To all. This is something I received from a fellow Internet user in the States. I don't know where he got this info, but I thought we may all benefit from this warning.
SrA Lounsbury sends...
>SUBJECT: VIRUSES--IMPORTANT PLEASE READ IMMEDIATELY >line "Good Times", DO NOT read the message, DELETE it
I've been employed by two of the largest and most well-known Anti-Virus software companies in the world (Symantec and now McAfee). I've supported a wide variety of anti-virus products. I can assure you that this is a hoax. There is currently no known mechanism by which an e-mail message could "infect" and "propagate" independent of OS and MUA. In other words it would require a specific combination of operating system and platform and/or a specific mail reading program to transparently execute code (macros whatever) inside of a mail message. Java, LiveScript, and Microsoft's transparent MSN hooks could allow these sorts of things in the future (through suitably *bad* client software. Also I've heard that the e-mail package included with WordPerfect Office can execute some binary attachments, automatically. Other than those two exceptions I know of know way that this would be feasible. On comp.virus (or was it alt.comp.virus??) there was considerable (and heated) debate about the feasibility (and possible *desirability <g>) of a trojan horse that would be specific to a client (like AOL's proprietary access software) and would pipe in some data to exploit some as yet undiscovered bug (like the famous fingerd buffer overflow) to force execution of CPU specific machine code. In any event these would not be "viruses" in the traditional computer sense of the term. Virus researchers naturally have to distinguish between worms, logic bombs, trojan horses, droppers, and various types of virus. There is considerable literature on these distinctions (which I have neither the time nor the expertise to attempt to duplicate here). (and there was much rejoicing). All of this has little to do with cryptography. The cryptography used in computer viruses is generally not very sophisticated. the primary constraints are compactness of algorithm and convenience of the implementation with respect to a given processor. The only purpose is to obuscate the code -- try to limit the efficiency or effectiveness of signature based scanning engines. Mostly they use self-modifying code loops with XOR's and simple ADD's and SUB's. I heard of one that PUSHed all it's code onto the stack and then did a simple FAR JMP to it (apparently quite compact). Finally I'd like to recommend that people please restrain themselves from forwarding press releases from various sources to other mailing lists that "might be interested." Most of us are big boys and girls. If our interest is sufficiently broad, we'll go subscribe to those other lists or newsgroups. If you insist on referring to things from other sources -- perhaps a short query (like "Say does anyone here think the 'Good Times' virus has anything to do with with cryptography?" and "Well, if your interested you can find out more about it on foo -- or ask and I'll forward a copy") will be more conservative of our time and bandwidth. (Now y'all can flame me for wasting this much on a largely off-topic response -- but please feel free to direct those flames to /dev/null or to *just me*).