The Software Syndrome
This week a new virus appeared on IBM computer - "AIDS" - how long before one appears in your music system? Vic Lennard looks at viruses and how you can avoid them.
ONE OF THE HORRORS OF THE '80S THAT'S GOING TO BE WITH US THROUGH THE '90S IS THE COMPUTER VIRUS; IT AFFECTS EVERYONE USING COMPUTERS IN BUSINESS AND AT HOME. YOUR ONLY PROTECTION IS KNOWLEDGE; NOW READ ON...
"IT WOULD APPEAR LIKELY THAT ONCE SIGNUM HAS CARRIED OUT ITS DASTARDLY DEED IT ERASES ITSELF, BECAUSE NO-ONE HAS YET TRACKED DOWN A COPY OF THE KEY CODE."
SOME VIRUSES ARE innocuous and have obviously been written as a practical joke. The Ghost virus keeps count of how many times it has been transferred and after the fifth copy it reverses the vertical motion of the mouse - up becomes down and vice versa. The Mad virus uses a similar counter and then selects one of eight different routines. Seven of these cripple the screen display while the eighth creates a tune. These routines cause delays and may cause your computer to crash but no permanent damage is done.
Other viruses are not as friendly and have a more sinister intent. A virus called ACA keeps a ten copy counter and then destroys the boot sector, FAT and Directory of every disk inserted into the computer. Another called BHP wipes the boot sector and then leaves its calling card - "VIRE 87".
Some viruses check the ROM of the computer and only become active when they find one with a particular date. Consequently they will only be found when working with certain computers. Anything to add to the randomness of the situation which makes it more difficult to check the spread of a virus.
TOWARDS THE END of 1987, the Virus Destruction Utility (VDU) appeared. This was a program which could check for the calling cards of several viruses and erase the program code. Any such program would have to deal with two problems: how do you tell the difference between the virus program in the boot sector and an executable program which is part of the main data on the disk, and how can you immunise a disk so that it cannot be hit by the same virus again?
The first is simple. Wipe all code from the boot sector and then re-write the code that should be there. The latest version of VDU (now distributed by CRL in the UK and called Virus Killer) can repair over 150 boot sectors from commercial software - typically games.
Immunising a disk is more difficult. You need to know precisely what a virus is looking for when it determines whether or not to duplicate itself. In the case of Signum, leaving the first two bytes on the boot sector fools it into believing that the rest of the code is still on the disk when it has actually been erased. CRL's Virus Killer can currently recognise and destroy 24 known boot sector viruses, five link varieties and can check the internal system of your computer to tell you whether a virus is lurking in there.
George Woodside in America has been tracing and destroying viruses for some years now and also has a piece of public domain software written by himself, called VKiller. This program not only allows you to check your disks for viruses but will also give you the format of the disk - sides, number of tracks and sectors and so on. It does have two shortcomings - it doesn't recognise a boot sector containing the Atari operating system for those who boot up their Atari from disk (it tells you the disk may be dodgy - too true) and it doesn't immunise a disk once it has evaporated the code for the virus. Nevertheless, it is extremely easy to use and can be obtained through Music Technology - refer to the end of this article for details.
The biggest problem with both these programs is that they cannot check the boot sectors of hard drives. Certain viruses, including Signum, will write themselves to your hard drive if they have had the chance to virus the disk that you keep in the floppy drive when you boot up.
"A WANDER AROUND LONDON'S PRINCIPAL MUSIC STORES SHOWED THAT A LOT OF COPIES OF MASTER DISKS, WHICH ARE USED FOR DEMONSTRATION PURPOSES, WERE VIRUS INFECTED."
THE OBVIOUS PRECAUTION to take against "contracting" a virus is to keep the write protect tab on your disks open. Unfortunately, this makes saving data to disk a bit awkward. Alternatively, the thing to do is to get a virus killer and check your entire disk collection, "killing" whatever viruses you may find there. This must be followed up by checking every new disk which is to be loaded into your computer before you load it. Alternatively, you can keep a boot-up disk which you know is clean and always start with this. If necessary, turn the computer off for 15 seconds or so to ensure that anything held in memory has been erased.
To put it in a nutshell, unless you boot up with a virused disk the virus cannot execute itself and so is very unlikely to be able to copy itself into your computer. A clean boot disk is imperative.
While too many people are apathetic about the danger of computer viruses, others are inclined to cry "Virus!' whenever anything unusual happens to their computer. Imagine that you are booting up with your usual disk and that when the desktop appears, the names under the icons are gibberish. A virus?
Probably not; it's more likely to be a faulty disk - perhaps surface coating is bad or it's been affected by a magnetic field. This type of occurrence is far more likely and could give the same results. Software copy protection could also be the culprit. A standard disk has 80 tracks but can be formatted with up to 83 on some computers. However, Atari only guarantee 80 tracks for their disk drives. For example, Steinberg's Twelve sequencing software used track 81 for its copy protection, meaning that some computers couldn't load up the program. Dr Tirric - a cheap, speech-synthesised piece of software has a routine built in which will burn out one of the Atari ST chips if you attempt to run a pirate copy.
ONE OF THE most efficient devices for spreading viruses is the modem - this effectively networks a group of computers together. An American software house, on hearing that a hacked version of one of their programs was on a bulletin board, downloaded it via modem for examination and promptly wrote a virus to their hard drive.
There is little doubt that computer viruses are here to stay. What is needed is public awareness of the situation - hence this article. The problem is certainly expanding. George Woodside estimates that he gets around 40 disks a week from people who suspect that they have discovered a new virus. If only a small proportion of these are accurate then we have trouble with a capital "T" because to protect against a virus, you need to know what that virus does. The worst possible attitude is one of complacency.
Now that the research for this article is complete, I can reconnect my hard drive...
Thanks to George Woodside for help in compiling this article.!
Reading: Computer Viruses - a high-tech disease by Ralf Burger. (Abacus - Data Becker) £17.45.
Feature by Vic Lennard
Previous article in this issue:
Next article in this issue:
mu:zines is the result of thousands of hours of effort, and will require many thousands more going forward to reach our goals of getting all this content online.
If you value this resource, you can support this project - it really helps!