![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
valiskeogh.livejournal.com posting in ![[community profile]](https://www.dreamwidth.org/img/silk/identity/community.png){kind=small}
techrecoveryhere is a little something i wrote yesterday, presented here for discussion:
Calling all virus writers, please prepare for armageddon!
i do believe it’s PAST time to go back to the good old days of virus writing. and i’m hoping that SOME of you miscreants out there here this, and get to work.
BACK IN THE DAY, viruses were BAD things. i mean really bad things. they were designed to bring your computer to it’s knees, disable it, destroy the OS, FORCE a format and reinstall, and basically shut you down for a day at least.
they corrupted files, deleted system files, and even destroyed the BIOS turning your computer really into a very large paperweight. OH HOW I LONG FOR THOSE DAYS!!!!
let me explain to you WHY i long for those days.
THESE days viruses have a completely different purpose all together. they dont destroy computers, they USE them. use them to propagate more viruses, use them to turn the computer into a spam gateway, and turn the computer into a little virus factory spewing out more viruses, as well as REAMS of spam messages.
and lemme tell ya, people are no more computer literate today than they were 15 years ago. back when i was all about DOS and BASIC, i knew those people who didn’t have a CLUE what to do when they sat at a computer, and GUESS WHAT? those same people STILL haven’t a clue.
PROBLEM IS, that your basic computer back THEN was 2000.00- 3000.00 dollars. people who had them, KNEW what they were doing with them. NOT SO TODAY.
TODAY any tom dick or harry can run down to walmart, pick up a computer for a few hundred dollars, take it home, jump online in 10 minutes, and in 20 minutes become infected and start to pump out the spam. it’s happening all over. some of the more successful viruses are ones that use PASSWORD PROTECTED zip files. yes, a user must save the zip file, open it, put in the password, and run the executable to infect themselves. THEY STILL DO THIS.
if you are THAT determined to infect yourself, then really, you DESERVE what you get.
so this is my challenge to you virus writers out there. GO BACK TO THE GOOD OLD DAYS!!! make viruses that DESTROY the computer they infect!! PLEASE!!!
why? to STOP these stupid people from getting the viruses that will just turn them into little spam factories of course!
face it, if you infect yourself with a virus in a zip file, you really will double click on ANYTHING now wont you?
think of the GOOD that this can do! think of all those IDIOTS out there, with no firewalls, no antivirus. think of them pumping out spam for some russian conglomerate. then think of them opening YOUR virus, the GOOD OLD DAYS virus. your virus uses it’s own little smtp engine, sends out several thousand copies of itself to the people in their address book, cause chances are, their friends are just as daft as they are. then after 2-3 days or so of this, DESTROY THE COMPUTER. delete com files, delete executables, delete dll files, hell freaking format the machine while you are at it.
boom, that little spam factory is disabled!! spam levels decrease!
AND BETTER YET, the computer user is now AWARE of the danger of viruses. sure they will have to shell out a few bucks to have some tech come over and format and reinstall the OS, but MAYBE, just MAYBE they will be a BIT more aware of what they click on in the future.
trust me, you’ll be doing the WORLD a great service. if isp’s aren’t going to do anything to stop these zombie computers, maybe a “benevolent” virus writer can.
valis
http://www.helpdeskhell.com
http://www.jackosuicidewatch.com
http://www.valissoft.com
Calling all virus writers, please prepare for armageddon!
i do believe it’s PAST time to go back to the good old days of virus writing. and i’m hoping that SOME of you miscreants out there here this, and get to work.
BACK IN THE DAY, viruses were BAD things. i mean really bad things. they were designed to bring your computer to it’s knees, disable it, destroy the OS, FORCE a format and reinstall, and basically shut you down for a day at least.
they corrupted files, deleted system files, and even destroyed the BIOS turning your computer really into a very large paperweight. OH HOW I LONG FOR THOSE DAYS!!!!
let me explain to you WHY i long for those days.
THESE days viruses have a completely different purpose all together. they dont destroy computers, they USE them. use them to propagate more viruses, use them to turn the computer into a spam gateway, and turn the computer into a little virus factory spewing out more viruses, as well as REAMS of spam messages.
and lemme tell ya, people are no more computer literate today than they were 15 years ago. back when i was all about DOS and BASIC, i knew those people who didn’t have a CLUE what to do when they sat at a computer, and GUESS WHAT? those same people STILL haven’t a clue.
PROBLEM IS, that your basic computer back THEN was 2000.00- 3000.00 dollars. people who had them, KNEW what they were doing with them. NOT SO TODAY.
TODAY any tom dick or harry can run down to walmart, pick up a computer for a few hundred dollars, take it home, jump online in 10 minutes, and in 20 minutes become infected and start to pump out the spam. it’s happening all over. some of the more successful viruses are ones that use PASSWORD PROTECTED zip files. yes, a user must save the zip file, open it, put in the password, and run the executable to infect themselves. THEY STILL DO THIS.
if you are THAT determined to infect yourself, then really, you DESERVE what you get.
so this is my challenge to you virus writers out there. GO BACK TO THE GOOD OLD DAYS!!! make viruses that DESTROY the computer they infect!! PLEASE!!!
why? to STOP these stupid people from getting the viruses that will just turn them into little spam factories of course!
face it, if you infect yourself with a virus in a zip file, you really will double click on ANYTHING now wont you?
think of the GOOD that this can do! think of all those IDIOTS out there, with no firewalls, no antivirus. think of them pumping out spam for some russian conglomerate. then think of them opening YOUR virus, the GOOD OLD DAYS virus. your virus uses it’s own little smtp engine, sends out several thousand copies of itself to the people in their address book, cause chances are, their friends are just as daft as they are. then after 2-3 days or so of this, DESTROY THE COMPUTER. delete com files, delete executables, delete dll files, hell freaking format the machine while you are at it.
boom, that little spam factory is disabled!! spam levels decrease!
AND BETTER YET, the computer user is now AWARE of the danger of viruses. sure they will have to shell out a few bucks to have some tech come over and format and reinstall the OS, but MAYBE, just MAYBE they will be a BIT more aware of what they click on in the future.
trust me, you’ll be doing the WORLD a great service. if isp’s aren’t going to do anything to stop these zombie computers, maybe a “benevolent” virus writer can.
valis
http://www.helpdeskhell.com
http://www.jackosuicidewatch.com
http://www.valissoft.com
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
no subject
Date: 2005-05-11 03:15 pm (UTC)fuck yes. As opposed to shitheads who end up with broadband so choked with upstream pouring out that it runs the speed of a 9600 baud modem.
And they say "gee, running a little slow today..." and DON'T NOTICE.
*stabstabstabstab*
Bugger that. Let's write a virus that makes the computer jump up, kick the user in the balls and run into the street screaming "THEY DON'T DESERVE MEEEEE!!"
no subject
Date: 2005-05-11 03:22 pm (UTC)If I were one of those (and I'm not, because the thought of coding something makes me run and hide from the eeevil pointers), I'd write one of those password ZIP file things...if someone were foolish enough to open it, two things would happen:
1. Their Internet access would be irreparably scrambled, and
2. Their OS would be rewired to display sarcastic, condescending and just generally insulting messages in place of the normal "This program has performed an illegal operation" and "Would you like to save" things, to name two.
Now if only there was a way to take out their phones so they wouldn't bother Tech Support as easily...
no subject
Date: 2005-05-11 03:26 pm (UTC)I agree, but please wait to do this until after I quit my tech-support job.
Thanks!
Love,
LinguaFranca
no subject
Date: 2005-05-11 03:30 pm (UTC)Install a LSP plug in (like the kind that NewdotNet does), then delete the DLL that the registry refers to. Viola! no more network access for you!
and then afte a few days overwrite the directory structure tables.
no subject
Date: 2005-05-11 03:33 pm (UTC)Opened format.me.exe?
Yeah ..
Yeah...
Well, sorry sir, that virus wipes you system clean. You'll just have to re-install Windows, or you can bring it in and we can reinstall it for you.
Uhm ..support you installing windows?
Sorry you will need Microsoft to help you with that.
*click*
no subject
Date: 2005-05-11 03:40 pm (UTC)no subject
Date: 2005-05-11 03:45 pm (UTC)only had a few where someone had royally screwed up their machines like that, but they were gold.
also kept the 1800 number for MS on hand to refer people to, knowing full well the hell they were about to go through
no subject
Date: 2005-05-11 04:01 pm (UTC)no subject
Date: 2005-05-11 04:04 pm (UTC)We actually have a LSP fix tied on an IP we point customers to with a polite "now fuck off and stop installing Kazaa you moron"
no subject
Date: 2005-05-11 04:06 pm (UTC)Corrupt the BIOS, fuck the MBR, and send a few random voltage spikes about. Also set the CPU fan to die in the bum, but the internal temperature sensor to report all's good so there's no automatic shutdown....
*FOOM!*
no subject
Date: 2005-05-11 05:00 pm (UTC)no subject
Date: 2005-05-11 05:01 pm (UTC)no subject
Date: 2005-05-11 05:01 pm (UTC)no subject
Date: 2005-05-11 05:01 pm (UTC)no subject
Date: 2005-05-11 05:02 pm (UTC)that opens up possibilities...
no subject
Date: 2005-05-11 05:03 pm (UTC)no subject
Date: 2005-05-11 05:03 pm (UTC)no subject
Date: 2005-05-11 05:15 pm (UTC)no subject
Date: 2005-05-11 06:43 pm (UTC)no subject
Date: 2005-05-11 07:16 pm (UTC)no subject
Date: 2005-05-11 07:17 pm (UTC):)
no subject
Date: 2005-05-11 09:10 pm (UTC)However, a virus that could do both, do it's bidding for its scriptkiddie master and destroy the system when remotely given a certain command or another objective is reached (such as a virus scanner finding a 'leader file' or something similar, before hitting the real virus file group), it would do all those wonderfully horrible things.
But the owner won't get it. They never do. They must be educated, or the virus must not be caught by those who profit off of user stupidity.
I have much more faith in seeing the user educated, that is to say 'not much'.
Sefl-destructing zombies?
Date: 2005-05-11 09:22 pm (UTC)no subject
Date: 2005-05-11 09:25 pm (UTC)Re: Sefl-destructing zombies?
Date: 2005-05-11 09:27 pm (UTC)what we need is someone who doesn't care about the cash, or thinks the goal of lowering spam volumes is a better incentive
no subject
Date: 2005-05-11 09:28 pm (UTC)no subject
Date: 2005-05-12 01:05 am (UTC)After infection, the payload would consist of two parts. The first part would collect info (IP, machine name, user name) from other infected machines and present the 'closest' (by IP block) 10 in a popup list to the user every hour or so, with a message saying "These infected computers are slowing down your internet!", and have three option buttons - [Boot 'em!] [Protect me!] [Cancel]
Hitting Cancel would make the payload hibernate for an hour. "Protect me" would connect to Windows Update and download/install all the latest patches, plus the MS antivirus, firewall, etc etc.
The second part of the payload, and the killer app, would be the [Boot 'em!] option. This would send a message to the payloads on the listed machines that would pop up the following message:
"IP/machinename/username is trying to boot you off the internet! [Protect me!] [Boot 'em back!] [Cancel]"
After receiving 100 messages from other machines, the option to retaliate would be removed, leaving only those to either upgrade or hibernate.
If the user ever chooses to "Protect" their machine, the payload will verify that the updates have been installed, the firewall is activated, and the virus scanner is set to run, and then uninstall itself from the machine.
Advantages:
- The payload never does anything the user doesn't tell it to do. This is absolutely paramount.
- Machines without console users (servers etc) will do nothing except leave the popup on the screen for the attention of the site admins.
- The popups would cover the entire screen. Infections by this worm would be immediately obvious, and it would be written to be easily removable.
- The use of closest-IP-block matching on the target list would decrease the inter-block traffic generated by the payload.
- If Windows Update was temporarily unavailable (because, ooh, I don't know, maybe it's being hammered for some reason...), the payload would use exponential backoff and try again later.
- After the initial net-wide armageddon of sniping and patching, a not-insignificant chunk of previously vulnerable machines on the net would be cleaned and patched, hopefully putting a dent in virus, worm, spam and DDOS traffic for a while.
Disadvantages:
- Net bandwidth would probably become saturated for a couple of days. Maybe some kind of co-operative throttling system between the infected machines could limit this, or the machines could share standard MS patch files over a P2P network within their IP blocks.
- Windows Update might become a little slow to respond in the first week or so :)
- All the usual hoopla associated with similar infections, plus media/blog/Slashdot attention due to the light-grey-hat nature of the payload.
- Possible coding errors causing widespread mayhem on non-vanilla systems.
- It's, ya know, not the NICEST way to get people to upgrade and give the net a bit of a cleanup.
- It might generate one or two calls to Tech Support...
no subject
Date: 2005-05-14 04:38 pm (UTC)no subject
Date: 2005-08-02 04:51 am (UTC)