Talk:Computer virus

This is the talk page for discussing improvements to the Computer virus article. This is not a forum for general discussion of the article's subject.

Put new text under old text. Click here to start a new topic. New to Wikipedia? Welcome! Learn to edit; get help. Assume good faith Be polite and avoid personal attacks Be welcoming to newcomers Seek dispute resolution if needed Article policies Neutral point of view No original research Verifiability

Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL

Archives: 1, 2, 3

Computing B‑class High‑importance

This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing B This article has been rated as B-class on Wikipedia's content assessment scale. High This article has been rated as High-importance on the project's importance scale.

Computer Security: Computing B‑class High‑importance

This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security B This article has been rated as B-class on Wikipedia's content assessment scale. High This article has been rated as High-importance on the project's importance scale. This article is supported by WikiProject Computing (assessed as High-importance). Things you can help WikiProject Computer Security with: Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

Template:FAOL

This article has been mentioned by a media organization: Charles Arthur (24 November 2004). "Searching for the perfect portal". The Independent Online. {{cite news}}: Check date values in: |date= (help)

Note: revisions of this article between June 28 and September 11, 2002 are at Virus (computing).

Archives

September 2002 → May 2008

I think it's time that this talk page got archived. Agree or disagree? --24.60.150.225 (talk) 15:45, 14 August 2008 (UTC)[reply]

 Done I archived all the old discussions (ie. those with no new contributions since 9 May 2008). Follow the archive links in the box above to view the old discussions, but please do not edit the archive. If you wish to start a new discussion or revive an old discussion, please do so with a new section on this page. Astronaut (talk) 20:45, 7 October 2008 (UTC)[reply]

"but the majority of viruses are programs deliberately written to interfere with, or damage, other programs or computer systems. "

This is at the very least a questionable statement. Just look up a few interviews with virus writers in Google. I have removed it from the article. I think this statement is more accurate (and have put it in the article): "Virus writers can have various reasons for writing and spreading viruses. Some people who create or spread viruses intend to interfere with, or damage, computer systems." Sietse 17:22, 15 Sep 2004 (UTC)

This article needs a much more detailed discussion of why people create and distribute viruses. Are they just losers looking for attention? Are they vandals, doing it instead of spraying graffiti or breaking into cars? It would be useful if a psychologist would contribute here. —Preceding unsigned comment added by 62.140.194.147 (talk) 09:43, 20 August 2008 (UTC)[reply]

I don't think a discussion is appropriate for an encyclopedia. If there were any actual knowledge on this issue, then yes, it ought to be included, but as far as I know there is only speculation. Virus writing is a shadowy world, and few of the proponents have been caught or given accounts of themselves. There are no doubt as many motives as there are writers, and it wouldn't surprise me if any motive actually stated by a (purported?) virus writer was spurious, because they would have no reason or compulsion to tell the truth. They might engage in self-justification or might not even know their own motives. Why did I get up this morning? I can't account for it. Has any psychiatrist actually examined a known virus writer? TheNameWithNoMan (talk) 11:13, 20 August 2008 (UTC)[reply]

Why are there no Virus Creator Links? Is that against a rule or something? Or would people be too afraid to visit it?

"If they can teach how to make a virus, then they could have a virus on the site, I'm not going on there..." —Preceding unsigned comment added by 68.202.22.90 (talk) 23:43, 23 September 2008 (UTC)[reply]

Again, such things are outside the scope of an encyclopaedia article. TheNameWithNoMan (talk) 08:25, 24 September 2008 (UTC)[reply]

I'm not the one who added the assertion about viruses damaging hardware, but the assertion is perfectly valid. The only example I can think of is a monitor, which you can blow out by sending it the wrong signals. Easy enough to do with a badly written driver or with carelessly chosen video settings. What non-malicious software can do by accident, malicious software can do by design. That said, I've never heard of a monitor-killer virus!

Before we add this concept to the article itself, we should probably find some more general and authoritative information on viruses causing hardware damage. I've done a little Googling, but all I see are the usual rumors and flamefests. Consider this note a stub for future investigation! Isaac R 06:17, 16 Apr 2005 (UTC)

• http://news.spamcop.net/pipermail/spamcop-list/2001-June/014485.html - 84.222.70.189 15:09, 16 Apr 2005 (UTC)
  • I saw that one. But a BIOS is software, not hardware. The problem described can be fixed by flashing a new BIOS, without changing any hardware. Of course, without a a BIOS, all your hardware is useless -- but this is still not "hardware damage". Isaac R 21:32, 16 Apr 2005 (UTC)

Malicious software CAN damage hardware.

1. Monitors can be blown by oversyncing and non-compliant signals. 2. BIOS can be unrepairably corrupted by mal-formating the flash routine. 3. Harddrives can be destroyed by setting the wrong heads and sectors "on the fly" and then scraping the disk and causing it to overheat and melt. 4. CPU's can be destroyed by overclocking to cause intentional thermal overloads which bypass shutdown precautions. 5. RAM on the motherboard and videocards can be mal-synced to slowly corrupt adressable regions.

And that's just the first few examples that come to mind.

When I first saw this listed as "A GENERAL RULE" about viruses I was about to delete it on the spot but I figured it was best to provide feedback here first and leave it upto the powers that be to sort it out.

I've been blessed with several ACER doorstops thanks to a variant of the BIOS bomb mentioned above.

I've also woken up to the smell of molten harddrives- although the evidence of "viral activity" went up with the "ship". I can guarantee that other than proper AV measures the machine was 100% upto par the night before. The HD meltdown effect was replicated by changing the settings on the secondary HD while active and running format.

24.36.232.170 17:50, 4 May 2006 (UTC)[reply]

This issue has been endlessly argued in other places (as noted above) and I see that this talk page has TWO separate sections devoted to it. Before there were webpages, the wrangling raged for years on the alt.virus newsgroup. I don't propose to go through it all again, but have fun. If you do think your computer hardware can be damaged by a program, I would suggest complaining to the manufacturer. --TheNameWithNoMan (talk) 02:29, 21 April 2008 (UTC)[reply]

I know of a proof of concept related to FPGA hardware, http://www.springerlink.com/content/9wnbm5eqgpjvlcug/ And also a flash virus that destroys a media drive. Though i'd have to find the link again, i saw it discused in slashdot. —Preceding unsigned comment added by Allaun (talk • contribs) 22:37, 1 October 2008 (UTC)[reply]

This article is extremely biased in its current form. The fact that viruses are, practically speaking, specific to Windows systems, is not even mentioned. To the extent that it is vaguely implied, this critical point is downplayed. I have used Unix-like and Mac systems for decades, all without any kind of virus protection software, and have never encountered anything closely resembling a virus. The argument that Windows viruses are more common with Windows because of the popularity of Windows is a red herring. It is technically impossible to write a virus that can do any kind of system damage to a Unix, Linux or Mac system the way a Windows virus can. Again, this is lightly touched on in the article, but the ramifications are not spelled out. --Serge 05:57, 26 July 2006 (UTC)[reply]

One thing not discussed in this article is not only that the numbers of non-Windows viruses are so relatively small, but that the ones that do exist just don't spread the way Windows viruses do. The bottom line is that the vast majority of Windows users are compelled to use anti-virus software, while the vast majority of non-Windows users are not. --Serge 22:28, 28 July 2006 (UTC)[reply]

Actually, many of the most prolific early viruses were not "Windows systems" specific, or even MSDOS specific. The boot sector viruses that infected the boot sectors of floppy and hard disks and the partition sectors of hard disks subverted the boot-up process before the system was even loaded. They were therefore IBM PC BIOS specific. I have personally dealt with a helpline call from a user that had suffered an attack from the Michelangelo virus payload (wiping of the first portion of the hard disk) even though he was running a variety of Unix rather than any Microsoft system. That was unusual then, but there are many PCs now that have Linux installed instead of Windows, which would still be vulnerable to some old boot sector viruses, except that no one puts floppy disks in their computers anymore. TheNameWithNoMan (talk) 11:07, 12 July 2008 (UTC)[reply]

Apple have just recommended that Mac users employ anti-virus measures (news article ^[1]). The world moves on. TheNameWithNoMan (talk) 18:34, 2 December 2008 (UTC)[reply]

Oops- apparently the world moved on in 2002, when Apple first advised Mac users to employ anti-virus software, and on other occasions since ^[2]. More recent announcements just seem new because of the recurrent claims that Apple is immune. TheNameWithNoMan (talk) 23:29, 3 December 2008 (UTC)[reply]

YET MORE- Apple have just released a set of patches for vulnerabilities in OSX components, much as Microsoft do on a regular basis. News Article here ^[3]. TheNameWithNoMan (talk) 00:45, 16 December 2008 (UTC)[reply]

AND AGAIN- "Apple has released a set of security updates that plug over two dozen holes in Mac OS X - including the Safari RSS vuln discovered last month - plus a vuln apiece in Java for Mac OS X 10.5, 10.4, and Safari for Windows"^[4]. TheNameWithNoMan (talk) 09:19, 13 February 2009 (UTC)[reply]

Your discussion here reminded me of a question that I recently concocted. I have no intention of actually doing something like this, but please consider this hypothetical scenario - would it be possible to design a virus so that it affects certain operating systems while ignoring others? Like, say, a virus that would activate on a Macintosh server, but remain inert for Windows. Again, I'm just asking out of curiosity - I'd never actually do this sort of thing, and I certainly wouldn't know how to do it, even if I wanted to, but I'm just wondering if it is possible. --Luigifan (talk) 13:35, 13 January 2009 (UTC)[reply]

I'm sure it is possible to detect the OS and then tailor an attack (or not) towards it. I can't think of any specific examples from history, but yeah, it would be that hard to detect such details. - Jarry1250 ^{(t, c)} 15:27, 13 January 2009 (UTC)[reply]

Question is the wrong way around. Designing a virus to subvert more than one operating system would be very difficult, because they all work differently. There are viruses that can WORK under more than one operating system, such as the Word Macro viruses, but these subvert something other than the operating system (such as the Word macro execution facility). You also have viruses that subvert the computer BIOS before the operating system is loaded (as mentioned above), which may continue to work or partially work after the system loads, regardless of the operating system, if it uses BIOS functions or interrupt calls. But to "attack" more than one system (the system itself), i.e. both Windows and Mac, would be very hard. Not all systems run on the same hardware either, so you might not even have a common instruction set. I don't think anyone has ever bothered with this, especially if they wanted to then choose which system to infect and leave the other alone. Easier to just write separate viruses. If you wanted it to work on a Mac and not Windows, you would simply write a Mac virus, not a Windows one. No worries that it would work on the "wrong" system. TheNameWithNoMan (talk) 15:55, 13 January 2009 (UTC)[reply]

iv already asked about 15 people about this but has anyone ever notest the instant a virus pops up there’s an update to protect agenst it from Norton or some thing shurly it would take at lest a few hours to make a protection for any virus unless you were the one who made it and had knowledge of the weaknesses’ it may have.

Actually, this is frequently "noticed" by people who are new to the subject. There are many things wrong with your supposition, including "the instant a virus pops up". What does that mean? When YOU become aware that there is a new virus? Most users find out about new viruses when the anti-virus people have put out an alert, at which time they may have been studying it for quite awhile- otherwise how would it have a name (viruses are named by AV researchers, not the virus writers) and how would its characteristics be known? When a virus "pops up" that is "called killerdiller and infects Word documents and rotates all your .JPG files", the name will have been assigned by anti-virus researchers and the infection route and the payload discovered through their research. Otherwise all you would have is "hey, there's a new virus". You can say that any time you like, there are always new viruses.

Most new viruses are variations on old ones, so the research time is often short. Virus "weaknesses" are not an issue. Each virus has its own characteristics which need to be dealt with to remove it, but is is likely to be similar to others seen before. Virus researchers consider it a positive treat to find anything novel to work with, as they see so many copycats. TheNameWithNoMan (talk) 11:28, 12 July 2008 (UTC)[reply]

[URL Removed] sorry for the edit, Jeremybub, but Abedia is right: we don't want unaware editors to click on the link and potentially get infected ---24.60.150.225 (talk) 15:22, 14 August 2008 (UTC)[reply]

does anyone know if Rebooting the computer to get rid of viruses can damage the computer if you do it too many times?? J.C. 03:42, 16 June 2007 (UTC)[reply]

I've never heard of excessive rebooting harming a computer, although switching it off and on again thousands of times could blow something (just like turning a light bulb on and off thousands of times could blow it). But please note that rebooting in itself won't get rid of or even slow the virus - you need a virus removal program. peterl 23:22, 21 August 2007 (UTC)[reply]

Bit of basic misunderstanding here I think. In the early days there were many viruses that subverted the booting-up process of a PC. In fact, these boot-sector viruses were the most successful type until floppy disks fell from favour. Because these viruses infected the boot or partition sector of the hard disk, and therefore took control of the computer before the operating system was run, they could hide from any anti-virus program that was run subsequently or re-install themselves after it was run. It was therefore important to "clean-boot" the computer from a floppy disk that was known to be free of infection before running anti-virus software. Re-booting a computer in itself does nothing to "get rid" of a virus, but re-booting from a known clean floppy disk was vital preparation to the use of a (usually DOS based) anti-virus program. Nowadays anti-virus software usually doesn't require this, but there is a new threat called a "root kit" which again subverts the computer at an early point in the boot-up sequence and can therefore hide from AV software run later on. TheNameWithNoMan (talk) 11:45, 12 July 2008 (UTC)[reply]

www.versiontracker.com/dyn/moreinfo/win/156124

77.54.102.172 (talk) 16:08, 20 April 2008 (UTC)[reply]

Why does Wikipedia care? We're not a source of antivirus definitions or a badware listing. Maybe you should let the people who run versiontracker.com know about that. --FOo (talk) 06:43, 22 April 2008 (UTC)[reply]

ak dizzay viruses should stop —Preceding unsigned comment added by 212.121.196.1 (talk) 09:21, 16 July 2008 (UTC)[reply]

This article uses the term CiD programs but does not explain wat those are. See Many CiD programs are programs that have been downloaded by the user and pop up every so often. --RAM (talk) 12:44, 29 August 2008 (UTC)[reply]

Concur. What the heck is a CiD program? Sue D. Nymme (talk) 15:45, 1 January 2009 (UTC)[reply]

I don't recognise the term either, but haven't been working in this field for some years so was reluctant to meddle with what might have been a new threat. However Neither Sophos nor McAfee seem to use this term for a class of virus or anything else much, so I will edit out the reference. TheNameWithNoMan (talk) 19:40, 2 January 2009 (UTC)[reply]

Question moved to Computing Reference Desk where you might get a better response. Astronaut (talk) 17:10, 29 October 2008 (UTC) [reply]

This is a shameless self-promotion (since Cliff deleted it before), but I would ask the community to consider this link for inclusion:
An Introduction to Computer Viruses
--Tocsin (talk) 07:57, 10 November 2008 (UTC)[reply]

Virus types

Transient (parasitic) virus; most common. It attaches itself to a file and replicates when the infected program is executed. Memory resident virus; Lodged in memory as part of a sytem program. Boot sector viruses; It affects important files located in boot sector and spreads when the computer system is switched on.

Firewall

A firewall is a combination of hardware components and appropriate sofware that controls or filters access between two networks. Main component of a firewall; packet filter, which is capable of preventing data packets of a certain type from passing through the firewall. Social engineering is a term that describes a non technical kind of intrusion.

--196.20.173.77 (talk) 18:20, 3 December 2008 (UTC)Posted by ratman.[reply]

I am going to do something like a table. Because someone asked me what virus is virus and what is worm ... You see, even i was not sure ;) . The columns would be what it does, eg. prerequisites and rows would be viruses and whether they suffice that constrains .... I hope it will take me short time ;) . 84.16.123.194 (talk) 23:25, 4 December 2008 (UTC)[reply]

The statement "Unix-based OS's (and NTFS-aware applications on Windows NT based platforms) only allow their users to run executables within their protected space in their own directories." is trivially incorrect. You can run executables in /usr/bin/ and /bin (e.g. /bin/ls) on most POSIX systems. You can also give input outside your directory, such as:

/bin/ls /etc

I'm not sure what the author was trying to say, but as written it was false. Superm401 - Talk 03:15, 19 December 2008 (UTC)[reply]

I think it's just the "... in their own directories." bit that was confusing. I have reinstated the sentence but removed the last bit. Better? Astronaut (talk) 15:11, 20 December 2008 (UTC)[reply]

Ever since listening to Weird Al Yankovic's song "Virus Alert", I've had a question that's been bugging me. How do people create viruses without the new software immediately executing and wrecking its creator's files? Is there some sort of "virus cap" or something? I'm not a hacker or anything, just an extremely curious computer user... and I'd like to know how viruses don't just blow up in their makers' faces!!!! --Luigifan (talk) 13:20, 13 January 2009 (UTC)[reply]

What you're asking (if I've got it right) is, why don't viruses infect their creator's computer? Well, I'm guessing they probably do. Either that, or a simple "if date=" might also suffice, but that would be risky and it would effectively create a way of neutralising the virus. So, in essence, the answer is probably that they do indeed blow up in their makers' face, then spread out from there. - Jarry1250 ^{(t, c)} 15:30, 13 January 2009 (UTC)[reply]

Viruses are just .exe files typically. They just don't run the files.69.110.234.99 (talk) 23:16, 19 January 2009 (UTC)[reply]

I imagine that virus writers have to run their viruses to check that they work, just like any programmer must do. No programmer can ever be sure of how a program works without testing it. As an anti-virus researcher, I routinely executed viruses to check that they worked as my investigation of the code indicated they would. Naturally, I had a computer set up specifically for this purpose (wiping it afterwards), and virus writers almost certainly have at least one extra computer with nothing important on it, just for messing with viruses.

Your assumption that a virus would immediately run amok and damage the writer's computer files is very unlikely anyway. Most viruses don't do any damage at all. Those that do don't trigger immediately, as that would limit their ability to spread to other computers. The virus writer would know what triggered the payload, if there was one, and would be in control of it, though he would almost certainly deliberately trigger it, to be sure it worked. There are, however, many examples of virus code that don't work as intended, or at all, indicating that some virus writers don't test thoroughly or test on computers configured differently than the one they are working on. TheNameWithNoMan (talk) 00:05, 20 January 2009 (UTC)[reply]

can a router get virus?