[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Virus attacks on PGP

To: Bill Frantz <[email protected]>
Subject: Re: Virus attacks on PGP
From: Thomas E Zerucha <[email protected]>
Date: Mon, 27 Nov 1995 12:44:18 -0800 (PST)
Cc: Norman Hardy <[email protected]>, Laszlo Vecsey <[email protected]>, Piete Brooks <[email protected]>, Moroni <[email protected]>, [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]

On Sun, 26 Nov 1995, Bill Frantz wrote:

> At 11:40 11/26/95 -0800, Thomas E Zerucha wrote:
> >That woudl be interesting - even with the speaker "off" the power surge 
> >causes clicking and other signs.  Not to mention that the interrupt count 
> >would start moving (of course the virus could replace the entire OS and 
> >would only have to find 300K chunks to hide in).
> 
> I looked at the memory usage on my 1meg Mac and 5meg is used for the
> system.  I have no idea what it is all being used for.  A lot can hide
> there.
> 

But it would also have to hide in something you load at boot time.  For 
it to propogate there, it would have to make copies of itself. when crond 
and inetd and named all grow over 400K I get curious.  Dos has small 
usage, and Linux provides a link map (or I can checksum entry points or 
such).  Another fun thing to do is pkexe or gzexe.  The latter turns an 
exe into a shell script.  Patching compressed files is very difficult.

[email protected] -or- 2015509 on MCI Mail
  finger [email protected] for PGP key

References:
- Re: Virus attacks on PGP
  - From: [email protected] (Bill Frantz)

Prev by Date: Re: Cypherpunk Certification Authority
Next by Date: Re: The future will be easy to use
Prev by thread: Re: Virus attacks on PGP
Next by thread: Re: "Junk Email"
Index(es):
- Date
- Thread