How viruses work:

[virtualadepts]

I have a theory how viruses work. My theory is you need one computer
program to host another computer program, and once the program is
hosted, and that program gets executed, it can launch the other
program in to memory on the free store, where it can run and play
behind the scenes of the operating system. Just by intentionally
writing a program that spills itself into the rest of memory. The
simplest kind will just start destroying a windows computer, but more
sophisticated programs will try to watch and understand what windows
is doing. As soon as windows starts shutting itself down, it will
write its loading program into the startup script, and once windows
starts up it will remove itself from the startup script, so you never
even see the program executing. And because the program is running
wild on the free store you never even notice it except for unsual
errors as it corrupts memory and slows down your machine. Eventually
it just hogs so much resources that it sends out bulk e-mail to
everyone online, and networks with all the other viruses behind your
back. It logs all your keystrokes and steals your passwords, putting
your identity into a hacker database. Almost every machine has the
virus, but no one can trace it down to the author who is probably
hiding in another country, especially because you get through a
network of spaghetti as all the viruses communicate with each other.
The unsecured free store in the computers memory is part of what C++
was built on, and windows was programmed up in the C++ programming
language. You can even write your own C++ operating systems and put
them on boot disks and cdroms. I think Bill Gates is really to blame
for all viruses because he doesn't have a way for windows to search
through its own memory and look for unusual activity. It doesn't even
know what it is doing itself.

 

[PerfectReign]

I have a theory how viruses work. My theory is you need one computer
program to host another computer program, and once the program is
hosted, and that program gets executed, it can launch the other program
in to memory on the free store, where it can run and play behind the
scenes of the operating system.

Wow, this day is full of brilliant ideas!

I think you've just invented the buffer overflow there, kiddo!


http://en.wikipedia.org/wiki/Buffer_overflow

Congratulations!

 

[virtualadepts]

Wow, this day is full of brilliant ideas!

I think you've just invented the buffer overflow there, kiddo!

http://en.wikipedia.org/wiki/Buffer_overflow

Congratulations!

The buffer overflow is completely different. Virus writers can
litterally launch their own viruses by hands on their friends
computers with software they write themselves. The software just
contains in a string another program that is already compiled that
launches itself into memory. Then the origonal program finds a way to
execute that program in memory seperately, perhaps at boot time before
windows even loads. The computer hardware is configured to be multi-
tasking. So all the program needs is a way to execute itself outside
of windows memory, rewrite itself into the boot sector at shutdown,
and delete it self at startup. All the initial attack has to do is
write itself into the boot sector and freeze your computer forcing a
restart. The virus can then execute itself in memory outside of the
operating system, and spy on your every keystroke, even e-mailing you
activity back to an anonymous account with its own e-mail server. The
bootsector virus just loads up first and then terminates spilling
itself into the windows startup script, or even the imac startup. I
can tell imac's aren't secure, but if you were to build a machine that
could only boot its intended operating system and configure that code
into CMOS viruses wouldn't be a problem. You would also have to
permanently configure what applications could load up at boot time
inside of the operating system, because a virus can rewrite the
operating system to execute resident programs behind your back.

 

[PerfectReign]

The buffer overflow is completely different. Virus writers can
litterally launch their own viruses by hands on their friends computers
with software they write themselves. The software just contains in a
string another program that is already compiled that launches itself
into memory. Then the origonal program finds a way to execute that
program in memory seperately, perhaps at boot time before windows even
loads.

Does Windows load on your computer? On mine, I find that hard to believe.

The computer hardware is configured to be multi- tasking.

How, exactly, did that happen? I've never heard of multi-tasking
hardware.

Does this mean that my hard drive can simultaneously act as a keyboard?

So
all the program needs is a way to execute itself outside of windows
memory,

That's easy! All my programs execute outside of Windows memory.

rewrite itself into the boot sector at shutdown, and delete it
self at startup. All the initial attack has to do is write itself into
the boot sector and freeze your computer forcing a restart. The virus
can then execute itself in memory outside of the operating system, and
spy on your every keystroke, even e-mailing you activity back to an
anonymous account with its own e-mail server. The bootsector virus just
loads up first and then terminates spilling itself into the windows
startup script, or even the imac startup. I can tell imac's aren't
secure, but if you were to build a machine that could only boot its
intended operating system and configure that code into CMOS viruses
wouldn't be a problem. You would also have to permanently configure
what applications could load up at boot time inside of the operating
system, because a virus can rewrite the operating system to execute
resident programs behind your back.

Oh, you're familiar with the TSx voting machines, then.

Maybe you're the one who rigged the election there in Ohio, then, eh?

 

[virtualadepts]

Does Windows load on your computer? On mine, I find that hard to believe.


How, exactly, did that happen? I've never heard of multi-tasking
hardware.

Does this mean that my hard drive can simultaneously act as a keyboard?


That's easy! All my programs execute outside of Windows memory.


Oh, you're familiar with the TSx voting machines, then.

Maybe you're the one who rigged the election there in Ohio, then, eh?

I have a solution to the problem PR. We all use firewalls on low end
PC's that run through each of our machines connected to the internet.
I'm installing finnix on my PC that got shut down because of its
viruses. It is just a live CD iso image that I can boot right up
with, and then I can monitor my iMac traffic. Trouble is I can't be
sure if finnix is hacked either, unless I wrote my own firewall to
watch what it was doing too. I'm sure all the computers at my cable
company are hacked too, so I can't even trust what goes out on their
end, but it mostly gets lost in spaghetti I imagine. Rigging
elections is just the start of it, a secret group of hackers is going
to take over the world if we all don't unplug.

http://www.finnix.org/

 

[virtualadepts]

I have a solution to the problem PR. We all use firewalls on low end
PC's that run through each of our machines connected to the internet.
I'm installing finnix on my PC that got shut down because of its
viruses. It is just a live CD iso image that I can boot right up
with, and then I can monitor my iMac traffic. Trouble is I can't be
sure if finnix is hacked either, unless I wrote my own firewall to
watch what it was doing too. I'm sure all the computers at my cable
company are hacked too, so I can't even trust what goes out on their
end, but it mostly gets lost in spaghetti I imagine. Rigging
elections is just the start of it, a secret group of hackers is going
to take over the world if we all don't unplug.

http://www.finnix.org/

Maybe I don't need an extra firewall. I'm reading about the iMac
startup system and it seems secure.

This page briefly describes the sequence of events that happen when
Mac OS X boots.

Some details of the boot process from power-on until the kernel is up
and running are covered in Booting Mac OS X and XNU: The Kernel. To
recapitulate:

* Power is turned on.
* Open Firmware code is executed.
* Hardware information is collected and hardware is initialized.
* Something (usually the OS, but also things like the Apple
Hardware Test, etc.) is selected to boot. The user may be prompted to
select what to boot.
* Control passes to /System/Library/CoreServices/BootX, the boot
loader. BootX loads the kernel and also draws the OS badges, if any.
* BootX tries to load a previously cached list of device drivers
(created/updated by /usr/sbin/kextcache). Such a cache is of the type
mkext and contains the info dictionaries and binary files for multiple
kernel extensions. Note that if the mkext cache is corrupt or missing,
BootX would look in /System/Library/Extensions for extensions that are
needed in the current scenario (as determined by the value of the
OSBundleRequired property in the Info.plist file of the extension's
bundle.
* The init routine of the kernel is executed. The root device of
the booting system is determined. At this point, Open Firmware is not
accessible any more.
* Various Mach/BSD data structures are initialized by the kernel.
* The I/O Kit is initialized.
* The kernel starts /sbin/mach_init, the Mach service naming
(bootstrap) daemon. mach_init maintains mappings between service names
and the Mach ports that provide access to those services.

 

[SasQ]

Dnia Fri, 30 Mar 2007 14:27:02 -0700, virtualadepts napisa³(a):

Removed follow-ups to groups other than comp.lang.c++
Don't cross-post!

I have a theory how viruses work.
[...]
it can launch the other program in to memory on the
free store, where it can run and play behind the scenes
of the operating system.

Not behind the scenes. If a program want to allocate some
memory from a free store, it has to ask OS for it. Only
the kernel routines could allocate a memory to it and
realize mapping virtual addresses to physical adresses.
Also, the sub-process launched by some process is running
in an address space of that parent process, so it can be
under full control of the OS and the parent process.

The simplest kind will just start destroying a windows
computer, but more sophisticated programs will try to
watch and understand what windows is doing.

Yeah, that's exactly what I've suspected
Your theory is strongly biased by the One True Platform ;P
Bear in mind that there are other platforms than Windows,
that are not hatcheries of viruses [like M$'s OS'es are].
Today's memory protection mechanisms are enough for
protecting from viruses, if they're used properly.

Eventually it just hogs so much resources that it sends
out bulk e-mail to everyone online

Only if you're running a bad protected M$ crap and don't
block incoming connections to SMTP ports - what machine
on local network really needs to behave like an SMTP server
if not a virussed zombie computer?

It logs all your keystrokes and steals your passwords,

So it still needs to hook on system procedures and it could
be detected.

putting your identity into a hacker database.

give me one address of that kind of "hacker database"
[one is enough i think ]

Almost every machine has the virus

Don't generalize. You're projecting your particular experiences
on the rest of the world.

The unsecured free store in the computers memory is part of
what C++ was built on

What do U mean by that C++ free store is "unsecured"? C++ standard
doesn't define anything about free store security, because it's
the OS-dependant matter. So U may say about "unsecured OS memory
management mechanisms", but not "unsecured C++ free store"

and windows was programmed up in the C++ programming language.

Where do U know that from? Do U have access to Windows's source code?

I think Bill Gates is really to blame for all viruses

Not only him [he didn't code all the Windows ;P], but the Microsoft
could be blamed for viruses, sure as Sun

because he doesn't have a way for windows to search through
its own memory and look for unusual activity.

He has, but not always use it.

It doesn't even know what it is doing itself.

Yeah

 

[jk]

I have a theory how viruses work. My theory is you need one computer
program to host another computer program, and once the program is
hosted, and that program gets executed, it can launch the other
program in to memory on the free store, where it can run and play
behind the scenes of the operating system. Just by intentionally
writing a program that spills itself into the rest of memory. The
simplest kind will just start destroying a windows computer, but more
sophisticated programs will try to watch and understand what windows
is doing. As soon as windows starts shutting itself down, it will
write its loading program into the startup script, and once windows
starts up it will remove itself from the startup script, so you never
even see the program executing. And because the program is running
wild on the free store you never even notice it except for unsual
errors as it corrupts memory and slows down your machine. Eventually
it just hogs so much resources that it sends out bulk e-mail to
everyone online, and networks with all the other viruses behind your
back. It logs all your keystrokes and steals your passwords, putting
your identity into a hacker database. Almost every machine has the
virus, but no one can trace it down to the author who is probably
hiding in another country, especially because you get through a
network of spaghetti as all the viruses communicate with each other.
The unsecured free store in the computers memory is part of what C++
was built on, and windows was programmed up in the C++ programming
language. You can even write your own C++ operating systems and put
them on boot disks and cdroms. I think Bill Gates is really to blame
for all viruses because he doesn't have a way for windows to search
through its own memory and look for unusual activity. It doesn't even
know what it is doing itself.

ask her at http://invisiblethings.org/ she knows more about such
things than many other.

 

[PerfectReign]

Rigging elections is just the
start of it, a secret group of hackers is going to take over the world
if we all don't unplug.

http://www.finnix.org/

Yes, I see.


I imagine you have your house wallpapered with aluminum foil, eh?

I see you're using Macintosh. I didn't know Macs could get on the
internet. Cool.

 

[Rev Turd Fredericks]

Yes, I see.


I imagine you have your house wallpapered with aluminum foil, eh?

I see you're using Macintosh. I didn't know Macs could get on the
internet. Cool.

Bite me!

 

[Guest]

Yes, I see.


I imagine you have your house wallpapered with aluminum foil, eh?

I see you're using Macintosh. I didn't know Macs could get on the
internet. Cool.

LOL. Were your parents cousins?

 

[Guest]

Yes, I see.


I imagine you have your house wallpapered with aluminum foil, eh?

I see you're using Macintosh. I didn't know Macs could get on the
internet. Cool.

OOOPS, I meant to say were your parents cousins or are you that lost? And
seriously if your that lost take the bad vista tag off sheesh.

 

[PerfectReign]

OOOPS, I meant to say were your parents cousins or are you that lost?
And seriously if your that lost take the bad vista tag off sheesh.

/me shakes head...

 

[Guest]

/me shakes head...

Learn2Unix kk thnx.

 

[PerfectReign]

Learn2Unix kk thnx.

Um, is school out? Oh yeah, it is Easter break. That explains this one.

If you think I should "learn to use Unix," then fine. I suppose that
using the school's BSD system in college, maintaining several Xenix
systems and working on developing software for SPARC stations doesn't
count, eh?

Oh, and then there's this computer. Of course it has NOTHING to do with
Unix whatsoever.

So, mr ubergeek, please enlighten us on your OS of choice. I see you at
least use a very current version of Pan.

 

[Guest]

Um, is school out? Oh yeah, it is Easter break. That explains this one.

If you think I should "learn to use Unix," then fine. I suppose that
using the school's BSD system in college, maintaining several Xenix
systems and working on developing software for SPARC stations doesn't
count, eh?

Oh, and then there's this computer. Of course it has NOTHING to do with
Unix whatsoever.

So, mr ubergeek, please enlighten us on your OS of choice. I see you at
least use a very current version of Pan.

Nah man just giving you a hard time about your mac on the net comment.
But i run Gentoo, fedora core 6, Redhat 9, Debian 3.1 Sarge, Solaris 10,
and how could i forget Openbsd 4.0. Mac OsX is based off of a Unix
Variant NextCube Os. Hence why i said the Learn2Unix comment. Granted you
are on Usenet which is better than the 400,000+ people that still try to
find information and informative talks via web forums.

 

[PerfectReign]

Nah man just giving you a hard time about your mac on the net comment.

Ahh...

....that was directed solely at a few of the regs in a2600. My Mac - a
'80s-era SE/30 - doesn't do the internet and has no browser. (It is
system 6.0.7, IIRC.) My wife had a mac in the mid-90s, an LC, I think.
I remember we gave that to one of our friend's daughters some years back.

I really haven't used a mac much since then. My father-in-law does use a
mac, and I'm familiar with it's *nix origins.

But i run Gentoo, fedora core 6, Redhat 9, Debian 3.1 Sarge, Solaris 10,
and how could i forget Openbsd 4.0.

Fukk! I just run SUSE. No time for anything else.

Mac OsX is based off of a Unix
Variant NextCube Os. Hence why i said the Learn2Unix comment. Granted
you are on Usenet which is better than the 400,000+ people that still
try to find information and informative talks via web forums.k

Heh! I run one and am on several of those, too. I think there are plusses
and minuses to both.

--
kai
www.perfectreign.com || www.4thedadz.com
www.filesite.org || www.donutmonster.com

closing the doors that surround me
so no one will ever penetrate
complete my retreat just to wait for the day
that never comes so i will laugh alone

 

[Guest]

Ahh...

...that was directed solely at a few of the regs in a2600. My Mac - a
'80s-era SE/30 - doesn't do the internet and has no browser. (It is
system 6.0.7, IIRC.) My wife had a mac in the mid-90s, an LC, I think.
I remember we gave that to one of our friend's daughters some years
back.

I really haven't used a mac much since then. My father-in-law does use a
mac, and I'm familiar with it's *nix origins.



Fukk! I just run SUSE. No time for anything else.


Heh! I run one and am on several of those, too. I think there are
plusses and minuses to both.

I used to be regular reader here until about 5 years ago when i got into
a wee bit of trouble. But yeah the companies that i deal with run all of
those platforms it gets annoying but none of them want to change hehe. Oh
and the old macs sheesh i feel your pain on those mang. Rough Stuff.Yeah
i still like seeing people use the far corners of the net and i like
seeing there is a little bit of interest still in the BBS and in usenet.
Last time I was here the big conversations was about xp coming out and
red hat releasing fedora core hehe.So yeah it has been a while since i
been on here but i read this group every day from 1995-2002.

 

[ThePsyko]

On 06 Apr 2007 I stormed the castle called alt.2600 and heard

I used to be regular reader here until about 5 years ago when i got
into a wee bit of trouble. But yeah the companies that i deal with run
all of those platforms it gets annoying but none of them want to
change hehe. Oh and the old macs sheesh i feel your pain on those
mang. Rough Stuff.Yeah i still like seeing people use the far corners
of the net and i like seeing there is a little bit of interest still
in the BBS and in usenet. Last time I was here the big conversations
was about xp coming out and red hat releasing fedora core hehe.So yeah
it has been a while since i been on here but i read this group every
day from 1995-2002.

OMG IT"S POLICESTOLEMYCAR!!!

 

[Guest]

On 06 Apr 2007 I stormed the castle called alt.2600 and heard

OMG IT"S POLICESTOLEMYCAR!!!

LOL, **** the cops seriously.