Feeds

back to article The 30-year-old prank that became the first computer virus

To the author of ‪Elk Cloner‬, the first computer virus to be released outside of the lab, it’s sad that, 30 years after the self-replicating code's appearance, the industry has yet to come up with a secure operating system. When Rich Skrenta, created Elk Cloner as a prank in February 1982, he was a 15-year-old high school …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge
Terminator

I wrote a virus (no payload) for CP/M a long time back. I developed it on an Amstrad CPC though so spread would have been limited by the 3" disks it used. Also as this chap says the noise from the drive kind of gave the game away.

Oh Gawd. I think I'm getting BDOS flashbacks now.

2
0
Bronze badge
Flame

O_O

Did the virus do anything interesting?

0
0
Anonymous Coward

Re: Did the virus do anything interesting?

What does "no payload" mean to you?

3
0
Anonymous Coward

I can claim the fist phishing then?

Whilst studying computer science at a tech college in 1978; I accidentally found someone's user name and passwords in the bin; for pen-test reasons I obviously used these credentials to create a fake log-in screen on the Data General Eclipse computer, and logged-on with the fake log-in on each terminal in the computer room. (my phish just stole the victim user-id & pass - wrote to a file then 'crashed' the videoTTY and gave the user the genuine log-in screen. Luckily I didn't do anything bad with these evil-gotten gains and I did improve the security of DG as they had to re-write a bit of the OS to make the log-in screen to contain privileged features. I suppose my DDoS trojan was a bit iffy in terms of white-hat activities, but we're not celebrating trojan's birthday yet?

3
0
Silver badge
Joke

Re: I can claim the fist phishing then?

Oh we had a couple of pranks at polytechnic in the 80s for our Unix system:

If someone didn't use a password or left the console unattended we'd create the files '*' and '-rf' in the home directory.

Send an email with ^S somewhere in it. That would drop the BBC Micros out of TTY mode and into BASIC. That could cause great confusion since most of the class were electrical engineers and not really programmers.

Send an email with control characters that put the BBC into Mode 2.

Best of all though was coordinating your builds with other people so that the Bleasdale fell over under the stress :)

1
0
Anonymous Coward

Re: I can claim the fist phishing then?

Oh god, yes, I remember using the <esc>[4;1y sequence to force DEC serial terminals to power-cycle themselves, mostly via a Vax mainframe.

There was one particularly annoying trekkie who wrote an awful DCL scripted "diary" system, who was always nagging people to use it, who logged usage to a file in his home directory (an early form of phoning home). If you used OPEN/APPEND to add to the file, the VMS user-accesible auditing for the file wouldn't show who modified it.. so he got rather a lot of hand crafted ascii animations of a a rather foul nature, which invariably ended with a terminal reset.

(When time was pressing, he'd just get a complimentary copy of system STARLET libraries appended to it, to exhaust his quota).

Fucker, teach him to nag people to use his crappy diary thing, and then try and log what they were doing :)

14
0
Anonymous Coward

Re: I can claim the fist phishing then?

Remember when we started to get into email where I work (hi-tech company so should have known better) and Corporate IT decided to roll out an email system from HP which had this new idea of "attachements" that you could add to emails and from the email program you could go straight to viewing them in an application. Only problem was this was all running in the unix world and the attachements normally consistent of a lump of data and a shell script to start the appropriate program. I often wondered (but never did!) constructing an email with an attachment where the launch script was "cd $HOME; rm -rf"

3
0
Thumb Up

Re: I can claim the fist phishing then?

I did more or less the same thing back in 1986 with the college VAX clone (a Systime 8750). The ops manager often used to login from one of two specific terminals in the student part of the "computer room" when the admin/ops office terminals were all taken.

At lunch-time I rustled up a script to look like a VMS login and ran it on just enough terminals so as not to look suspicious if someone did a SHOW USERS. I hit the jackpot within 30 minutes when the sys admin username and password dropped into my mailbox.

I had full access to that box for the next two years of my college life :)

6
0
Devil

Re: I can claim the fist phishing then?

"If someone didn't use a password or left the console unattended we'd create the files '*' and '-rf' in the home directory."

It's always fun to create a file called 'readme.txt' containing 'readme.txt: File not found'

I've watched people puzzle over that for ages...

9
0
Anonymous Coward

Re: I can claim the fist phishing then?

> It's always fun to create a file called 'readme.txt' containing 'readme.txt: File not found'

Similarly you can take a screen shot of the user's desktop, set that as the desktop background, and then move all their icons off screen...

1
0
Happy

Re: I can claim the fist phishing then?

My favorite was to go to an unattended (but logged in) DEC VT and change the users' login prompt to

Console>

Heh heh! Hours of fun.... and much more powerful and effective than a thousand "lock your terminal, you silly git" security reminders!

Ah yes, those were the days,,,,,

1
0
Paris Hilton

Re: I can claim the fist phishing then?

... which invariably ended with a terminal reset. One fondly remembers the Wyse 14-something TTY's, which had programmable parameters, which could be written using non-ascii control sequences, with no sanity checks nor any hardware interlocks -- so a "terminal reset" on the Wyse would be, to f.ex., Speak the magick Word of Power that setteth the line scan frequency to Zero on some lusers terminal .... BooM, smoke comes out, IT-gremlins pours forth, seeking warm flesh to prod.

We had a skip of dead terminals right outside the building until we stopped replacing them!

0
0
Bronze badge
Gimp

Geeks have macs too

May this finally sound as a death nell to the 'form over function' and geeks use PCs/linux pish...

you don't get more geeky than the first virus creator!

-a fellow (mac owning) geek

0
7
Facepalm

Re: Geeks have macs too

PCs had only just launched. Linux was years away.

These may have beeen factors in the virus author's choosing a Mac.

4
6
Anonymous Coward

Re: Geeks have macs too

"May this finally sound as a death nell to the 'form over function' and geeks use PCs/linux pish..."

This will probably be amusing to the fanboys out there, but I hang out in #android-dev on IRC and the general consensus in there is that most of the Google Android Devs use Macs, certainly a lot of the regulars and most knowledgeable chatters in there do.

Personally I fall into the Linux camp, but meh... I think programmers don't mind any *nix based OS. Windows is seriously lacking in any kind of real tools, by that, I mean all the CLI magic that comes with any Linux install - presumably Macs too. Fun stuff like grep, awk, sed etc.

I realise you can get the GNU tools for Windows, but like git says if you run it in cmd.exe or PowerShell: 'terminal is not fully functional'. No kidding.

4
2
Bronze badge
Gimp

Re: Geeks have macs too

er - I was referring to the fact he says he now uses macs, not PCs (or linux).

An Apple II, is a 'II' not a mac...

7
0
Bronze badge
Childcatcher

Re: Geeks have macs too

Personally I fall into the Linux camp... Windows is seriously lacking in any kind of real tools

When I read the first bit, I already knew how the rest was going to go. It sounds to me like you have a nail (*NIX programming problem) and want to convince the rest of the world that the only tool to get any job done is a hammer. Sometimes, a screwdriver is called for (e.g. when working on Windows). Sounds to me that you would rather be hammered than screwed, but it all comes down to personal preference in my book.

As it happens, I have done plenty of scripting for UNIX and Windows- based systems. I really don't care which I am working in as long as I get paid for the work. I am lucky that I happen to enjoy both, but what really matters is that I can get the job done whichever is called for.

12
5
Anonymous Coward

Re: Geeks have macs too

Ah, my dear Robert. With the right pair of eyes, everything is a UNIX programming problem.

4
1
Headmaster

Re: Geeks have macs too

"May this finally sound as a death nell"

That'll be a a "death knell".

2
2
Headmaster

Re: Geeks have macs too

Just one of many syntax errors and typos in the article. :(

1
1
Anonymous Coward

Re: Geeks have macs too

" I really don't care which I am working in as long as I get paid for the work."

That is what separates us, I also enjoy the work and do it in my spare time - where I choose to use Linux. I use Windows for work, but my argument is about CLI tools - if you really think cmd.exe or powershell is anywhere near as powerful as bash, you're sadly ignorant or a fanboy.

But my point is, Windows comes with nothing to support development out of the box. For example, diff to compare two files, what if you want to find all files that reference a certain class: Linux: "grep -rl "ClassName" /path/i/want/to/search/". Need to test a server side web script is behaving properly? wget or curl etc. where is all this on Windows? Where is even simple stuff like whois? etc. All of that is part of a base Linux install.

I have nothing against Windows, but I stand by my point, it doesn't compare to Linux/*nix based OSs when it comes to development. Even when I'm developing on Windows, I have a Linux terminal open for stuff like above and using git. (Linux doesn't care that it's .NET source, even if you do).

"want to convince the rest of the world that the only tool to get any job done is a hammer"

I couldn't really care what anyone else uses, if you want to get offended and ignore what could possibly aid your job with comments about hammers and nails, that's up to you.

3
0
Bronze badge
Childcatcher

Re: Geeks have macs too

if you really think cmd.exe or powershell is anywhere near as powerful as bash, you're sadly ignorant or a fanboy.

Neither, really. I use what I can and have no qualms about pulling in whatever I need... within the confines of what I am allowed to. Likewise, no matter how robust the base tool set, I think most *NIX admins will likewise download and install 3rd party tools when they feel the need.

I understand that we approach this from different angles, but there are many instances in which the person working on a machine does not have the luxury of pulling whatever tools he or she prefers. In other words, using bash or another shell or tool set is not always allowed by policy.

But my point is, Windows comes with nothing to support development out of the box.

This is a gross exaggeration. Though I am happy to agree that the base UNIX command set is more powerful than what has been available to Windows admins, I have been able to accomplish plenty with baseline Windows tools, including automating process administration on *NIX boxes. I have not had enough experience with PowerShell to have an informed opinion (though this will change soon). I do know, however, that it is designed for handling Windows admin tasks. I doubt there will be much call to add this ability to bash or any other *NIX tool set, though I might be proved wrong.

I couldn't really care what anyone else uses, if you want to get offended and ignore what could possibly aid your job with comments about hammers and nails, that's up to you.

Please don't be so thin-skinned as to confuse humor (no matter how thin it might be) with offense. Obviously, you have different uses for whichever shell you use than I have had. I suspect if I did web development, I would use some version of Linux, but that is not my current gig. When I have had to manage *NIX systems in the past, I preferred to use bash. As I currently have to manage Windows systems, I use the Windows command line. My point is that you should use the right tools for the job. You seem to be saying that you have found the right tool and, lo, it is *NIX and its tools.

0
0
Bronze badge

Re: Geeks have macs too

Guess you *nix boys haven't realised that just about every single tool for *nix has been recreated on windows these days? I see you cite grep as a favourite... well.... Here we go...

http://gnuwin32.sourceforge.net/packages/grep.htm

That'll be Grep for windows by GNU then, right there. Few minutes of google searching finds just about every *nix tool you like for Windows, and they will all happily run under PowerShell giving me a very nice, integrated dev. environment.

Having trouble finding AD for *nix however, unless I'm prepared to hack it around with Samba in a very specific Ubuntu build.

Yeah, I'll stick with windows I think. Ta.

0
2
Anonymous Coward

Re: Nail and hammer

Sure, scripting and or using the CLI of windows quite possible although somewhat more painful than other OSes. However, most Windows admins do not write a script when they need to automate something, they usually go out and buy a new program that does lots of cool things.

0
0
Anonymous Coward

Re: Geeks have macs too

"Guess you *nix boys haven't realised that just about every single tool for *nix has been recreated on windows these days? I see you cite grep as a favourite... well.... Here we go..."

Umm, yes, I said so in my post: "I realise you can get the GNU tools for Windows"

That doesn't change the fact you're running it in a half baked "terminal". Neither cmd.exe nor powershell support multi-tasking, neither notify running applications of window resizes, cmd.exe can't even grow greater than 80 characters and powershell still won't full maximize (why?).

That's not even getting onto the joke that is copy & paste - I mean "mark" mode. For example, if git reports a changed file a few directories deep, because of said window size limit, the filename wraps, can you select it? No, you can't select from mid one line to the start of the line below, you have to take all of both lines to a text editor, and then select what you want.

You've clearly never used a Linux terminal and you're clearly very defensive of Windows, I can't see why else you're trying to bring AD into a client-side development tools discussion. Obviously if you need AD, then Linux on the server isn't for you, but alas, that's not what we're talking about. Try Linux some time, at the very worst it'll expand your experience.

2
0

Re: Geeks have macs too

See, the ignorance always comes out when you press for details.

Can't grow beyond 80 chars? You've really never seen the command window properties? It works almost exactly the same way as in *nix shells! No multitasking? The whole OS does multitasking and cmd automatically runs any windowed program or service in the background, or you can use start.exe to start a commandline script or program in the background, or you can start multiple cmd windows if you need multiple things done in the foreground. And all of that has been around since WinNT.

Before slagging off on something you're ignorant about, at least try to find out if you're wrong first.

But I will accept that the copy-paste behavior sucks.

0
1
Anonymous Coward

Re: Geeks have macs too

"You've really never seen the command window properties?"

Fair enough, you have to mess about in some properties dialog instead of the system default maximize button umm, maximizing the window. I'm guessing you have to keep going into properties to maximize to different resolutions on different monitors all the time, convenient. But this is what I mean by a half baked terminal - why can't it detect the screen resolution and adjust accordingly, why is it a manual job?

"The whole OS does multitasking and cmd automatically runs any windowed program or service in the background"

I'm talking about terminal multitasking, as in "copy file1 file2", send to background, "copy file3 file4" send to background in a single terminal instance. I realise in Windows you don't really get terminal applications like irssi, finch, elinks and such so it's probably not that obvious that it's missing if you're only launching GUI apps from it. Also, go lookup 'screen' if you want to see silly powerful terminal multitasking - that is also where you'll notice the lack of window resize messages.

1
0
TRT
Silver badge

Ah... valve radios...

where the slightest slip would melt the end of your screwdriver.

4
0

Re: Ah... valve radios...

ahh valve equipment , and CRT's , that selected only the fittest electronics engineers to carry on working on them by frying the ones too stupid and not biologically resistant enough to survive a few KV across the old ticker. (heart)

9
0
Anonymous Coward

Re: Ah... valve radios...

I used to have a bare chassis on my desk, reaching over it to get a book I would occasionally brush my forearm against the top of the output transformer. :-)

0
0
TRT
Silver badge

Re: Ah... valve radios...

Gave you the only thrill of the day, eh?! ;)

1
0
Happy

Re: Ah... valve radios...

Could never quite figure out why the frame of early TVs was at HT+ and the frame of the almost touching (most of the time) oscilloscope was grounded. Managed to take out the entire floor of the lab I was working in once, as well as a large chunk of both aluminium frames :-)

Never was the "sparky" nickname so apt :-)

0
0
Vic
Silver badge

Re: Ah... valve radios...

> Could never quite figure out why the frame of early TVs was at HT+

TVs generally didn't have an isolating transformer on the input - they just rectify the mains.

If you look at the configuration of a bridge rectifier, during the positive half-cycle of the mains, the chassis/0V rail will be connected to the neutral line by way of a diode - leaving it at 0V or thereabouts. But during the negative half-cycle, it's connected to the live by way of a diode. Thus during that half-cycle, you've got mains on the chassis.

Vic.

0
0
Thumb Down

You lost me at...

Apple II... dominent home computer.

5
0
Silver badge

Re: You lost me at...

Hehe.... This, from the preface to a summary of the Apple II, and its competitors the PET and TRS 80.:

I was convinced that the Apple II was the best, and even when there were certain clear advantages in the IBM PC platform regarding memory, processor speed, and volume of available software, I stubbornly held to my bias (after all, I had a lot of knowledge and money invested in the Apple II and did not care to change to something I didn’t know as well). This kind of attitude was the source of many of the computer “religious” wars of the 1970s and 1980s

-http://apple2history.org/2010/10/25/the-competition-part-2/

0
0
Gold badge

Re: You lost me at...

Apple claimed to be the first to sell a million despite Commodore's Vic 20 getting there first.

4
0
Stop

"Brain" worked on DOS, not Windows

R

4
0
Silver badge

The Multics cookie monster

> created Elk Cloner as a prank in February 1982

Ahem, in the late 70's (possibly earlier, but that's when I first encountered it) there was a "daemon" running around on Multics systems. Briefly, if you became it's lucky victim, it would take over your console and type up

I wanna cookie

on your screen (yes, we did have VDUs back then). Typing "cookie" would get it to go away for a while. Telling it to 'koff would get your session terminated (logged out). From what I recall it was written in PL/1 and was only a couple of pages of lineprinter paper.

Oh and BTW:

> the industry has yet to come up with a secure operating system.

It's not just the O/S that needs to be secure (and there are secure ones around), but the way it's used needs to be secure, too. That's the real problem

16
0
Anonymous Coward

cookie

0
0
Anonymous Coward

Re: The Multics cookie monster

Hey another Multician :)

Multics was a bit more a challenge to hack (it has a B2 security rating), but it too was vulnerable to the fake login screen. Yes.. you were MEANT to press the BREAK key to disconnect the terminal and reconnect, but if people saw the login prompt there they would happily type in their username and password. As a bunch of students we built quite a sophisticated application for emulating many different local systems. It took a while before we got rumbled, but back in the 1980s this sort of thing wasn't illegal, just a bit naughty.

One interesting security flaw in Multics was something called the subsystem usage tables. Basically, if you went into one of the more heavyweight applications such as email or the online conferencing system ("forum") then the user's name would be recorded in these publicly-accessible tables. At this point we had acquired a large quantity of Eastern European floppy disks we wanted to sell, so we scraped the subsystem usage tables for email addresses and spammed the entire university. Needless to say, everybody was annoyed by this but spam wasn't well known in the 1980s and nobody was sure exactly what we did wrong.

The most stupid hack we tried on Multics was also the simplest - the terminals in the labs were arranged back-to-back, so you could position yourself facing an unused terminal and swap the keyboard over. As that user typed in their username and password into what they thought was THEIR keyboard, you were logging it in EMACS and echoing it by typing on the keyboard in front of you (connected to the OTHER terminal). Because mainframes can get horribly laggy under load, it was actually a fairly successful technique for a while.

So yes, Multics is this fundamentally pretty secure OS. But you could still do a bit of low-tech hacking, back in the days when it was almost acceptable to give it a go..

6
0
Bronze badge

Re: The Multics cookie monster

The Multics Cookie Monster was not a virus, so for the purposes of the "first virus" title (ostensibly the point of this article) it's irrelevant that it predated Elk Cloner.

According to Gene Spafford, the term "virus" for computer malware actually dates back to the early '70s and a science-fiction story by David Gerrold - though the software Gerrold describes actually functions as a worm. (An infected machine demon-dials numbers until it connects to another computer, then "infects" it with a copy of VIRUS. I don't think Gerrold tried to explain the infection mechanism in any greater detail.)

John Brunner is often given credit for introducing the concept of worm malware in The Shockwave Rider (1975), though per the above one could argue that Gerrold got there first - albeit in much less detail. Brunner used the term "tapeworm".

Many people cite the 1988 Morris worm as the first worm malware actually seen in the wild.

But long before the Morris worm, or even Shockwave Rider's theoretical presentation of the idea, there was the Thomas Creeper - a worm that was first spotted infecting Tenex systems in 1971. Some sources (eg the always-reliable Wikipedia) claim Creeper was the "first virus", but it too doesn't deserve that title if we stick to the usual technical definition of that term.

1
0
Bronze badge

Re: The Multics cookie monster

+1 to that.

A couple of weeks ago my graphics card died, I took my PC into the local shop to have the card replaced. On booting it up and logging on the shoppie said: but you haven't got admin settings, you won't be able to change anything on your computer like that. Well, duh, exactly! If I want to do *administration* I log on as an *administrator*. Frighteningly, loads of computers are sold with the default configuration being a single admin user for general-pupose tasks.

Every time I hear something along the lines of "my kids have accessed my email account" my only thought is: why the hell did you give them your logon details you d***head.

0
0

Re: The Multics cookie monster

You took it to a shop?

2
0
WTF?

OK now this isn't fair (again)

it’s sad that, 30 years after the self-replicating code's appearance, the industry has yet to come up with a secure operating system.

To draw yet another automobile parallel, we've had seat-belt legislation since 1968. Yet there are enough stupid drivers who get killed in a collision when they could've been saved wearing a seat belt.

If you're a strict Windows user, you had a choice since 1999 to run a secure OS. The choice was forced onto you in 2007. If you chose to turn it off, that's not Microsoft's fault.

Maybe John Leyden still runs Windows 98. Or MacOS 9.

0
1
Def
Bronze badge

Re: OK now this isn't fair (again)

Windows isn't a secure OS. Neither is Linux, nor Mac OS. Not by a long way.

Without spending a million years configuring any of the above, how do I prevent an application that I run from reading/writing/deleting any of the files or directories I have access to? Or to put it another way, how do I restrict an application from accessing anything on my file system outside it its own directories, except for explicitly when I allow it by asking it to open a file?

2
0
Thumb Up

Re: OK now this isn't fair (again)

Well..."Metro" (Windows 8/Modern UI) apps in Windows 8 achieve that, one of the advantages of the new apps. People do tend to overlook this as an advantage, also means when you uninstall an app you can do it in two clicks and all remenants should be removed from your system.

Of course many of them use cloud services so it's another issue if you aren't fond of the cloud.

0
1
Silver badge
FAIL

Re: OK now this isn't fair (again)

Define "secure"...

Windows NT4 was classed as "Secure" by the US Department Of Defence - until you installed a network card.

So "secure" is only the parameters you measure it against.

So all, and none, of the current mainstream OS's are secure.

2
0
Bronze badge

Re: how do I restrict an application

Create a user to run the application as, and restrict that user's rights - simples.

0
0
Def
Bronze badge

Re: how do I restrict an application

"Create a user to run the application as, and restrict that user's rights - simples."

Yes, hence my comment about taking a million years. Creating a new user account for every application you run can be done, but in reality you're not going to waste the time it takes to set up. Additionally, with almost every application you run, ultimately you do want them to access *some* of your files, or at least one or two specific files - ie the ones you currently want to view/print/edit/etc. Having to change access rights for specific files on the fly for specific users/applications just isn't practical.

2
0
Silver badge

Re: OK now this isn't fair (again)

Look into SELinux or App Armor in the unix world to accomplish this. Its a shedload of work and honestly more often than not it ends up taking a long time to both lock down the system properly (unless you just use common packages on most distros that include the configs already) and allow all software to work correctly but if you are willing to put in the effort its out there. The other advantage is it allows denying improper access to a lot more than just the file system which is what is needed for true security.

3
0

Page:

This topic is closed for new posts.