Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!ukma!rutgers!mcnc!thorin!unc!bell From: bell@unc.cs.unc.edu (Andrew Bell) Newsgroups: comp.sys.amiga Subject: Re: The ultimate fix!!! Message-ID: <4241@thorin.cs.unc.edu> Date: 16 Sep 88 19:23:26 GMT References: <681@zehntel.UUCP> <3084@hermes.ai.mit.edu> <4197@thorin.cs.unc.edu> <599@accelerator.eng.ohio-state.edu> <378@uwslh.UUCP> Sender: news@thorin.cs.unc.edu Reply-To: bell@unc.UUCP (Andrew Bell) Organization: University Of North Carolina, Chapel Hill Lines: 41 In article <378@uwslh.UUCP> lishka@uwslh.UUCP (Fish-Guts) writes: >In article <599@accelerator.eng.ohio-state.edu> mills@phao.eng.ohio-state.edu (Christopher Mills) writes: >>In article <4197@thorin.cs.unc.edu> bell@unc.UUCP (Andrew Bell) writes: >>>[Regarding my idea of creating animated boot block code...] >>[Mr. Mills's comments] > No no no no no.... You missed his point, which I thought went >something like "stick some hard to reproduce animation code, encoded >in some fashion, in the boot block. When the machine starts up, the >cute animation code would run to tell you everything was fine." At >least that is how I interpreted it. > The problem is this cute animation code could be duplicated. >Let's face it...viruses will always be around. The only thing to do >is ignore the viruses and their creators. There is no miracle cure. If the code is large enough, the boot block can be filled, and thus there is no room for a virus as well as the nifty animation/music/whatever. Also, if there are dozens of different boot blocks around, virii could only propogate to disks containing one type of boot block without being spotted. It might be possible for virii to move the nifty code out of the boot block and execute it after it's done its dirty work, but a virus that can do all that's necessary should be hard to fit in 1k, especially if the boot block codes check to see if they are in the boot block. A potential problem would be that virus authors could advertize virii as boot block codes, and infect people by what they thought were vaccines... People could also create non-viruses that make one more susceptible to virii, by being small enough (or rewritable as smaller) so that real viruses can pose as this non-virus and have plenty of room for the rest of their dirty work. Sort of the AIDS of the computer world, making one more susceptible to infection... Another thing you could do with boot block codes is create one that switches booting to your hard disk; put this on every disk and you don't need to take them out to warm reset, and you don't perceptibly use up space on the disk. -Andrew Bell The Schizophrenic Grad Student bell@cs.unc.edu acb@cs.duke.edu