Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!csd4.milw.wisc.edu!dogie!uwvax!puff!cat28!blochowi
From: blochowi@cat28.CS.WISC.EDU (Jason Blochowiak)
Newsgroups: comp.sys.apple
Subject: Possibility for a virus in AppleSoft program (was Re: A+ Virus Article)
Summary: It's possible - fairly easy, in fact.
Message-ID: <2458@puff.cs.wisc.edu>
Date: 17 Mar 89 05:30:22 GMT
References: <8903121224.aa03512@SMOKE.BRL.MIL>
Sender: news@puff.cs.wisc.edu
Reply-To: blochowi@cat28.CS.WISC.EDU (Jason Blochowiak)
Organization: U of Wisconsin CS Dept
Lines: 20

In article <8903121224.aa03512@SMOKE.BRL.MIL> ALBRO@NIEHS.BITNET writes:
>art100@psuvm.bitnet / alt@ecl.psu.edu wrote about the possibility of putting
>a virus in machine language attached at the end of a BASIC program and
>therefore invisible to the LIST command.  Quite possible, but somewhere in
>the program there will have to be a CALL to somewhere you didn't load any
>code, which would be a dead give-away.

	Not really... First of all, there are plenty of legit programs that
CALL ML code to do certain things for them - including CALLs to imbedded ML.
Secondly, an explicit CALL statement isn't necessary - the program could POKE
certain parts of itself (self-modifying code) so that the CALL statement would
be created. This would all be possible without one bit of ML (but I won't
mention how, for what I consider obvious reasons - if you disagree, flame me
in email, not here).

	Jason
 ------------------------------------------------------------------------------
		Jason Blochowiak (blochowi@garfield.cs.wisc.edu)
			"Not your average iconoclast..."
 ------------------------------------------------------------------------------