11) Is it true that....? (Computer virus)
Description
This article is from the Computer viruses FAQ, by David Harley D.Harley@icrf.icnet.uk, George Wenzel gwenzel@telusplanet.net and Bruce Burrell bpb@umich.edu with numerous contributions by others.
11) Is it true that....? (Computer virus)
(*or* some favourite hoaxes...)
(1) There is *no* Good Times virus that trashes your hard disk
and launches your CPU into an nth-complexity binary loop when
you read mail with "Good Times" in the Subject: field.
You can get a copy of Les Jones' FAQ on the Good Times Hoax from:
http://www.public.usit.net/lesjones/goodtimes.html
There *is* at least one file virus christened Good Times
by the individual who posted it in an attempt to cause
confusion. It is more commonly referred to as GT-spoof.
(2) There is no modem virus that spreads via an undocumented
subcarrier - whatever that means....
(3) Any file virus can be transmitted as an E-mail attachment.
However, the virus code has to be executed before it actually
infects. Sensibly configured mailers don't usually allow this
by default and without prompting, but certainly some mailers
can support this: for instance, cc:mail can, it seems, launch
attachments straight into AmiPro.
There's room for a lot of discussion here. The jury is still
out on web browsers: Netscape can certainly be set up to do
things I don't approve of, such as opening a Word document in
Word without asking.
Microsoft have made available a Word viewer which reads Word
files, but doesn't run attached macros. If possible, use this
instead. If you have both Word and the Word Viewer, it is a good
idea to set the Word Viewer as the default association instead
of Word itself. This protects you from macro viruses to a certain
extent, while not preventing you from using Word to edit documents
(just use file/open instead of double-clicking on the file).
The term 'ANSI bomb' usually refers to a mail message or other
text file that takes advantage of an 'enhancement' to the MS-DOS
ANSI.SYS driver which allows keys to be redefined with an
escape sequence, in this case to echo some potentially
destructive command to the console. In fact, few systems
nowadays run programs which need ANSI terminal emulation to run,
and there's no guarantee that the program reading the file would
pass such an escape sequence unfiltered to the console anyway.
There are plenty of PD or shareware alternatives to ANSI.SYS that
don't support keyboard redefinition, or allow it to be turned off.
The term mail bomb is usually applied to the intentional
bombardment of an e-mail address with multiple copies of a
(frequently abusive) message, rather than to the above.
(4) There is no known way in which a virus could sensibly be spread
by a graphics file such as a JPEG or .GIF file, which does not
contain executable code. Macro viruses work because the files to
which they are attached are not 'pure' data files.
(5) In general, software cannot physically damage hardware - this
includes viruses. There is a possibility that specific hardware
may be damaged by specific code: however, a virus which drops
a particular payload on the offchance that it's running on a
system with a particular type of obsolete video card seems more
than usually futile.
At least one virus (named CIH, AKA Chernobyl) contains code that
can overwrite BIOS code on some machines. This does not constitute
hardware damage, since the chip involved is still intact. Problem
is, without the appropriate software on that chip, the system won't
boot. Repair from this payload generally involves reprogramming the
BIOS chip, which can be more expensive than just buying a new
motherboard.
Continue to:
My Books
