Path: utzoo!attcan!uunet!husc6!mailrus!tut.cis.ohio-state.edu!ucbvax!PSUVM.BITNET!ART100
From: ART100@PSUVM.BITNET ("Andy Tefft  862-6728", 814)
Newsgroups: comp.sys.apple
Subject: Re: A+ Virus Article (mostly for Morgan Davis)
Message-ID: <8903120034.aa27609@SMOKE.BRL.MIL>
Date: 12 Mar 89 05:35:00 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 29

Original note:
>
>As a professional in the computer security game I'd like to publicly
>complement Morgan Davis on his article in the recent A+ on viruses.  It
>(I have one minor quibble about the article:  it says that an Applesoft
>program can't be the source of a virus.  Not true -- who knows what's
>buried in the machine code most complex Applesoft programs poke into
>memory from DATA statements?  And, for that matter, if I even just had a
>20,000 line applesoft program in front of me I wouldn't know what it was
>doing anyway, DATA statements, peeks and pokes or not.)
>
>TMPLee@Dockmaster.arpa

Well, how about embedding machine language (relocatable of course)
at the end of an Applesoft program, then moving the program end pointer
back to accomodate the extra bytes? It would be invisible to the LIST
command. Apple used to do this an awful lot, actually it was more
common in Integer BASIC programs. Nice way to make sure your machine
code stays with the program, and if you make the code relocatable,
you can even modify the Applesoft and still have it work (you just
CALL xxx bytes back from the program end pointer, xxx stays constant...)
Yes, Applesoft can transmit viruses.

Andy

art100@psuvm.bitnet / a1t@ecl.psu.edu

PS - I just rented a 2400 baud modem for a month... should have bought
one long ago! This is niiiiiice...