Viruses

This is a basic primer on viruses, how they work & affect your computer.

Beware Geeks bearing gifts.

First of all, what computer viruses are not. Most of the virus warnings you'll see in emails are false. See my Hoaxes Page for details. Current viruses don't delete everything on your computer, make things blow up nor are they so powerful that Microsoft, Symantec, McAfee and such can't fix them. Yet... And, you can't catch a virus from your computer.

What viruses are: Viruses are nasty little programs that can do damage to your computer in various ways. According to the commonly held definition a computer virus is a computer program written to alter the way a computer operates, without the permission or knowledge of the user, by hiding in other program files. A true virus does basically two things:

  • Replicate itself
  • Execute itself

From there, viruses can do other damage to your computer such as delete files, corrupt files, infect the OS and other undesirable things.

Types of viruses: There are basically three kinds of malware also called viruses

  • Viruses
  • Trojans
  • Worms

We'll discuss the differences later on. For now, lets take a look at what are some of the characteristics of viruses.

What viruses do: Most viruses (as of these days) will infect files, corrupt your hard drive and basically act as nuisances. Very few viruses can do more than that. Those that do more are devastating and can be very destructive as opposed to just being a nuisance. As virus code writers get more and more nasty with their programming, you'll see more destructive viruses coming down the pike.

Origins of viruses. Experts agree that the first real virus was written by two brothers from Pakistan, Basit and Amjad Farooq Alvi, who wrote the virus to stop pirated versions of software they wrote. The game that contained the virus would play for 49 times and on the 50th time, it would display a blank screen whioch was then filled with a poem about the virus. It then infected the computer on which the game was played. Back in the early days of personal computing, viruses were spread by way of removable media (floppy diskettes). Since the only way of sharing data was to share floppies, you had to scan the disk when you inserted it in your computer. I remember the first virus I saw - Stoned. I worked in a homeless shelter in Boston and we had a computer lab. A friend and I used to go there to play games on the computer. The Stoned virus was on almost every computer in the lab. I carried a 5¼ floppy with me that had McAfee antivirus so I could clean the computer I wanted to use. I wound up cleaning several computers several times because whoever had the infected disk kept coming in and using the computers.

Another factor in the propagation of viruses was the advent of the modem and bulletin board systems (BBS- early file distribution sites). As more and more programs were loaded on BBSes, there arose more opportunities to spread viruses. This has carried over to the internet and the multitude of download sites. The latest development in the spread of viruses is file sharing utilities like Limewire and Kazaa. (Note: I can't condone using file sharing because pirating software is illegal and as a Christian, I am under the conviction that it's stealing.) Other methods of spreading viruses are emails, chat programs and unsecured networks.

Why do people write viruses? That's a good question. No one knows every reason why a person would write destructive programs, but one thing is clear: Viruses are not a 'natural' function of your computer or operating system. Someone intentionally wrote the program to do something that your computer wasn't intended to do. Some of the reasons I came up with for programmers to write malware code are:

  • They get their jollies over someone having to clean out the computer.
  • They are attention starved, morally challenged idiots.
  • They want to match wits with other programmers and anti-virus vendors.
  • They are trying to impress a girl.
  • They are fighting authorities.
  • They want revenge for some reason.
  • Like climbing Mt. Everest... because it's there.
  • They don't care.

This is just like the bully who enjoys punching you in the face and taking your lunch money. Whatever the reason, virus writers produce programs that are destructive and there needs to be better laws to enforce penalties for malicious code writers.

Now let's take a deeper look at the different types of viruses. As I mentioned before, there are three basic types:

    Viruses: The generic term virus covers any code written to replicate itself execute itself. This includes macro viruses (code written to take advantage of security holes in Microsoft Word, Excel and other productivity programs).

Again, current viruses don't eat your whole hard drive and cause horrific problems like mentioned in certain hoax emails, but they still can be annoying and somewhat destructive. Your computer is most vulnerable when you don't use, or keep updated, a good antivirus program or if you download software from unknown sites, use file sharing programs or accept files over chat. That being said, it is entirely possible to get a virus from a website that maliciously uses scripts to activate malware on your computer (To combat this, I use Firefox as my default browser and turn off scripts unless I know what they are for. See my Programs Page for information on Firefox.).

Example: The I Love You virus. This one was sent through emails proffering a file called "I Love You.txt.vbs". Most users wouldn't see the .vbs extension at the end because of settings on the computer, therefore thinking the sender sent a file proclaiming the sender's love. The virus would run when the file was accessed and makes use of the Windows Scripting Host program to change file names and extensions then emails itself to other users in the host's address book.

    Trojans: The trojan is a virus loaded inside a program that performs a task other than what the user thought the program was intended to do.

Go back in history to circa 12th century B.C. to the Greek - Trojan war. The war had begun after Paris of Troy took Helen (the face that launched a thousand ships) as his wife not withstanding she was married to Menelaus, king of Sparta. The war lasted for 10 years and at the end, with the Greeks no closer to defeating the walled city of Troy, the Greeks fashioned a wooden horse that was said to have 3,000 Greek warriors hidden inside. The bulk of the Greek army made like they were leaving and left the horse at the gates of Troy. The Trojans opened the gates, brought the horse (supposed to be a token of Greek defeat to the victors) inside the city and commenced to partying very hard. That night, when the Trojans were good and soused, the Greek warriors, now inside the walls of the city, dismounted the horse and sacked the city of Troy with little resistance.

Like the famous horse that this type of virus gets its name from, a trojan is a destructive code written into another program or file (like an MP3 or a game). When accessed, the code executes without the user's knowledge, proceeds to replicate itself and does it's damage. What makes this type of virus stand out is that rather than downloading a program or file whose only function is to do damage to your computer, a trojan will be added into a file or program. So, when you open that picture your friend sent you, not only do you see the photo, you get infected as well.

Example: The Back Orifice Trojan, deployed in 1998, was initially a program written to demonstrate the deficiencies of Microsoft Windows 98. It was later used by hackers & script kiddies to give them access to remote, unsecured computers. Today, most anti-virus programs claim to detect it and remove it, but there are stories of computers being infected without being caught by anti-virus programs.

    Worms: A computer worm is a self-replicating computer program that makes use of a network to spread itself and may do so without any assistance from the users.

Picture an earthworm. It lives in the ground, goes about digging a hole, tunneling it's way through your back yard. In like manner, a computer worm spends it's time tunneling around networks and/or the internet looking for vulnerable computers to install itself on so that it can deliver it's payload (the cargo it was programmed to release). What seperates this kind of virus from the other two is that the worm doesn't need to be passed on by floppy disks or be sent in emails. It is programmed to search around and install itself where it finds vulnerabilites. And since Microsoft's Windows operating system is full of holes and is, by far, the most widely used operating system, worms are plentiful.

Example: The MyDoom worm was sent in 2004 via email and infected Windows computers with a payload that was designed to flood the servers of SCO, a company that threatened to sue those organizations that distributed Linux, based on a perceived copyright infringement.

So, what can you do? I'm glad you asked. For a more detailed list of things to do, check out my Anti-virus page. Here's the short list:

  • Install and regularly update a good antivirus program.
  • Don't share files unless you know and trust the source.
  • Don't use file sharing applications like Kazaa or Limewire.
  • If you are connected to the internet, use a good firewall.
  • Above all, use common sense when on the computer.

I hope this page helps you understand what viruses are. Knowing your enemy is always a good thing. There is probably much more information out there that you can find and probably more detailed descriptions, but I wrote this to give you basic information on viruses and what they do.

Stay informed!