ANSI Bombs are still a threat? (was: Re: Good times virus (ANSI BOMB?))

-----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, adam.philipp@ties.org writes:

Although the concept of "text viruses" seems a bit far fetched to some people, there these lovely toys known as ANSI bombs. Essentially they work in a similar method to the some techniques used in the sendmail bug, but they are MS-DOS specific, they will use embedded ANSI codes to run programs as the files is viewed...

The MS-DOS ANSI bomb relies on the capability of redefining keystrokes through the ANSI screen driver. Most all the DOS boxen I lay hands on lose this capability quickly, when I install more capable ANSI drivers that have this misfeature disabled. Fortunately, few people rely on ANSI-based text viewers, so I'd hope that even the otherwise unprotected machines have some immunity. (how many people use 'type filename' anymore?) I first learned of ANSI bombs back in the Cretacious period (1989), when it briefly became popular to slip them into PKZIP 0.92 comment fields. I even saw a couple in files I downloaded, because even then I had removed the function from my screen driver. The attempted redefs would show up as plain text.

If anyone feels the need for proof I collected a few a while back, but really don't see the need to post them...heh heh.

I wonder if anyone's mail readers are even succeptible? (he said, grinning) - -- Roy M. Silvernail [ ] roy@cybrspc.mn.org PGP public key available by mail echo /get /pub/pubkey.asc | mail file-request@cybrspc.mn.org These are, of course, my opinions (and my machines) -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuY7wBvikii9febJAQFE7AP/RObKGqQ0Usi9SRyM3TA5doewB9E/VVKs NOOGan6aPZrt0B0wGZRxvmYBDfSixc5LhmCvDBmSiQid3sxbtCZKAUdLqjic7N2F 6ypNktYtcaJgQ95DO9xqzPR42UxJN2GDLIuwX0/01Cu3x08tgu9R2FVoVgkvGMmF YggtpKNrUWk= =V3Nl -----END PGP SIGNATURE-----