💾 Archived View for spam.works › mirrors › textfiles › virus › cnws2002.vir captured on 2023-06-16 at 21:01:36.
-=-=-=-=-=-=-
CrisNews #2 - 05/01/94
Reprinted With Permission
By: Cris Research Staff
The Virus Threat
(c) Ian Douglas 1993
Has the threat from viruses started to decline? ?The number of viruses for the
IBM PC (Intel x86) platform grows daily, but various events are making the IBM
environment safer. ?(Experts predict around 4000 - 6000 DOS viruses by the end
of 1994.)
Chief ?amongst these is the move away from DOS to new operating systems. ??The
trend ?started ?with ?Windows ?(not really ?an ?operating ?system), ??and ?has
accelerated with the advent of a reliable OS/2. ?Further down the line, ?there
is Windows NT and UNIX. ?These environments are very unfriendly for the ?3000+
DOS-based viruses. ?There is a joke that Windows is a good virus detector - if
a Windows file gets infected by a DOS virus, it crashes :-)
There ?are two known viruses that can infect Windows executables, ?but none at
present that can infect OS/2 ?executables. ?No known DOS viruses can run under
native ?OS/2, ?but only in a DOS session. ?Also, ?the constant upgrades to DOS
itself prevent some viruses from working altogether.
There ?are three main areas of virus spread: ?Large ?businesses, ??educational
institutions, and swopping disks among friends. Many large business are moving
to OS/2, ?others will move to Windows NT. In both cases, ?they are cutting out
an important vector of virus spread. ?I ?foresee that educational institutions
will ?also move to these new operating systems in the near future. ?The market
will ?demand ?students trained in them. ?This will once again cut out a ?major
vector for virus spreading.
That ?leaves ?the average user, ?still running DOS. ?His has ?less ?chance ?of
getting a virus, since the two main vectors are being cut out. The most common
viruses ?are boot sector infectors, ?like Stoned. ?While these may be able ?to
infect a machine running OS/2, they will not spread from such a machine.
The other interesting development has been in the underground. ?In the race to
create ?the super-duper type viruses, ?they have been trying to write ?complex
viruses. These take longer to write and are usually more buggy. Thus they make
fewer ?viruses. ??In ?order to brag, ?they publish the viruses ?in ?electronic
magazines, and make them available for download on virus exchange BBS's. ?This
means ?that they end up in the hands of anti-virus authors, ?before they ?have
had a chance to spread widely. Thus the AV authors soon include detection, and
the virus does not spread very much.
Many virus exchange BBS's have mostly junk (virus wannabe's) ?available. Since
the ?person ?downloading it only finds out afterwards, ?the spread of ?viruses
from these BBS's is not as bad as it might have been.
There ?also ?seems ?to ?be a growing maturity ?amongst ?some ?members ?of ?the
underground, ?leading to fewer virus writers and viruses. Hopefully, they will
ALL grow up soon.
Cheers, Ian