Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!thunder.mcrcim.mcgill.edu!snorkelwacker.mit.edu!paperboy!think.com!sdd.hp.com!zaphod.mps.ohio-state.edu!pacific.mps.ohio-state.edu!linac!att!cbnews!cbnews!military From: neufeld@helios.physics.utoronto.ca (Christopher Neufeld) Newsgroups: sci.military Subject: Excerpts from bit.listserv.virus-l Message-ID: <1991Jan22.022646.22830@cbnews.att.com> Date: 22 Jan 91 02:26:46 GMT Sender: military@cbnews.att.com (William B. Thacker) Organization: AT&T Bell Laboratories Lines: 157 Approved: military@att.att.com From: Christopher Neufeld Here are some excerpts from bit.listserv.virus-l which you might find interesting. Brutally edited from the digest. My apologies to Klaus Brunnstein and Rich Osman if the meaning is distorted in my editing of their words. The articles are archived for those people who want to read the original texts. VIRUS-L Digest Tuesday, 15 Jan 1991 Volume 4 : Issue 10 Date: 15 Jan 91 11:23:00 +0100 >From: Klaus Brunnstein Subject: (No) Viruses in Irak's EXOCET? French press and media reported in some details that computer viruses could be planted, either in advance or afterwards, in French EXOCET rockets to influence their performance. Following a report of the German Press Agency (dpa), German media (on Jan.11) were full of reports about "viruses in Hussein's rockets". According to dpa, (unnamed) French computer scientists said: - manufacturers of war material usually implant viruses in exported war electronics to provoke, after some time, faults and "profitable repair work"; - though Iraqi weapon computers are "hermetically cut-off from the outside world", computer viruses could be implanted e.g. via "weather data"; - moreover, the built-in computers contain programs which may be triggered remotely; the control system of EXOCET rockets could be switched off from French ships; As usual in events related to malicious code, truth is mixed up with misunderstandings, errors and impossibilities: - the implementation of weapon software makes self-reproducing programs (=viruses) impossible; moreover, it is very im- probable, that such systems may be (re-)programmed remotely; - on the other hand, other "malicious code" may well be present in weapon computers; at least in the test phase, rockets can be destroyed by triggering a self- destruct system remotely; because of the rule "never change a running program", such "backdoors" could survive the test version; Some interesting questions following from such "possibilities": - May Irak detect, influence or adapt such weapon software? - If French EXOCETs are remotely controllable: why did the French not warn their "friends" who suffered severe losses to EXOCETS? Have they at least now warned and properly equipped their allies in the Arabian desert? Postscriptum: computer "viruses" may nevertheless play a role in "Operation Desert Shield". There are (yet unconfirmed) news that several thousands PCs (5000?) have been infected by ordinary "computer viruses". ------------------------------ VIRUS-L Digest Wednesday, 16 Jan 1991 Volume 4 : Issue 11 Date: Tue, 15 Jan 91 09:06:43 -0600 >From: ROsman%ASS%SwRI05@D15VS178A.SPACE.SwRI.EDU Subject: Re: (No) Viruses in Irak's EXOCET? Klaus Brunnstein writes: > - manufacturers of war material usually implant viruses This is not very likely. Most modern defen(s|c)e contracts provide reliability targets which the contractor must warrant, or include maintenance to meet the goals. > - computer viruses could be implanted e.g. via "weather data" This is entirely concievable, but fairly unlikely. The coordination required to pull this off would be immense. > - moreover, the built-in computers contain programs which may > be triggered remotely; Same comment as previous paragraph. > - the implementation of weapon software makes self-reproducing > programs (=viruses) impossible; moreover, it is very im- > probable, that such systems may be (re-)programmed remotely; Not entirely correct. Weapons software is often incredibly complex. It also often loadable. I assume that you are assuming that it is ROM'd which is not neccessarily correct in newer, more complex sys- tems. The code is usually handled by fairly physically secure means, but anything is possible. > - on the other hand, other "malicious code" may well be > present in weapon computers; [destruct etc.] The self-destruct systems are usually seperate, independent systems, developed to be reliable, and, hence, simple. They are not present in production weapons. Maintenance modes/codes might fall into this category, but almost always require a hardware action to enable them (switch closure, special connector, etc.) for this very reason. [ But the two Patriot missiles which were fired accidentally last week were both aborted from the ground - Christopher ] > - French warships might remotely influence the > EXOCET control systems All within the realm of possibility, but logistically unlikely. More likely is that the French know well the weaknesses of the sensor sys- tems on their weapons, and can effectively exploit them. Ditto the British, US, and others. > - If French EXOCET rockets are remotely controllable: why did > the French not warn their "friends" who suffered severe > losses from EXOCETs? I we assume (dangerous) that the premise is correct, the French could not predict the USS Stark incident. Further there is a risk/return issue. To save British ships, the (postulated) secret would have to spread further, AND would eliminate the weapon as an option should Britain and France go head to head. Conservative military thinkers always strive to preserve options. Oz (Rich Osman, WB0HUQ) INTERNET: Oz@SwRI.edu (512) 522-5050 (w); (512) 699-1302 (h, merciless machine) (512) 522-2572 (just the fax) ------------------------------ --- End Excerpted Articles --- Christopher Neufeld....Just a graduate student | "Shtarker! Zis is KAOS! neufeld@helios.physics.utoronto.ca Ad astra! | Vee do not 'yippee yo cneufeld@{pnet91,pro-cco}.cts.com | kye aye' here!" "Don't edit reality for the sake of simplicity" | Siegfried of KAOS