Virus attacks on PGP
Thomas E Zerucha
zerucha at shell.portal.com
Mon Nov 27 13:04:59 PST 1995
On Sun, 26 Nov 1995, Bill Frantz wrote:
> At 11:40 11/26/95 -0800, Thomas E Zerucha wrote:
> >That woudl be interesting - even with the speaker "off" the power surge
> >causes clicking and other signs. Not to mention that the interrupt count
> >would start moving (of course the virus could replace the entire OS and
> >would only have to find 300K chunks to hide in).
>
> I looked at the memory usage on my 1meg Mac and 5meg is used for the
> system. I have no idea what it is all being used for. A lot can hide
> there.
>
But it would also have to hide in something you load at boot time. For
it to propogate there, it would have to make copies of itself. when crond
and inetd and named all grow over 400K I get curious. Dos has small
usage, and Linux provides a link map (or I can checksum entry points or
such). Another fun thing to do is pkexe or gzexe. The latter turns an
exe into a shell script. Patching compressed files is very difficult.
zerucha at shell.portal.com -or- 2015509 on MCI Mail
finger zerucha at jobe.portal.com for PGP key
More information about the cypherpunks-legacy
mailing list