follow both rules. All Programs, Visual Basic scripts, Java scripts and Macros should follow both rules.

The operating system itself should be an exception.


Answer part 2

Microsoft should supply the above feature as an option in its Operating Systems (Limited Edition).
IMO many people will benefit if it excists.


Reflection

One current strategy to protect yourself against macros is the following: Do not execute programs (macros) from unreliable (not trusted) sources.
IMO such a strategy is not very pratically on the long run (Currently, without any modification to the Operating System, it is one of the best). IMO the operating system should give the user a certain amount of build in protection. My suggestion does that.

When you go to the URL http://16ton.com/htg/consp2.htm the following message is displayed:
"You should be aware that any file you download from the network could contain malicious program code (application) or scripting language (documents). Simply viewing the contents of these files could be dangerous. Take precautions: do not download anything from a site that you do not trust. Are you sure you want to continue ?"

There are 17 programs available of this home page. See Program Implementation for details. As part of download infomation I have added the following warning: "You have to trust the owner for that". I wish that the Operating System would be responsible for this security risk and that trust would not be an issue.

A second type of strategy is to install Anti Virus (AV) software. The problem with AV software is that it requires continuous updates. My suggestion makes you less dependent on AV software. I can not quarantee that it solves all the problems.

A different strategy to solve the virus problem is more severe punishment for the people who make those virusses. IMO that deterrent will not work as a general world wide solution.

A different strategy is education. One current opinion is that it are only the lonely kids who write computer virus programs. All education is good and eduction about how to behave is worthwhile (for everyone of all ages). However telling someone that it is bad to write a virus I do not think will solve the problem.

The Love Letter virus contains many different parts and functions. Each of those parts is important and worthwhile knowing for any programmer, because it can be usefull for his normal day by day work. It is the combination of those functions that make it dangerous.

The price for my suggestion is less flexibility. That is a slight disadvantage. For me does disadvantages outperform the major advantage: More security


Technical Information

For a technical slide show about virusses see: http://www.seas.gwu.edu/~csci229/nov19/sld001.htm
For a technical information and (old) source code see: http://www.tlsecurity.net/
For virii resources see: http://vx.netlux.org/


Feedback

None


Feedback Form

Answering each of the following questions is an option.
  1. First name:
  2. Last Name:
  3. E-mail:
  4. Virus question 1:
    Do you agree, with the proposed solution rule 1? (No write into parent directory)
  5. Virus question 2:
    Do you agree, with the proposed solution rule 2? (All downloaded files first stored to disk)
  6. Virus question 3:
    Do you agree, that Micro Soft should release a "Limited Edition" ?
Once you have answered all the questions, click on the button.

If you would like to start over again, click on the button.


Created: 29 October 2000 Modified: 17 October 2001

Back to my home page Contents of This Document