Feeds

back to article The 30-year-old prank that became the first computer virus

To the author of ‪Elk Cloner‬, the first computer virus to be released outside of the lab, it’s sad that, 30 years after the self-replicating code's appearance, the industry has yet to come up with a secure operating system. When Rich Skrenta, created Elk Cloner as a prank in February 1982, he was a 15-year-old high school …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge

Re: how do I restrict an application

> Creating a new user account for every application you run can be done, but in reality you're not going to waste the time it takes to set up.

In reality, that's how a lot of system services run in Linux. There's no real reason why they can't run with separate user credentials.

As for user applications, that is of course a different story.

2
0
Bronze badge

Re: how do I restrict an application

useradd new-user

passwd new-user

chgrp new-user existing-file

chmod g+rw existing-file

su new-user

[install the app as new-user]

logout

chmod u+s new-app-exe

Now you can run the app, and it will run as the user you created. How long do you think that takes?

3
0
Silver badge

Re: OK now this isn't fair (again)

> how do I restrict an application from accessing anything on my file system outside it its own directories

Chroot or jail (but you have to put the files you need it to open in there of course)

1
0
Windows

Re: Def; Well... it won't make the OS secure, but...

With Linux, it's comparatively simple. Take the source code for your preferred file system driver. When it gets an IO request have it check the application against allowed folders. If the request isn't in those folders, give a prompt. If permission is denied, give a file not found. With Windows and OSX it's probably a little more complicated, but you can probably make a filter driver which filters the IO requests.

Which will make a nice secure file-system, and leave everything else (read: enough) insecure. Might give this a shot at some point actually. Seems like a nice first step into driver programming and secured databases.

0
0
Bronze badge

Re: OK now this isn't fair (again)

How does the subsystem tell the difference between:

filename=FileOpenDialog()

handle=fopen(filename)

and

filename="embeddedstring"

handle=fopen(filename)

?

1
0
Bronze badge

Re: how do I restrict an application

> Creating a new user account for every application you run can be done, but in reality you're not going to waste the time it takes to set up.

In reality, that's how a lot of system services run in Windows. There's no real reason why they can't run with separate user credentials.

As for user applications, that is of course a different story.

0
1
Bronze badge

Re: Def; Well... it won't make the OS secure, but...

With Windows, it's comparatively simple. Use DCMCNFIG (or the equivilant command line tool) to set the permissions for the application.

With Linux and OSX it probably a little more complicated, but you can probably write your own file system.

0
3
Bronze badge

Re: Def; Well... it won't make the OS secure, but...

" When it gets an IO request have it check the application against allowed folders. If the request isn't in those folders, give a prompt"

And you think UAC is invasive? Ouch

0
0
Anonymous Coward

Re: how do I restrict an application

What purpose does the "existing file" bit serve? (Genuine question)

0
0
Vic
Silver badge

Re: OK now this isn't fair (again)

> how do I prevent an application that I run from reading/writing/deleting any of the files or

> directories I have access to?

Write a policy in SELinux. Tell the computer explicitly which files this application may use.

Vic.

0
0

Reflections on Trusting Trust

If you think this was the first computer virus, you need to read Ken Thompson's "Reflections on Trusting Trust":

http://cm.bell-labs.com/who/ken/trust.html

The date of the paper is 1984, but the antics Ken describes occurred many years before.

Steve.

2
1
Stop

Re: Reflections on Trusting Trust

I think that Von Neumann back in the 40's designed the first computer virus, Creeper was the first known virus in the wild as it spread via arpanet, Elk was the first PC virus "outside the lab", the article is a bit misleading (otherwise known as wrong).

2
1
Bronze badge

Re: Reflections on Trusting Trust

Not. A. Virus.

The Thompson attack was a combination of a multiple-part Trojan Horse and a Back Door. No virus was involved.

1
0
Bronze badge

Re: Reflections on Trusting Trust

Creeper was the first known virus...

Sigh. Also not a virus. Creeper was a worm.

1
1
FAIL

Re: Reflections on Trusting Trust

You're missing the point Wojcik, while we have better definitions now, back then when malware was in it's infancy the definitions were not as specific, and (as I pointed out) Von Neumann et al were defining things that didn't even exist!

Pluto is not one of our eight planets - but, 50 years ago it was a planet, it was the ninth planet.

Creeper may not be a "virus" by our modern definitions, but it certainly was (and the first known one).

0
0
WTF?

Dorian Gray all over again!

I cannot believe the guy in the pic a half-century old. Especially with the invention of viruses on his conscience.

I think his attic should be searched for a painting.

1
0

Re: Dorian Gray all over again!

Word on the street is that he's been hacking his own telomeres.

1
0
Holmes

+1 to that

Today, he reckons the industry has got its priorities wrong. “The anti-virus industry makes me sad,” he says. “We should build systems to be more resistant to computer viruses rather than have a multi-million dollar industry to do clean up."

6
0
Silver badge
Headmaster

Shome mishtake, surely?

Was this article written after a long Christmas lunch? It's peppered with mistakes:

"...if it’s mode of operation..." its

"...he doesn’t know who the teacher latched onto him..." how

"...thought of making this applications..." these applications/this application

"...he had access to mainframe..." a mainframe

"...I didn't want to own IBM PC..." an IBM PC

"...deemed worth of newspaper reports..." worthy

"...For the first ten years [Elk Cleaner] was a non event..." Elk Cloner

10
0

Re: Shome mishtake, surely?

""...For the first ten years [Elk Cleaner] was a non event..." Elk Cloner"

See what you mean, but just dismissed 'Elk Cleaner' as the name of the removal tool

0
0
Anonymous Coward

LOL - I remember when Brain made it to the BBc news...

[I was working as PC developer at the time]

When I saw my Mum the following day, she told me I had to stop programming computer at once, or *I* would get this virus, it just wasn't safe use computers any more...

I nearly wet myself laughing... :)

6
0
Anonymous Coward

Re: LOL - I remember when Brain made it to the BBc news...

When our mate bowled up one evening ranting that he "had caught a virus because his back door had been penetrated and he hadn't had proper protection", he must have been asking for the piss to be taken. I think he does it deliberately.

4
0
Joke

Re: LOL - I remember when Brain made it to the BBc news...

It is possible for a human to get infected with a computer virus. This explains why I get royally sick of the sight of them on a Friday afternoon, just before pub o'clock!

Colin

0
0
Paris Hilton

Cloner

For all his poetic abilities, he managed not to use the most hilarious word that rhymes with cloner.

3
0

Re: Cloner

Perhaps he already had one and it was getting in the way of his keyboard!

0
0
Devil

Hmmm how about the internal (to IBM) CHRISTMA EXEC (there must have been an 8 character limit somewhere) for the IBM/370? This was sent out just before Christmas in around 83 I think. It was a Rexx (/GDDM I believe) routine that would display on 3279 colour terminals. It had some nice Santa festive graphics but also had the little wheeze that it also read your PROFS/NOSS address book and sent itself to everyone in there from you. It very quickly brought the IBM SNA gateways to their knees, luckily everyone buggered off for the Christmas break and the IBM network admins were able to have a festive time flushing it out the queues while everyone else had better things to do.

1
0
Bronze badge

CHRISTMA EXEC was 1) not a virus (it was a Trojan Horse), and 2) distributed in '87, according to all the sources I have.

I missed it by that much - I started working for IBM, and got my PROFS account, early in January 1988.

1
0
Silver badge

First Money-making

I think dialers appeared before bank Trojans.

Reset your dial up networking to call an expensive number.

2
0
Happy

Stoned

This reminds me of the first and only computer virus I've had - "Stoned". It was quite harmless though.

0
0
Black Helicopters

Re: Stoned

I came to ask if anyone had seen "Your computer is now STONED!!" every few reboots way back in the day. :)

0
0
Boffin

Elk Cloner wasn't a boot sector virus

Mikko is wrong here - technically, Elk Cloner wasn't a boot sector virus. It was an OS infector. The virus didn't touch the boot sector. Instead, it modified the operating system (called, unimaginatively, DOS), which resided on the first 3 tracks of the floppy disk (after the boot sector). Unlike the MS-DOS, which resided in files (that had to be, however, in fixed places on the disk), the Apple ][ OS was not visible from the file system; it occupied whole disk tracks. There were some unused sectors on these tracks - this is where the virus put itself into, besides modifying a few instructions of the OS to make sure that its code was called. (There were legitimate - non-malicious - variants of the OS where the "unused" sectors were used to add various useful extensions to the operating system, like a line editor for the command line with command history. The virus would damage these if it managed to infect the disks containing them, but that wasn't really a problem, because these OS dialects appeared much later, when the virus was no longer widespread.)

The Multics cookie monster wasn't a virus, since it did not replicate itself. It was just a joke program or, with some stretch of imagination, a Trojan Horse.

The CHRISTMA EXEC can be called a virus (well, a worm really) only with some stretch of imagination, since it resided in a text script that the user was supposed to execute manually. That is, when you got it, and started viewing it, you saw at the beginning a bunch of commands for drawing a Christmas tree and some text that said "reading this is no fun at all, simply execute it" (not the exact wording). If you did execute it, some code at the end (which the sender hoped you didn't see after the many lines drawing the picture) re-sent the file to all your contacts (after drawing the promised picture). Kinda like the joke e-mail that said "Check if today is Friday the 13th., If it is, delete all your files. If not, forward this message to all your contacts."

And, of course, it wasn't a PC virus.

2
0
Facepalm

No mention of the Morris Worm?

How did this article miss mentioning the infamous Morris Worm? That came *well* before "Sasser, Blaster & Code Red" and deserves at least a passing mention. Crikey.

0
0
Linux

A secure operating system?

"To the author of ‪Elk Cloner‬, the first computer virus to be released outside of the lab, it’s sad that, 30 years after the self-replicating code's appearance, the industry has yet to come up with a secure operating system"

Ubuntu running off a USB device is as secure as it gets !

Creating a bootable Ubuntu USB flash drive

0
1
Bronze badge

Re: A secure operating system?

Ubuntu running off a USB device is as secure as it gets !

You failed to use the troll icon.

First: "Secure" is meaningless except in the context of a threat model and remediation parameters. You can only be "secure" against specific threats (classes of attacks), and then only against some level of expenditure by attackers. So "as secure as it gets" is as meaningless as calling it "the saltiest and most metaphysically nimble of OSes".

Second: There are operating systems which go far beyond the security architectures of any Unix-family OS. There are capability OSes; there are OSes which have formal proofs of their security models (as in Orange Book A-level certification).

1
0
Linux

Re: A secure operating system?

"You failed to use the troll icon."

At least when I reboot, there is nothing malevolent lurking in the Operating System. If you want to be totally paranoid then boot from a CD ...

0
0
Facepalm

Re: A secure operating system?

Massively helpful advice on a tech forum, Thank You.

0
0
Anonymous Coward

"And if it’s mode of operation sounds simple"...

...John Leyden is a dunce.

0
0
Anonymous Coward

Our prank and still works

Users do not follow procedure and lock their screen when leaving their desk for more than a few minutes

Snapshot their screen complete with wallpaper and icons and login box then set it as the background screen.

the sniggering in the IT room when users call is endless

1
0
Anonymous Coward

Re: Our prank and still works

Or there's the "upside-down screen" one.

2
0
Bronze badge
FAIL

Brain, a Windows virus?

Surely you're trying to troll us. Brain was a MS-DOS virus. It existed long before Windows did.

0
0

Page:

This topic is closed for new posts.