...

Could a virus write to a write-protected disk? I'm not sure if the protection is done in the BIOS or the drive hardware. In the drive hardware.

In certain rare cases, drive hardware fails in such a way to allow write access to write-protected diskettes - I have one such machine here. This appears to happen more often in 5.25" drives - perhaps this is simply because most of the ones I come in contact with are older than the 3.5" ones. This is not a suitable viral attack, however, least of all against a specific target like PGP. However, viruses attacking specific programs are well-known, both in concept and actuality - take AntiEXE, which will corrupt certain sector reads if the sector starts with a given byte pattern. In a similar way it would be possible to attack PGP, at least on DOS platforms. However, it would be dependent upon compiler used/version of PGP/etc etc, and only work in a few cases. More likely is something which waits to see when a certain program is run (let's say PGP :-)), and records keystrokes (keyphrase, anyone?). Then it takes a copy of the secret key file along with the keyphrase, and is able to do whatever it likes with them. Slightly off-topic, for which I apologise, but there we go. I. --------------------------------------------------------------------- | Ian Whalley, Editor, | Phone/Fax : +44-1235-555139/531889 | | Virus Bulletin, | DDI : +44-1235-544039 | | 21 The Quadrant, |------------------------------------------| | Abingdon Science Park, | PGP key : 2A 02 96 E5 5D 77 4C 8D | | Oxon, OX14 3YS, UK. | fingerprint : EB 22 14 6F E0 3B A0 D3 | ---------------------------------------------------------------------