Just curious, or I may be watching too many Sci-fi movies.
Is it possible that computer virus mutates by itself and exposing to
the public? Computer viruses may originally be instructed by human,
but is it possible that they became out of control and starts attcking
computer without human instruction? .... just like flu and other
viruses that attack human's health.

Mutate by itself, no. Mutate because the code says to, yes. Polymorphic
viruses have been a round for a long time.

--

************************************************

g-w


"aniram" <aniramca@yahoo.com> wrote in message
news:f8269733.0402021359.1e2986f7@posting.google.c om...

In article <MPG.1a88976ec469c0f98a134@news-server.columbus.rr.com>,
void@nowhere.com says...
see, a completely unprovoked linux attack. that which we're not
familiar, we scorn.




"...but they are to large to send by standard means"

you're so full of shit... and that's proof positive.

try doing a bit of research on "polymorphic virus" and learn.

read the last paragraph here:
http://www.winplanet.com/winplanet/reports/1256/1/


--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."

Colonel Flagg <colonel_flagg@NOSOUPFORJ00internetwarzone.org> seems to
think in news:MPG.1a88a9fa40309c90989cbd@news.charter.net:


The short answer is no.

Viruses only do what they are programmed to do. If they attack the
Microsoft script engine for instance, they cannot decide on their own to
attack a disk MBR, without being coded for that function by the original
programmer.

I would imagine that a virus programmed for various attacks would grow
to be too large to be practical as another poster mentioned.

A polymorphic virus does not "mutate itself" but uses an encryption
technique that changes its binary image code in order to get around
antivirus programs that look for virus "signatures" or other patterns
characteristic of the virus like a payload checksum. These are however,
easy to detect by other means, ie, when they hook the system's file
expand code.

-- ipgrunt

On 2 Feb 2004 13:59:51 -0800, aniramca@yahoo.com (aniram) wrote:

The basic concept of a virus is that it is a program that duplicates
itself and spreads. Most don't actually do any damage, but you really
don't want any because they use up system resources.

As another poster has stated polymorphic viruses have been around for
awhile. These mutate their own code so that it looks different and
generally makes itself harder to detect by AntiVirus (kind of like the
common cold).

As far as SciFi visions of intelligent viruses taking over the net and
becoming conscious are concerned. Not with today's technology, because
everything about a virus has to be hard coded. It might be able to
make intelligent decisions about how best to attack a system or what
actions to take, but it all has to be predetermined by the programmer.
And this goes for most forms of modern day AI.

In article <MPG.1a88b55f52a16ac898a137@news-server.columbus.rr.com>,
void@nowhere.com says...

not always. just when I want to be.




--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."

"aniram" <aniramca@yahoo.com> wrote in message
news:f8269733.0402021359.1e2986f7@posting.google.c om...
oh nice one, you just reminded me to code my T-Virus :P

--
Mimic

ZGF0YWZsZXhAY2FubmFiaXNtYWlsLmNvbQ== ( www.hidemyemail.net )
"Without knowledge you have fear. With fear you create your own nightmares."
"There are 10 types of people in the world. Those that understand Binary,
and those that dont."
"He who controls Google, controls the world".

"kulm_nd" <g-w@ComcastREMOVE.net> wrote in message
news:EOzTb.35935$P%1.28434466@newssvr28.news.prodi gy.com...
I seem to remember that two or three years ago, a worm picked up a virus. I
can't remember the name of the worm or the virus. What happened was that the
worm used Word documents on the computer of the victim to hide itself, and
sent itself to addresses it found in the address book. One day, the worm hid
itself in a Word document that contained the virus, and it sent out Word
documents containing the worm and the virus.

Filip

On Mon, 02 Feb 2004 13:59:51 -0800, aniram wrote:

I had an idea for something along the lines of a 'learning virus'
(speaking strictly academically, mind you... I do *NOT* write, nor do I
endorse the writing of, viral code of any sort.)

The basic idea, originally, was to create a database of potential/known
exploits, and use a simple macro language of some sort to define them.
It occurs to me now that something like Nessus would be an ideal engine,
as it is thoroughly researched and frequently updated.

The virus could be a separate entity from this database - checking in
with 'known' database access points for information about how to
fingerprint a given target system and then again to determine the best
attack vectors (or a general spread assuming the system could not be
fingerprinted reliably).

Ultimately, I suppose, to survive and thrive without a dependency on a
static host somewhere the database itself would have to be distributed.
I imagine something like a peer-to-peer network, with each infected host
maintaining a small portion of the database, and multiple redundant
hosts communicating with one another - would probably do the trick. I
mean, once a virus takes off, owned hosts are cheap, right?

The original concept called for the system to attempt (and learn) new
attacks and exploits 'in the wild,' but in retrospect that seems a lot
of work - given that the crucial information (attack vector definitions)
is readily available and in a fairly predictable and machine-readable
format already, from multiple public sources...

Ah, the perils of the idle mind...

koorb <koorb@raiders.co.uk> writes:

]On 2 Feb 2004 13:59:51 -0800, aniramca@yahoo.com (aniram) wrote:

]>Just curious, or I may be watching too many Sci-fi movies.
]>Is it possible that computer virus mutates by itself and exposing to
]>the public? Computer viruses may originally be instructed by human,
]>but is it possible that they became out of control and starts attcking
]>computer without human instruction? .... just like flu and other
]>viruses that attack human's health.

]The basic concept of a virus is that it is a program that duplicates
]itself and spreads. Most don't actually do any damage, but you really
]don't want any because they use up system resources.

]As another poster has stated polymorphic viruses have been around for
]awhile. These mutate their own code so that it looks different and
]generally makes itself harder to detect by AntiVirus (kind of like the
]common cold).

]As far as SciFi visions of intelligent viruses taking over the net and
]becoming conscious are concerned. Not with today's technology, because
]everything about a virus has to be hard coded. It might be able to
]make intelligent decisions about how best to attack a system or what
]actions to take, but it all has to be predetermined by the programmer.
]And this goes for most forms of modern day AI.

The problem is that the attack vectors are few. Ie, a random mutation is
liable to kill the virus because the vector being attacked is not
vulnerable with a random mutation. There is a lot lot less redundancy,
and resistance to change in a computer program than in life (which is
what makes computer programs so fragile.) In life almost any subsystem
can be altered and the organism still survives. In computer programs, if
you randomly alter even one instruction you are liable to get a crash
and the equivalent of death. And a dead host is useless for propagation.

On that special day, aniram, (aniramca@yahoo.com) said...

Not "itself", but there have been variations which were generated by no
human being but the existence of a former, different infection.

Years ago I read about a cross-breed of two Word macro viruses, which
did have a header from one "parent" and the executive part was taken
over from the other "parent". But this virus wasn't very wide spread, as
the components were already known to virus scanners, and the result
would be removed any way.

And then there were the piggybacks. old viruses that came across a mass
mailer worm running in an infected machine, and infecting the worm. So
every time the worm would mass mail, it would spread two infectious
agents at the same time.

Which resulted in virus scanners alarming on a file infector, and
cleaning the worm, but at the same time overlooking it. This happened
last year, mainly with Klez variants, IIRC.


Gabriele Neukam

Gabriele.Spamfighter.Neukam@t-online.de


--
Ah, Information. A good, too valuable these days, to give it away, just
so, at no cost.

Leythos wrote:
Software that can write (and modify) itself is still quite a ways away.
(Skynet anyone?)

Learning programs are generally implemented as rule-based
expert-databases, ie. they build memory but don't modify themselves.

--
Ben M.

----------------
What are Software Patents for?
To protect the small enterprise from bigger companies.

What do Software Patents do?
In its current form, they protect only companies with
big legal departments as they:
a.) Patent everything no matter how general
b.) Sue everybody. Even if the patent can be argued
invalid, small companies can ill-afford the
typical $500k cost of a law-suit (not to mention
years of harassment).

Don't let them take away your right to program
whatever you like. Make a stand on Software Patents
before its too late.

Read about the ongoing battle at http://swpat.ffii.org/
----------------

Jason Eberly wrote:
I was thinking along these lines a couple of years ago. The problem is,
I don't think anybody can update the exploit database indefinitely -
somebody will catch up to them sooner or later.

The bigger the infection, the harder the hunt (and burnings at the stake).

--
Ben M.

----------------
What are Software Patents for?
To protect the small enterprise from bigger companies.

What do Software Patents do?
In its current form, they protect only companies with
big legal departments as they:
a.) Patent everything no matter how general
b.) Sue everybody. Even if the patent can be argued
invalid, small companies can ill-afford the
typical $500k cost of a law-suit (not to mention
years of harassment).

Don't let them take away your right to program
whatever you like. Make a stand on Software Patents
before its too late.

Read about the ongoing battle at http://swpat.ffii.org/
----------------

On Thu, 05 Feb 2004 06:04:04 +0000, Ben Measures wrote:

[snip]
As to the stake burnings, perhaps you are correct - but putting the
genie back in the bottle might be a difficult task regardless of the
fate of the hapless author.

As for the exploit database updates - you wouldn't have to update it,
ever. You just configure the beastie to get them from some of the nice
folks (like Nessus) who constantly update their security scanner script
definitions. And, that seems to be a reasonably stable process, at
least as of this writing.[1]

Slap on something to keep it propagating wildly - say, for example, a
mass mailer routine that, instead of trying to make up a believable
subject line, simply REPLIES to valid correspondence, and to people who
WOULD expect to receive a message from that particular sender with that
particular subject line - and the P.T. Barnum factor would keep it
around for ages, or at least long enough for the next wave of 'zero day'
plugins to come down the pipe.

All of which would be highly annoying, but as far as AI is concerned the
only really interesting thing would be the sort of parasitic
relationship between the worm and the maintainers of the exploit
database. And also marginally between the worm and the otherwise valid
sender/receiver pairs, I suppose...

[1] Of course, one minor change to the way the plugins are distributed
would kabosh the whole affair, or at least force the need for human
intervention. So I guess no Skynet this year...

</ramble>

Jason Eberly wrote:
Heh, a "community-supported" virus of this type would speed up the war
between virus writers and exploit patchers.

This would probably result in one of two states:

A.) The virus runs rampant. Everybody wakes up to the security threat
and implement a rigorous maintenance plan for updating software.
Exploits are eventually rendered ineffective by speedy patching.

B.) The virus runs rampant. Discovered vunerabilities in software are
kept classified and not publicised. Big companies apply the patches
before smaller groups even hear of the vunerability. Viruses boom
amongst the "dirty peasants".

We're at this crossroads already - it'd be interesting so find out where
we'll end up (with or without this virus).

--
Ben M.

----------------
What are Software Patents for?
To protect the small enterprise from bigger companies.

What do Software Patents do?
In its current form, they protect only companies with
big legal departments as they:
a.) Patent everything no matter how general
b.) Sue everybody. Even if the patent can be argued
invalid, small companies can ill-afford the
typical $500k cost of a law-suit (not to mention
years of harassment).

Don't let them take away your right to program
whatever you like. Make a stand on Software Patents
before its too late.

Read about the ongoing battle at http://swpat.ffii.org/
----------------

Ben Measures wrote:

That's not going to happen. It would cut into internet commerce.

Consider Amazon and E-Bay, just for examples; You think they make most
of their money off other big biz?