Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!sdd.hp.com!zaphod.mps.ohio-state.edu!unix.cis.pitt.edu!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: lan@bucsf.bu.edu (Larry Nathanson) Newsgroups: comp.virus Subject: Re: Hardware damage? Message-ID: <0003.9102081853.AA00397@ubu.cert.sei.cmu.edu> Date: 7 Feb 91 08:05:30 GMT Sender: Virus Discussion List Lines: 40 Approved: krvw@sei.cmu.edu While the existance of the HCF assembly command (Halt and Catch Fire) has been debated, :-) I seem to remember a discussion similar to this. I believe the basic conclusion was that it is impossible to damage the CPU itself through programming. However, peripherals remain very vulnerable- if you take a standard hard drive, and drag the R/W head across the media 4 or 5 thousand times, it can't be good. While it is unlikely that any user would allow the machine to sit there grinding for several hours, it is possible to write to virus to add 2 or 3 full head sweeps to each disk access. This would slightly slow up the response time of the drive, and might make it wear out much faster. I saw a computer anecdote about some guys who had access to a printer where imprints of the letters were layed out sequentially along a linked chain. The chain spun laterally in front of 80 hammers, which would strike, when the right character was in the right position. These fellows found out the sequence of the letters, and attempted to send that string to this printer to see what would happen. They said that there were finding parts of the printer in the corners for many months. If one were to come up with a well sequenced access drive request, timed with the drive speed, and in sync with the sector interleave, a similar effect might be possible. However, as in the story, much advance knowledge about the hardware is necessary. Unless the hardware configuration is VERY public, it would almost have to be an inside job. Writing enough code to screw with every HD, and every printer around would make the virus big enough to be easily detected. I think there may be ways to screw with the refresh rate of certain brand monitors, but again- that requires inside knowledge- then there is no reason to use viral propagation- a trojan horse will do fine. - --Larry - -- // Larry Nathanson . 726 Comm Av #5J . Boston, MA 02215 . 617 266 7419 \\ I've heard they just built a tunnel from England to France. The French drive on the right hand side, the English on the left. Can they save money by building only one lane?