back to article The 30-year-old prank that became the first computer virus

To the author of ‪Elk Cloner‬, the first computer virus to be released outside of the lab, it’s sad that, 30 years after the self-replicating code's appearance, the industry has yet to come up with a secure operating system. When Rich Skrenta, created Elk Cloner as a prank in February 1982, he was a 15-year-old high school …

COMMENTS

This topic is closed for new posts.
  1. AndrueC Silver badge
    Terminator

    I wrote a virus (no payload) for CP/M a long time back. I developed it on an Amstrad CPC though so spread would have been limited by the 3" disks it used. Also as this chap says the noise from the drive kind of gave the game away.

    Oh Gawd. I think I'm getting BDOS flashbacks now.

    1. Captain Scarlet Silver badge
      Flame

      O_O

      Did the virus do anything interesting?

      1. Anonymous Coward
        Anonymous Coward

        Re: Did the virus do anything interesting?

        What does "no payload" mean to you?

  2. Anonymous Coward
    Anonymous Coward

    I can claim the fist phishing then?

    Whilst studying computer science at a tech college in 1978; I accidentally found someone's user name and passwords in the bin; for pen-test reasons I obviously used these credentials to create a fake log-in screen on the Data General Eclipse computer, and logged-on with the fake log-in on each terminal in the computer room. (my phish just stole the victim user-id & pass - wrote to a file then 'crashed' the videoTTY and gave the user the genuine log-in screen. Luckily I didn't do anything bad with these evil-gotten gains and I did improve the security of DG as they had to re-write a bit of the OS to make the log-in screen to contain privileged features. I suppose my DDoS trojan was a bit iffy in terms of white-hat activities, but we're not celebrating trojan's birthday yet?

    1. AndrueC Silver badge
      Joke

      Re: I can claim the fist phishing then?

      Oh we had a couple of pranks at polytechnic in the 80s for our Unix system:

      If someone didn't use a password or left the console unattended we'd create the files '*' and '-rf' in the home directory.

      Send an email with ^S somewhere in it. That would drop the BBC Micros out of TTY mode and into BASIC. That could cause great confusion since most of the class were electrical engineers and not really programmers.

      Send an email with control characters that put the BBC into Mode 2.

      Best of all though was coordinating your builds with other people so that the Bleasdale fell over under the stress :)

      1. Anonymous Coward
        Anonymous Coward

        Re: I can claim the fist phishing then?

        Oh god, yes, I remember using the <esc>[4;1y sequence to force DEC serial terminals to power-cycle themselves, mostly via a Vax mainframe.

        There was one particularly annoying trekkie who wrote an awful DCL scripted "diary" system, who was always nagging people to use it, who logged usage to a file in his home directory (an early form of phoning home). If you used OPEN/APPEND to add to the file, the VMS user-accesible auditing for the file wouldn't show who modified it.. so he got rather a lot of hand crafted ascii animations of a a rather foul nature, which invariably ended with a terminal reset.

        (When time was pressing, he'd just get a complimentary copy of system STARLET libraries appended to it, to exhaust his quota).

        Fucker, teach him to nag people to use his crappy diary thing, and then try and log what they were doing :)

        1. Anonymous Coward
          Anonymous Coward

          Re: I can claim the fist phishing then?

          Remember when we started to get into email where I work (hi-tech company so should have known better) and Corporate IT decided to roll out an email system from HP which had this new idea of "attachements" that you could add to emails and from the email program you could go straight to viewing them in an application. Only problem was this was all running in the unix world and the attachements normally consistent of a lump of data and a shell script to start the appropriate program. I often wondered (but never did!) constructing an email with an attachment where the launch script was "cd $HOME; rm -rf"

        2. fajensen Silver badge
          Paris Hilton

          Re: I can claim the fist phishing then?

          ... which invariably ended with a terminal reset. One fondly remembers the Wyse 14-something TTY's, which had programmable parameters, which could be written using non-ascii control sequences, with no sanity checks nor any hardware interlocks -- so a "terminal reset" on the Wyse would be, to f.ex., Speak the magick Word of Power that setteth the line scan frequency to Zero on some lusers terminal .... BooM, smoke comes out, IT-gremlins pours forth, seeking warm flesh to prod.

          We had a skip of dead terminals right outside the building until we stopped replacing them!

      2. PC Paul
        Devil

        Re: I can claim the fist phishing then?

        "If someone didn't use a password or left the console unattended we'd create the files '*' and '-rf' in the home directory."

        It's always fun to create a file called 'readme.txt' containing 'readme.txt: File not found'

        I've watched people puzzle over that for ages...

        1. Anonymous Coward
          Anonymous Coward

          Re: I can claim the fist phishing then?

          > It's always fun to create a file called 'readme.txt' containing 'readme.txt: File not found'

          Similarly you can take a screen shot of the user's desktop, set that as the desktop background, and then move all their icons off screen...

        2. (AMPC) Anonymous and mostly paranoid coward
          Happy

          Re: I can claim the fist phishing then?

          My favorite was to go to an unattended (but logged in) DEC VT and change the users' login prompt to

          Console>

          Heh heh! Hours of fun.... and much more powerful and effective than a thousand "lock your terminal, you silly git" security reminders!

          Ah yes, those were the days,,,,,

    2. Anonymous Hero
      Thumb Up

      Re: I can claim the fist phishing then?

      I did more or less the same thing back in 1986 with the college VAX clone (a Systime 8750). The ops manager often used to login from one of two specific terminals in the student part of the "computer room" when the admin/ops office terminals were all taken.

      At lunch-time I rustled up a script to look like a VMS login and ran it on just enough terminals so as not to look suspicious if someone did a SHOW USERS. I hit the jackpot within 30 minutes when the sys admin username and password dropped into my mailbox.

      I had full access to that box for the next two years of my college life :)

  3. stu 4
    Gimp

    Geeks have macs too

    May this finally sound as a death nell to the 'form over function' and geeks use PCs/linux pish...

    you don't get more geeky than the first virus creator!

    -a fellow (mac owning) geek

    1. Code Monkey
      Facepalm

      Re: Geeks have macs too

      PCs had only just launched. Linux was years away.

      These may have beeen factors in the virus author's choosing a Mac.

      1. stu 4
        Gimp

        Re: Geeks have macs too

        er - I was referring to the fact he says he now uses macs, not PCs (or linux).

        An Apple II, is a 'II' not a mac...

    2. Anonymous Coward
      Anonymous Coward

      Re: Geeks have macs too

      "May this finally sound as a death nell to the 'form over function' and geeks use PCs/linux pish..."

      This will probably be amusing to the fanboys out there, but I hang out in #android-dev on IRC and the general consensus in there is that most of the Google Android Devs use Macs, certainly a lot of the regulars and most knowledgeable chatters in there do.

      Personally I fall into the Linux camp, but meh... I think programmers don't mind any *nix based OS. Windows is seriously lacking in any kind of real tools, by that, I mean all the CLI magic that comes with any Linux install - presumably Macs too. Fun stuff like grep, awk, sed etc.

      I realise you can get the GNU tools for Windows, but like git says if you run it in cmd.exe or PowerShell: 'terminal is not fully functional'. No kidding.

      1. Robert Helpmann?? Silver badge
        Childcatcher

        Re: Geeks have macs too

        Personally I fall into the Linux camp... Windows is seriously lacking in any kind of real tools

        When I read the first bit, I already knew how the rest was going to go. It sounds to me like you have a nail (*NIX programming problem) and want to convince the rest of the world that the only tool to get any job done is a hammer. Sometimes, a screwdriver is called for (e.g. when working on Windows). Sounds to me that you would rather be hammered than screwed, but it all comes down to personal preference in my book.

        As it happens, I have done plenty of scripting for UNIX and Windows- based systems. I really don't care which I am working in as long as I get paid for the work. I am lucky that I happen to enjoy both, but what really matters is that I can get the job done whichever is called for.

        1. Anonymous Coward
          Anonymous Coward

          Re: Geeks have macs too

          Ah, my dear Robert. With the right pair of eyes, everything is a UNIX programming problem.

        2. Anonymous Coward
          Anonymous Coward

          Re: Geeks have macs too

          " I really don't care which I am working in as long as I get paid for the work."

          That is what separates us, I also enjoy the work and do it in my spare time - where I choose to use Linux. I use Windows for work, but my argument is about CLI tools - if you really think cmd.exe or powershell is anywhere near as powerful as bash, you're sadly ignorant or a fanboy.

          But my point is, Windows comes with nothing to support development out of the box. For example, diff to compare two files, what if you want to find all files that reference a certain class: Linux: "grep -rl "ClassName" /path/i/want/to/search/". Need to test a server side web script is behaving properly? wget or curl etc. where is all this on Windows? Where is even simple stuff like whois? etc. All of that is part of a base Linux install.

          I have nothing against Windows, but I stand by my point, it doesn't compare to Linux/*nix based OSs when it comes to development. Even when I'm developing on Windows, I have a Linux terminal open for stuff like above and using git. (Linux doesn't care that it's .NET source, even if you do).

          "want to convince the rest of the world that the only tool to get any job done is a hammer"

          I couldn't really care what anyone else uses, if you want to get offended and ignore what could possibly aid your job with comments about hammers and nails, that's up to you.

          1. Robert Helpmann?? Silver badge
            Childcatcher

            Re: Geeks have macs too

            if you really think cmd.exe or powershell is anywhere near as powerful as bash, you're sadly ignorant or a fanboy.

            Neither, really. I use what I can and have no qualms about pulling in whatever I need... within the confines of what I am allowed to. Likewise, no matter how robust the base tool set, I think most *NIX admins will likewise download and install 3rd party tools when they feel the need.

            I understand that we approach this from different angles, but there are many instances in which the person working on a machine does not have the luxury of pulling whatever tools he or she prefers. In other words, using bash or another shell or tool set is not always allowed by policy.

            But my point is, Windows comes with nothing to support development out of the box.

            This is a gross exaggeration. Though I am happy to agree that the base UNIX command set is more powerful than what has been available to Windows admins, I have been able to accomplish plenty with baseline Windows tools, including automating process administration on *NIX boxes. I have not had enough experience with PowerShell to have an informed opinion (though this will change soon). I do know, however, that it is designed for handling Windows admin tasks. I doubt there will be much call to add this ability to bash or any other *NIX tool set, though I might be proved wrong.

            I couldn't really care what anyone else uses, if you want to get offended and ignore what could possibly aid your job with comments about hammers and nails, that's up to you.

            Please don't be so thin-skinned as to confuse humor (no matter how thin it might be) with offense. Obviously, you have different uses for whichever shell you use than I have had. I suspect if I did web development, I would use some version of Linux, but that is not my current gig. When I have had to manage *NIX systems in the past, I preferred to use bash. As I currently have to manage Windows systems, I use the Windows command line. My point is that you should use the right tools for the job. You seem to be saying that you have found the right tool and, lo, it is *NIX and its tools.

            1. Bernard M. Orwell Silver badge

              Re: Geeks have macs too

              Guess you *nix boys haven't realised that just about every single tool for *nix has been recreated on windows these days? I see you cite grep as a favourite... well.... Here we go...

              http://gnuwin32.sourceforge.net/packages/grep.htm

              That'll be Grep for windows by GNU then, right there. Few minutes of google searching finds just about every *nix tool you like for Windows, and they will all happily run under PowerShell giving me a very nice, integrated dev. environment.

              Having trouble finding AD for *nix however, unless I'm prepared to hack it around with Samba in a very specific Ubuntu build.

              Yeah, I'll stick with windows I think. Ta.

              1. Anonymous Coward
                Anonymous Coward

                Re: Geeks have macs too

                "Guess you *nix boys haven't realised that just about every single tool for *nix has been recreated on windows these days? I see you cite grep as a favourite... well.... Here we go..."

                Umm, yes, I said so in my post: "I realise you can get the GNU tools for Windows"

                That doesn't change the fact you're running it in a half baked "terminal". Neither cmd.exe nor powershell support multi-tasking, neither notify running applications of window resizes, cmd.exe can't even grow greater than 80 characters and powershell still won't full maximize (why?).

                That's not even getting onto the joke that is copy & paste - I mean "mark" mode. For example, if git reports a changed file a few directories deep, because of said window size limit, the filename wraps, can you select it? No, you can't select from mid one line to the start of the line below, you have to take all of both lines to a text editor, and then select what you want.

                You've clearly never used a Linux terminal and you're clearly very defensive of Windows, I can't see why else you're trying to bring AD into a client-side development tools discussion. Obviously if you need AD, then Linux on the server isn't for you, but alas, that's not what we're talking about. Try Linux some time, at the very worst it'll expand your experience.

                1. foxyshadis

                  Re: Geeks have macs too

                  See, the ignorance always comes out when you press for details.

                  Can't grow beyond 80 chars? You've really never seen the command window properties? It works almost exactly the same way as in *nix shells! No multitasking? The whole OS does multitasking and cmd automatically runs any windowed program or service in the background, or you can use start.exe to start a commandline script or program in the background, or you can start multiple cmd windows if you need multiple things done in the foreground. And all of that has been around since WinNT.

                  Before slagging off on something you're ignorant about, at least try to find out if you're wrong first.

                  But I will accept that the copy-paste behavior sucks.

                  1. Anonymous Coward
                    Anonymous Coward

                    Re: Geeks have macs too

                    "You've really never seen the command window properties?"

                    Fair enough, you have to mess about in some properties dialog instead of the system default maximize button umm, maximizing the window. I'm guessing you have to keep going into properties to maximize to different resolutions on different monitors all the time, convenient. But this is what I mean by a half baked terminal - why can't it detect the screen resolution and adjust accordingly, why is it a manual job?

                    "The whole OS does multitasking and cmd automatically runs any windowed program or service in the background"

                    I'm talking about terminal multitasking, as in "copy file1 file2", send to background, "copy file3 file4" send to background in a single terminal instance. I realise in Windows you don't really get terminal applications like irssi, finch, elinks and such so it's probably not that obvious that it's missing if you're only launching GUI apps from it. Also, go lookup 'screen' if you want to see silly powerful terminal multitasking - that is also where you'll notice the lack of window resize messages.

        3. Anonymous Coward
          Anonymous Coward

          Re: Nail and hammer

          Sure, scripting and or using the CLI of windows quite possible although somewhat more painful than other OSes. However, most Windows admins do not write a script when they need to automate something, they usually go out and buy a new program that does lots of cool things.

    3. Norman Hartnell
      Headmaster

      Re: Geeks have macs too

      "May this finally sound as a death nell"

      That'll be a a "death knell".

      1. Dire Criti¢
        Headmaster

        Re: Geeks have macs too

        Just one of many syntax errors and typos in the article. :(

  4. TRT Silver badge

    Ah... valve radios...

    where the slightest slip would melt the end of your screwdriver.

    1. Karl H

      Re: Ah... valve radios...

      ahh valve equipment , and CRT's , that selected only the fittest electronics engineers to carry on working on them by frying the ones too stupid and not biologically resistant enough to survive a few KV across the old ticker. (heart)

    2. Anonymous Coward
      Anonymous Coward

      Re: Ah... valve radios...

      I used to have a bare chassis on my desk, reaching over it to get a book I would occasionally brush my forearm against the top of the output transformer. :-)

      1. TRT Silver badge

        Re: Ah... valve radios...

        Gave you the only thrill of the day, eh?! ;)

      2. cosymart
        Happy

        Re: Ah... valve radios...

        Could never quite figure out why the frame of early TVs was at HT+ and the frame of the almost touching (most of the time) oscilloscope was grounded. Managed to take out the entire floor of the lab I was working in once, as well as a large chunk of both aluminium frames :-)

        Never was the "sparky" nickname so apt :-)

        1. Vic

          Re: Ah... valve radios...

          > Could never quite figure out why the frame of early TVs was at HT+

          TVs generally didn't have an isolating transformer on the input - they just rectify the mains.

          If you look at the configuration of a bridge rectifier, during the positive half-cycle of the mains, the chassis/0V rail will be connected to the neutral line by way of a diode - leaving it at 0V or thereabouts. But during the negative half-cycle, it's connected to the live by way of a diode. Thus during that half-cycle, you've got mains on the chassis.

          Vic.

  5. J. R. Hartley Silver badge
    Thumb Down

    You lost me at...

    Apple II... dominent home computer.

    1. Dave 126 Silver badge

      Re: You lost me at...

      Hehe.... This, from the preface to a summary of the Apple II, and its competitors the PET and TRS 80.:

      I was convinced that the Apple II was the best, and even when there were certain clear advantages in the IBM PC platform regarding memory, processor speed, and volume of available software, I stubbornly held to my bias (after all, I had a lot of knowledge and money invested in the Apple II and did not care to change to something I didn’t know as well). This kind of attitude was the source of many of the computer “religious” wars of the 1970s and 1980s

      -http://apple2history.org/2010/10/25/the-competition-part-2/

    2. Giles Jones Gold badge

      Re: You lost me at...

      Apple claimed to be the first to sell a million despite Commodore's Vic 20 getting there first.

  6. Rodrigo Valenzuela
    Stop

    "Brain" worked on DOS, not Windows

    R

  7. Pete 2 Silver badge

    The Multics cookie monster

    > created Elk Cloner as a prank in February 1982

    Ahem, in the late 70's (possibly earlier, but that's when I first encountered it) there was a "daemon" running around on Multics systems. Briefly, if you became it's lucky victim, it would take over your console and type up

    I wanna cookie

    on your screen (yes, we did have VDUs back then). Typing "cookie" would get it to go away for a while. Telling it to 'koff would get your session terminated (logged out). From what I recall it was written in PL/1 and was only a couple of pages of lineprinter paper.

    Oh and BTW:

    > the industry has yet to come up with a secure operating system.

    It's not just the O/S that needs to be secure (and there are secure ones around), but the way it's used needs to be secure, too. That's the real problem

    1. Anonymous Coward
      Anonymous Coward

      cookie

    2. Anonymous Coward
      Anonymous Coward

      Re: The Multics cookie monster

      Hey another Multician :)

      Multics was a bit more a challenge to hack (it has a B2 security rating), but it too was vulnerable to the fake login screen. Yes.. you were MEANT to press the BREAK key to disconnect the terminal and reconnect, but if people saw the login prompt there they would happily type in their username and password. As a bunch of students we built quite a sophisticated application for emulating many different local systems. It took a while before we got rumbled, but back in the 1980s this sort of thing wasn't illegal, just a bit naughty.

      One interesting security flaw in Multics was something called the subsystem usage tables. Basically, if you went into one of the more heavyweight applications such as email or the online conferencing system ("forum") then the user's name would be recorded in these publicly-accessible tables. At this point we had acquired a large quantity of Eastern European floppy disks we wanted to sell, so we scraped the subsystem usage tables for email addresses and spammed the entire university. Needless to say, everybody was annoyed by this but spam wasn't well known in the 1980s and nobody was sure exactly what we did wrong.

      The most stupid hack we tried on Multics was also the simplest - the terminals in the labs were arranged back-to-back, so you could position yourself facing an unused terminal and swap the keyboard over. As that user typed in their username and password into what they thought was THEIR keyboard, you were logging it in EMACS and echoing it by typing on the keyboard in front of you (connected to the OTHER terminal). Because mainframes can get horribly laggy under load, it was actually a fairly successful technique for a while.

      So yes, Multics is this fundamentally pretty secure OS. But you could still do a bit of low-tech hacking, back in the days when it was almost acceptable to give it a go..

    3. Michael Wojcik Silver badge

      Re: The Multics cookie monster

      The Multics Cookie Monster was not a virus, so for the purposes of the "first virus" title (ostensibly the point of this article) it's irrelevant that it predated Elk Cloner.

      According to Gene Spafford, the term "virus" for computer malware actually dates back to the early '70s and a science-fiction story by David Gerrold - though the software Gerrold describes actually functions as a worm. (An infected machine demon-dials numbers until it connects to another computer, then "infects" it with a copy of VIRUS. I don't think Gerrold tried to explain the infection mechanism in any greater detail.)

      John Brunner is often given credit for introducing the concept of worm malware in The Shockwave Rider (1975), though per the above one could argue that Gerrold got there first - albeit in much less detail. Brunner used the term "tapeworm".

      Many people cite the 1988 Morris worm as the first worm malware actually seen in the wild.

      But long before the Morris worm, or even Shockwave Rider's theoretical presentation of the idea, there was the Thomas Creeper - a worm that was first spotted infecting Tenex systems in 1971. Some sources (eg the always-reliable Wikipedia) claim Creeper was the "first virus", but it too doesn't deserve that title if we stick to the usual technical definition of that term.

    4. J.G.Harston Silver badge

      Re: The Multics cookie monster

      +1 to that.

      A couple of weeks ago my graphics card died, I took my PC into the local shop to have the card replaced. On booting it up and logging on the shoppie said: but you haven't got admin settings, you won't be able to change anything on your computer like that. Well, duh, exactly! If I want to do *administration* I log on as an *administrator*. Frighteningly, loads of computers are sold with the default configuration being a single admin user for general-pupose tasks.

      Every time I hear something along the lines of "my kids have accessed my email account" my only thought is: why the hell did you give them your logon details you d***head.

      1. nuked

        Re: The Multics cookie monster

        You took it to a shop?

  8. Gordon Fecyk
    WTF?

    OK now this isn't fair (again)

    it’s sad that, 30 years after the self-replicating code's appearance, the industry has yet to come up with a secure operating system.

    To draw yet another automobile parallel, we've had seat-belt legislation since 1968. Yet there are enough stupid drivers who get killed in a collision when they could've been saved wearing a seat belt.

    If you're a strict Windows user, you had a choice since 1999 to run a secure OS. The choice was forced onto you in 2007. If you chose to turn it off, that's not Microsoft's fault.

    Maybe John Leyden still runs Windows 98. Or MacOS 9.

    1. Def Silver badge

      Re: OK now this isn't fair (again)

      Windows isn't a secure OS. Neither is Linux, nor Mac OS. Not by a long way.

      Without spending a million years configuring any of the above, how do I prevent an application that I run from reading/writing/deleting any of the files or directories I have access to? Or to put it another way, how do I restrict an application from accessing anything on my file system outside it its own directories, except for explicitly when I allow it by asking it to open a file?

      1. Daniel Harris 1
        Thumb Up

        Re: OK now this isn't fair (again)

        Well..."Metro" (Windows 8/Modern UI) apps in Windows 8 achieve that, one of the advantages of the new apps. People do tend to overlook this as an advantage, also means when you uninstall an app you can do it in two clicks and all remenants should be removed from your system.

        Of course many of them use cloud services so it's another issue if you aren't fond of the cloud.

      2. Pookietoo

        Re: how do I restrict an application

        Create a user to run the application as, and restrict that user's rights - simples.

        1. Def Silver badge

          Re: how do I restrict an application

          "Create a user to run the application as, and restrict that user's rights - simples."

          Yes, hence my comment about taking a million years. Creating a new user account for every application you run can be done, but in reality you're not going to waste the time it takes to set up. Additionally, with almost every application you run, ultimately you do want them to access *some* of your files, or at least one or two specific files - ie the ones you currently want to view/print/edit/etc. Having to change access rights for specific files on the fly for specific users/applications just isn't practical.

          1. Anonymous Coward
            Anonymous Coward

            Re: how do I restrict an application

            > Creating a new user account for every application you run can be done, but in reality you're not going to waste the time it takes to set up.

            In reality, that's how a lot of system services run in Linux. There's no real reason why they can't run with separate user credentials.

            As for user applications, that is of course a different story.

            1. david 12 Bronze badge

              Re: how do I restrict an application

              > Creating a new user account for every application you run can be done, but in reality you're not going to waste the time it takes to set up.

              In reality, that's how a lot of system services run in Windows. There's no real reason why they can't run with separate user credentials.

              As for user applications, that is of course a different story.

          2. Pookietoo

            Re: how do I restrict an application

            useradd new-user

            passwd new-user

            chgrp new-user existing-file

            chmod g+rw existing-file

            su new-user

            [install the app as new-user]

            logout

            chmod u+s new-app-exe

            Now you can run the app, and it will run as the user you created. How long do you think that takes?

            1. Anonymous Coward
              Anonymous Coward

              Re: how do I restrict an application

              What purpose does the "existing file" bit serve? (Genuine question)

      3. asdf Silver badge

        Re: OK now this isn't fair (again)

        Look into SELinux or App Armor in the unix world to accomplish this. Its a shedload of work and honestly more often than not it ends up taking a long time to both lock down the system properly (unless you just use common packages on most distros that include the configs already) and allow all software to work correctly but if you are willing to put in the effort its out there. The other advantage is it allows denying improper access to a lot more than just the file system which is what is needed for true security.

      4. ElReg!comments!Pierre Silver badge

        Re: OK now this isn't fair (again)

        > how do I restrict an application from accessing anything on my file system outside it its own directories

        Chroot or jail (but you have to put the files you need it to open in there of course)

      5. MDevonB
        Windows

        Re: Def; Well... it won't make the OS secure, but...

        With Linux, it's comparatively simple. Take the source code for your preferred file system driver. When it gets an IO request have it check the application against allowed folders. If the request isn't in those folders, give a prompt. If permission is denied, give a file not found. With Windows and OSX it's probably a little more complicated, but you can probably make a filter driver which filters the IO requests.

        Which will make a nice secure file-system, and leave everything else (read: enough) insecure. Might give this a shot at some point actually. Seems like a nice first step into driver programming and secured databases.

        1. david 12 Bronze badge

          Re: Def; Well... it won't make the OS secure, but...

          With Windows, it's comparatively simple. Use DCMCNFIG (or the equivilant command line tool) to set the permissions for the application.

          With Linux and OSX it probably a little more complicated, but you can probably write your own file system.

        2. Adam 1 Silver badge

          Re: Def; Well... it won't make the OS secure, but...

          " When it gets an IO request have it check the application against allowed folders. If the request isn't in those folders, give a prompt"

          And you think UAC is invasive? Ouch

      6. J.G.Harston Silver badge

        Re: OK now this isn't fair (again)

        How does the subsystem tell the difference between:

        filename=FileOpenDialog()

        handle=fopen(filename)

        and

        filename="embeddedstring"

        handle=fopen(filename)

        ?

      7. Vic

        Re: OK now this isn't fair (again)

        > how do I prevent an application that I run from reading/writing/deleting any of the files or

        > directories I have access to?

        Write a policy in SELinux. Tell the computer explicitly which files this application may use.

        Vic.

    2. Velv Silver badge
      FAIL

      Re: OK now this isn't fair (again)

      Define "secure"...

      Windows NT4 was classed as "Secure" by the US Department Of Defence - until you installed a network card.

      So "secure" is only the parameters you measure it against.

      So all, and none, of the current mainstream OS's are secure.

  9. mordac

    Reflections on Trusting Trust

    If you think this was the first computer virus, you need to read Ken Thompson's "Reflections on Trusting Trust":

    http://cm.bell-labs.com/who/ken/trust.html

    The date of the paper is 1984, but the antics Ken describes occurred many years before.

    Steve.

    1. No, I will not fix your computer
      Stop

      Re: Reflections on Trusting Trust

      I think that Von Neumann back in the 40's designed the first computer virus, Creeper was the first known virus in the wild as it spread via arpanet, Elk was the first PC virus "outside the lab", the article is a bit misleading (otherwise known as wrong).

      1. Michael Wojcik Silver badge

        Re: Reflections on Trusting Trust

        Creeper was the first known virus...

        Sigh. Also not a virus. Creeper was a worm.

        1. No, I will not fix your computer
          FAIL

          Re: Reflections on Trusting Trust

          You're missing the point Wojcik, while we have better definitions now, back then when malware was in it's infancy the definitions were not as specific, and (as I pointed out) Von Neumann et al were defining things that didn't even exist!

          Pluto is not one of our eight planets - but, 50 years ago it was a planet, it was the ninth planet.

          Creeper may not be a "virus" by our modern definitions, but it certainly was (and the first known one).

    2. Michael Wojcik Silver badge

      Re: Reflections on Trusting Trust

      Not. A. Virus.

      The Thompson attack was a combination of a multiple-part Trojan Horse and a Back Door. No virus was involved.

  10. Marvin the Martian
    WTF?

    Dorian Gray all over again!

    I cannot believe the guy in the pic a half-century old. Especially with the invention of viruses on his conscience.

    I think his attic should be searched for a painting.

    1. Palf

      Re: Dorian Gray all over again!

      Word on the street is that he's been hacking his own telomeres.

  11. Parax
    Holmes

    +1 to that

    Today, he reckons the industry has got its priorities wrong. “The anti-virus industry makes me sad,” he says. “We should build systems to be more resistant to computer viruses rather than have a multi-million dollar industry to do clean up."

  12. Kubla Cant Silver badge
    Headmaster

    Shome mishtake, surely?

    Was this article written after a long Christmas lunch? It's peppered with mistakes:

    "...if it’s mode of operation..." its

    "...he doesn’t know who the teacher latched onto him..." how

    "...thought of making this applications..." these applications/this application

    "...he had access to mainframe..." a mainframe

    "...I didn't want to own IBM PC..." an IBM PC

    "...deemed worth of newspaper reports..." worthy

    "...For the first ten years [Elk Cleaner] was a non event..." Elk Cloner

    1. The Serpent

      Re: Shome mishtake, surely?

      ""...For the first ten years [Elk Cleaner] was a non event..." Elk Cloner"

      See what you mean, but just dismissed 'Elk Cleaner' as the name of the removal tool

  13. Anonymous Coward
    Anonymous Coward

    LOL - I remember when Brain made it to the BBc news...

    [I was working as PC developer at the time]

    When I saw my Mum the following day, she told me I had to stop programming computer at once, or *I* would get this virus, it just wasn't safe use computers any more...

    I nearly wet myself laughing... :)

    1. Anonymous Coward
      Anonymous Coward

      Re: LOL - I remember when Brain made it to the BBc news...

      When our mate bowled up one evening ranting that he "had caught a virus because his back door had been penetrated and he hadn't had proper protection", he must have been asking for the piss to be taken. I think he does it deliberately.

    2. Colin Brett
      Joke

      Re: LOL - I remember when Brain made it to the BBc news...

      It is possible for a human to get infected with a computer virus. This explains why I get royally sick of the sight of them on a Friday afternoon, just before pub o'clock!

      Colin

  14. andy k O'Croydon
    Paris Hilton

    Cloner

    For all his poetic abilities, he managed not to use the most hilarious word that rhymes with cloner.

    1. Mr_Blister

      Re: Cloner

      Perhaps he already had one and it was getting in the way of his keyboard!

  15. spold Bronze badge
    Devil

    Hmmm how about the internal (to IBM) CHRISTMA EXEC (there must have been an 8 character limit somewhere) for the IBM/370? This was sent out just before Christmas in around 83 I think. It was a Rexx (/GDDM I believe) routine that would display on 3279 colour terminals. It had some nice Santa festive graphics but also had the little wheeze that it also read your PROFS/NOSS address book and sent itself to everyone in there from you. It very quickly brought the IBM SNA gateways to their knees, luckily everyone buggered off for the Christmas break and the IBM network admins were able to have a festive time flushing it out the queues while everyone else had better things to do.

    1. Michael Wojcik Silver badge

      CHRISTMA EXEC was 1) not a virus (it was a Trojan Horse), and 2) distributed in '87, according to all the sources I have.

      I missed it by that much - I started working for IBM, and got my PROFS account, early in January 1988.

  16. Tom 35 Silver badge

    First Money-making

    I think dialers appeared before bank Trojans.

    Reset your dial up networking to call an expensive number.

  17. Hyper72
    Happy

    Stoned

    This reminds me of the first and only computer virus I've had - "Stoned". It was quite harmless though.

    1. foxyshadis
      Black Helicopters

      Re: Stoned

      I came to ask if anyone had seen "Your computer is now STONED!!" every few reboots way back in the day. :)

  18. Dr. Vesselin Bontchev
    Boffin

    Elk Cloner wasn't a boot sector virus

    Mikko is wrong here - technically, Elk Cloner wasn't a boot sector virus. It was an OS infector. The virus didn't touch the boot sector. Instead, it modified the operating system (called, unimaginatively, DOS), which resided on the first 3 tracks of the floppy disk (after the boot sector). Unlike the MS-DOS, which resided in files (that had to be, however, in fixed places on the disk), the Apple ][ OS was not visible from the file system; it occupied whole disk tracks. There were some unused sectors on these tracks - this is where the virus put itself into, besides modifying a few instructions of the OS to make sure that its code was called. (There were legitimate - non-malicious - variants of the OS where the "unused" sectors were used to add various useful extensions to the operating system, like a line editor for the command line with command history. The virus would damage these if it managed to infect the disks containing them, but that wasn't really a problem, because these OS dialects appeared much later, when the virus was no longer widespread.)

    The Multics cookie monster wasn't a virus, since it did not replicate itself. It was just a joke program or, with some stretch of imagination, a Trojan Horse.

    The CHRISTMA EXEC can be called a virus (well, a worm really) only with some stretch of imagination, since it resided in a text script that the user was supposed to execute manually. That is, when you got it, and started viewing it, you saw at the beginning a bunch of commands for drawing a Christmas tree and some text that said "reading this is no fun at all, simply execute it" (not the exact wording). If you did execute it, some code at the end (which the sender hoped you didn't see after the many lines drawing the picture) re-sent the file to all your contacts (after drawing the promised picture). Kinda like the joke e-mail that said "Check if today is Friday the 13th., If it is, delete all your files. If not, forward this message to all your contacts."

    And, of course, it wasn't a PC virus.

  19. Klek
    Facepalm

    No mention of the Morris Worm?

    How did this article miss mentioning the infamous Morris Worm? That came *well* before "Sasser, Blaster & Code Red" and deserves at least a passing mention. Crikey.

  20. Anonymous Coward
    Linux

    A secure operating system?

    "To the author of ‪Elk Cloner‬, the first computer virus to be released outside of the lab, it’s sad that, 30 years after the self-replicating code's appearance, the industry has yet to come up with a secure operating system"

    Ubuntu running off a USB device is as secure as it gets !

    Creating a bootable Ubuntu USB flash drive

    1. Michael Wojcik Silver badge

      Re: A secure operating system?

      Ubuntu running off a USB device is as secure as it gets !

      You failed to use the troll icon.

      First: "Secure" is meaningless except in the context of a threat model and remediation parameters. You can only be "secure" against specific threats (classes of attacks), and then only against some level of expenditure by attackers. So "as secure as it gets" is as meaningless as calling it "the saltiest and most metaphysically nimble of OSes".

      Second: There are operating systems which go far beyond the security architectures of any Unix-family OS. There are capability OSes; there are OSes which have formal proofs of their security models (as in Orange Book A-level certification).

      1. Anonymous Coward
        Linux

        Re: A secure operating system?

        "You failed to use the troll icon."

        At least when I reboot, there is nothing malevolent lurking in the Operating System. If you want to be totally paranoid then boot from a CD ...

        1. nuked
          Facepalm

          Re: A secure operating system?

          Massively helpful advice on a tech forum, Thank You.

  21. Anonymous Coward
    Anonymous Coward

    "And if it’s mode of operation sounds simple"...

    ...John Leyden is a dunce.

  22. Anonymous Coward
    Anonymous Coward

    Our prank and still works

    Users do not follow procedure and lock their screen when leaving their desk for more than a few minutes

    Snapshot their screen complete with wallpaper and icons and login box then set it as the background screen.

    the sniggering in the IT room when users call is endless

    1. Anonymous Coward
      Anonymous Coward

      Re: Our prank and still works

      Or there's the "upside-down screen" one.

  23. RAMChYLD
    FAIL

    Brain, a Windows virus?

    Surely you're trying to troll us. Brain was a MS-DOS virus. It existed long before Windows did.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019