atw: Re: PC protection

• From: "Steve Hudson" <adslyy5g@xxxxxxxxxx>
• To: <austechwriter@xxxxxxxxxxxxx>
• Date: Fri, 24 Sep 2004 23:41:34 +1000

<snorts>

You had to use a third party utility to fix a two byte patch to the boot
block? <Giggles> I think the grenade exploded at birth near your cranium and
therein lies the true source of your familiar problem :-)

The SCA wasn't the first virus, I wrote one for the Apple ][ years before
that, just no-one ran p2p back then and all the bbs sysops were
mates/readers of mine, so I couldn't go via them and the web didn't exist
and it was more fun as an intellectual exercise for knowing mates to
experience than an attempt to screw someone over.


It originally started out as a (c) system. I redirected the bootblock to my
own sector loaded with machine code to run the dos bootstrap - only using a
different track. As per Beagle Bros doco. I then realised I could be more
sinister with this. Why? All my mates wanted to try and break my
copyprotection, but as you needed a password to login from my DOS boot, it
was advanced stuff. Sure enough, soon enough someone did a hex edit of every
sector and plucked my password.

Of course, these days I don't do something so simple as 

Password$="GetYourBloodyNoseOutaMyBusiness"

Rather, I do something more like

P2="Bloody"
SomeOtherInitCommand
P1="GetYour"
AnotherSetofInitCommands
P3="OutaMyBusiness"

Pf=P1 & P2 & P3

So the big realisation was, as I left the system looking at the wrong
bootblock, all I had to do was intercept open / write events to check the
bootheader id for my mark if not found, alter the bootblock and write a
sector. This meant they could look at and use their disks after booting
mine, but when they rebooted, their disks appeared empty! The master dir
block was a fake I created on my default space, thus re-using my code
perfectly. The only disks they could use, ironically, were my copyprotected
disks using that track!

Lotsa fun, I think the school graduated me just because they wanted to be
rid of me :-)

Then the Amiga came along...

Now, to be fair, I am hardly claiming to be the first virus manufacturer,
nor the most 'effective'. As I have said before, Unix virii have existed for
far longer than our 'moron' home users ('us') stumbled onto the scene.

Them's where the good old days, when a virus displayed a pretty message and
it's only detrimental effect was occasionally overwrote a (c) game's
intercept. Now, they rip your bankcard, pin number and yer bandwidth off ya.
Sheesh. Then they say mobile phones are the latest virus targets. Mate,
gimme the bad old days. 

Steve Hudson

Word Heretic, Sydney, Australia 
Tricky stuff with Word or words for you.
www.wordheretic.com
ABN: 86 453 419 554   
"Qualified Good Tech Writer Dude"
Fellowship of the Ring of Technical Writers, Yeah Baby!
  

-----Original Message-----
From: austechwriter-bounce@xxxxxxxxxxxxx
[mailto:austechwriter-bounce@xxxxxxxxxxxxx] On Behalf Of Michael Edward
Granat
Sent: Friday, 24 September 2004 11:33 AM
To: austechwriter@xxxxxxxxxxxxx
Subject: atw: Re: PC protection

Ha!  Oh you bet they do, Attila (G)!

It's just that Macs are not such a high profile / mass market machine as the
MS PC in Australia.

(Although they have infested the US and British movie and TV scenes with
obvious "product placement" for years.)

Macs have suffered from virus attacks since the late 1980s, not long after
the first Amiga virus (the SCA or Swiss Cracking Association virus, for
which someone developed a really funky little animated checker cleaner that
searched and cleansed your floppy drive to the strains of some dramatic
music) appeared on the Amiga, circa 1987.

If you want to know more about your Mac, it is time to join a User Group.

For a start, you can find the Apple (Mac) Users' Society of Melbourne
(AUSOM) @ <http://www.ausom.com.au/> with a page of links to all sorts of
useful Mac oriented sites @ <http://www.ausom.com.au/links.html>,
including Mac User Groups closer to you, troubleshooting sites, articles and
advice.

But, as us Amiga owners with hardware based Motorola 68000 series CPU
Macintosh (AMAX & AMAX II card) emulators used to say, the slowest way to
run Macintosh ...is on a Macintosh.

Then again, the build room manager at Digital Ideas (RIP and Print systems
developers) used to say that "The best way to shut down a Macintosh is with
a baseball bat".

Now that would stop any Mac spyware in its tracks!  ;-)

HTH (Elizabeth Fullerton).

Regards,

Michael Granat
Write Ideas

At 10:03 24/9/2004, you wrote:
>To my knowledge Macs don't get infected?
>
>
>-----Original Message-----
>From: austechwriter-bounce@xxxxxxxxxxxxx
>[mailto:austechwriter-bounce@xxxxxxxxxxxxx]On Behalf Of Elizabeth 
>Fullerton
>Sent: Friday, 24 September 2004 9:04 AM
>To: austechwriter@xxxxxxxxxxxxx
>Subject: atw: Re: PC protection
>
>
>This is all very interesting. Can anyone recommend anti spyware for Mac?

Michael E. Granat
Qualified Good Tech Writer Dude
Fellowship Of The Ring Of Tech Writers, Yeah Baby!
T/as Write Ideas
E-mail: mailto:writeideas@xxxxxxxxxxxxxx
Web: <http://home.pacific.net.au/~megranat/>
Without Prejudice.
E&OE.


**************************************************
To post a message to austechwriter, send the message to
austechwriter@xxxxxxxxxxxxxx

To subscribe to austechwriter, send a message to
austechwriter-request@xxxxxxxxxxxxx with "subscribe" in the Subject field.

To unsubscribe, send a message to austechwriter-request@xxxxxxxxxxxxx with
"unsubscribe" in the Subject field.

To search the austechwriter archives, go to
www.freelists.org/archives/austechwriter

To contact the list administrator, send a message to
austechwriter-admins@xxxxxxxxxxxxx
**************************************************


**************************************************
To post a message to austechwriter, send the message to 
austechwriter@xxxxxxxxxxxxxx

To subscribe to austechwriter, send a message to 
austechwriter-request@xxxxxxxxxxxxx with "subscribe" in the Subject field.

To unsubscribe, send a message to austechwriter-request@xxxxxxxxxxxxx with 
"unsubscribe" in the Subject field.

To search the austechwriter archives, go to 
www.freelists.org/archives/austechwriter

To contact the list administrator, send a message to 
austechwriter-admins@xxxxxxxxxxxxx
**************************************************

• References:
  • atw: Re: PC protection
    • From: Michael Edward Granat

Other related posts:

• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection
• » atw: Re: PC protection

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription