virus : Java Glossary

*0-9ABCDEFGHIJKLMNOPQRSTUVWXYZ (all)
The CurrCon Java Applet displays prices on this web page converted with today’s exchange rates into your local international currency, e.g. Euros, US dollars, Canadian dollars, British Pounds, Indian Rupees… CurrCon requires an up-to-date browser and Java version 1.8, preferably 1.8.0_131. If you can’t see the prices in your local currency, Troubleshoot. Use Firefox for best results.

virus
A computer program written by a bratty child or a terrorist whose intent is both vandalism and spreading automatically to other computers.
In a Nutshell DNS Changer
Boot track viruses Stuxnet
Exe Viruses Protecting Yourself
ActiveX Viruses Free Anti-virus Software
Worms Configuring
Benign Viruses Futures
Trojan The Catch
Java Links
MS Word

In a Nutshell

Viruses will never hurt you if you follow these five simple rules:
  1. Don’t use Microsoft Internet Explorer. Use some other browser such as Opera.
  2. Don’t use Microsoft Outlook or Outlook Express. Use some other email program such as Thunderbird.
  3. Never open email attachments.
  4. Never put a floppy/CD/DVD in your machine that someone else gave you, unless it was shrink wrapped.
  5. Don’t plug your portable devices into other people’s computers to charge.
  1. Boot track viruses

    infect your hard disk when you accidentally boot while an infected floppy/CD is inserted. My launder utility will kill any boot virus on a floppy, even ones that have not been written yet. My BootSave utility will restore your hard disk boot track that has been infected. However, you must inoculate your disk (make a copy of the intact boot track) by using it before you get infected.
  2. Exe Viruses

    piggy back on exe files. They arrive most commonly as email attachments or on floppy. Sometimes even files you download from websites are infected. They cause no damage until you execute the corresponding file. You can do a directory list safely. You can insert an infected floppy safely (subject to my earlier warning about the sneaky boot track viruses). Norton Antivirus or the McAfee Virus Scan will check all the files on a floppy, all incoming email and all your hard disk files against a weekly updated list of known viruses. The trouble is the kids make them up by the thousands and this technique is defenseless against a brand new virus. Never execute a file that arrives by email, even if it comes from a friend. These are most often infected.
  3. ActiveX Viruses

    These are the most dangerous of all because you can pick them up just browsing the Internet. Turn off ActiveX and only turn it on when dealing with a site you are absolutely sure is trustworthy. Turn off the autodownload feature as well. The CometCursor virus is the world’s first commercial virus that spreads itself by this technique. It does no harm other than make your cursor look like Nelson Mandela’s head, but it installs itself without your permission. It is very hard to kill once you are infected.
  4. Worms

    Worms manage to spread without actually attaching themselves to executable files. They typically use the Swiss cheese security in Microsoft Outlook to spread themselves by sending email to everyone in the address book. This can cause a chain reaction than can shut down the mail system, even of those who have solid virus protection. Well-known people just get swamped by incoming garbage emails.
  5. Benign Viruses

    A virus that just puts up some silly message but does no damage.
  6. Trojan

    is a virus that just does damage, but makes no special attempt to spread itself. It may masquerade as a silly game, but will erase everything on your hard disk.
  7. Java Viruses

    There are no known Java viruses, that piggyback on class or jar files, though in theory they are possible. The Applet security system makes it impossible for virus to infect your system via Java Applets you run in your browser. However, their is one called Reveton.N that exploits a hole int the Applet security. It took Oracle months to nail it.
  8. MS Word

    There are some lesser viruses which can hide inside Microsoft word documents in the form of autorun macros.

DNS (Domain Name Service) Changer

Some Estonians came up with a clever idea for a virus that has infected about 50% of business machines. It inserts a fake DNS server. So when you go to your bank, it takes you instead to a fake bank site, where you give your credentials. If your DNS stops working on 2012-07-09. That is when the FBI (Federal Bureau of Investigation) takes down servers designed to keep infected machines running.

Stuxnet

Stuxnet was a very sophisticated virus, presumably created by combined efforts of the American and Israeli governments to sabotage the Iranian nuclear fuel concentration lab. It used multiple unreported OS (Operating System) vulnerabilities, costing about $100,000 each on the black market. It worked by sabotaging the software that controlled centrifuges to make them spin so fast they damaged themselves. The assumption is USB (Universal Serial Bus) flash drives containing the software were dropped near the facility. Some idiot put one into a secure computer looking for pornographic pictures. If the Iranians had known what was coming, they could have protected themselves by putting the programming for the centrifuge controllers into ROM (Read Only Memory) which could not be tampered with using viruses. To create such a virus the authors had to know what sort of computers and operating system the Iranians were using. They also needed the operating manuals for the centrifuge controllers.

The Americans exploited detailed information of the Iranian equipment. In a similar way, the Chinese can exploit their extremely detailed knowledge of US weapons systems, since they are the ones who do so much of the manufacture.

Vocabulary

I need to learn the following vocabulary:

anti-virus

anti-malware

anti-spyware

anti-exploit

anti-ransomware

Protecting Yourself

  1. Don’t open or run any email enclosures except *.gif, *.jpg, PDF (Portable Document Format), TXT, HTML (Hypertext Markup Language) and JAVA.
    EXE, COM (Component Object Model), BAT (Batch), DOC and OCX (Object linking and embedding (OLE) Control extension) are the most dangerous.
  2. Avoid putting floppies or USB flash drives from outside your shop into any of your machines. If you must, scan them with a virus checker first.
  3. Run a nightly virus scan such as Norton Antivirus or Windows Security Essentials (free) using freshly updated virus definitions. The most dangerous and plentiful viruses the brand new ones.
  4. A good virus scanner should be mulit-thread for speed, but also let you choke it down so it puts light load on your system when you are trying to use it.
  5. Don’t surf the web with Internet Explorer unless you disable ActiveX first.
  6. Don’t install software unless it comes from a reputable source. Avoid installing any software you don’t absolutely need.
  7. Make sure your Internet connection goes through a firewall.
  8. Don’t let people use any of your machines who you can’t trust to follow these rules.
  9. If you become infected, get help quickly from someone who knows what to do. If you don’t know what you are doing, you can easily lose all your data and easily reinfect yourself. You must disinfect and/or protect yourself from reinfection from every single floppy, CD (Compact Disc) burned, backup tape, USB, SSD (Solid State Disk), ZIP drive…
  10. Never click on a pop up that claims your computer has a virus.
  11. Don’t click on links or attachments in e-mails even from people your know unless there are techo-savvy.
  12. Turn on your browser’s pop-up blocking feature.
  13. Never download anti-virus software from a pop-up or link sent to you in an e-mail.
  14. If you’ve received a scareware message, please contact your local police office and the Canadian Anti Fraud Centre (1-888-495-8501) to report it.
  15. Turn off Java Applets unless you are visiting trusted site. This is a temporary security measure that should soon be relaxed.
  16. Turn off JavaScript unless you are visiting trusted site.

Free Anti-virus Software

AV (Anti-Virus) Originally there were only three free Antiviruses, but now almost every company offers a stripped down free version. Most companies now also offer a premium edition and an Internet edition (which is actually a firewall). You have to read the websites carefully to discover the differences in features and price. Consider that reviews might be talking about the super premium plus edition, where you are interviewing for the entry level one. I have a long memory for companies that good or evil. I think these three original free vendors deserve continued support:

Microsoft has Defender bundled with Vista, W2008, W7-32, W7-64, W8-32, W8-64, W2012, W10-32 and W10-64. It is automatically and frequently updated. I don’t know why it is not considered a proper anti-virus program.

Microsoft plans to release a free virus checker code named Morro. Perhaps it will just be Defender ported to the older operating systems. This should save MS money on phone support. Much the way vaccination works, it should greatly reduce incidence the of viruses by removing sources of infection.

Configuring

In addition to a batch scan of the entire hard disk, a virus scanner will often by default install all manner of continuously running protection including, Instant Messenger, email, network, Outlook, P2P, web, and standard (check or every read/write/execute of disk). Viruses cannot hurt you unless you execute them. So as long as you never run email enclosures and run a batch scan every once in a while you should be OK. You might set up a scan on mail in and out since that is fairly low overhead and is the source of most viruses. A standard check will slow your machine to a crawl and buys you little extra security. If you download software, it would not hurt to scan it for viruses, though reputable download sites like Tucows do that for you.

Rant

The current way of stopping viruses is incompetent. Its purpose is to force customers to keep paying over and over for virus protection. It works analogously to an airport security system that checks the id of every incoming person and looks it up in a databank of known terrorists. There are no inspections, no profiling, no X-rays. There are no restrictions on terrorists getting into sensitive areas. Further, if a known terrorist wears a disguise they can past the gate too. The way terrorists get into the database is to be caught red-handed causing damage, then their twins or clones are also excluded. The lists are broadcast to other airports. The terrorist organisations can easily defeat the system by sending new agents or old agents in disguise.

Futures

What could be do that would effectively stop viruses in their tracks?

The current way of stopping viruses is stupid. It requires identifying every possible virus, then looking specifically for each one. This is like shutting the barn door after the horse has fled. Further, the brats can invent new viruses faster than they can be found and identified. It is only a matter of time until someone uses AI (Artificial Intelligence) to manufacture millions of new viruses a day, which will overwhelm all the attempts at cataloging them. Virus companies persist in this inept strategy because it locks in customers who need a new version of the software daily. The torrent of new viruses means small companies cannot compete.

Viruses could be stopped in their tracks, including future viruses, simply by enforcing a rule that all executables, including OS modules, be digitally signed by their authors, the same way the Java Applets are. Then a virus can be detected simply by verifying the digital signature. It is all but impossible for a virus to cook up a valid digital signature for an executable it has modified. If vendors posted the originals, digitally signed, then any contaminated modules could be automatically restored without human intervention. This would not stop Trojans, but it does identify who created them, making prosecution and civil legal action easy. The problem is half-assed anti-viral utilities that require constant updates are big business. They don’t want a solution that works once and for all.

One interim solution would be to have disk partitions or SSDs (Solid State Disks) that were read-only. You would put your executables and DLLs (Dynamic Link Libraries) there, (or rather installs would.) Access would be by password, good only for one install instance. They would all have digital signatures, or at least digests, that would be checked on copying in. This would make it very difficult for a virus to modify an executable. The problem is, it would require all vendors to digitally sign executables and use the API (Application Programming Interface) to install executables and other files on different drives. The most important vendor to comply would be Microsoft, who currently puts all its data and executables on C:

You could institute a rule that an executable could only be updated by an install program digitally signed by the same author. By default, files could not be updated except by a program digitally signed by the same author as the program that created it. Programs would have to explicitly export files before programs written by other authors could modify them.

The Catch

PC (Personal Computer) Pitstop PC Matic aka Supershield stops every unknown executable, whether it carries a known virus or not. This is great for catching new unknown viruses, but has two serious problems:

  1. If you use unusual software, the sort that businesses use, rather than individuals and home offices, those executables will not be on the white list and they will be stopped.
  2. If you are a program developer, you may be creating hundreds of new executables, or variants on old executables in a day. Supershield will stop them all. There is no mechanism to automatically mark them as safe as part of the build process.
Adware Cleaner
Alwil Avast! Free
Alwil Avast! Internet Security
Alwil Avast! Pro Antivirus
av-comparatives.org: compares anti-virus software
AVG Anti-Virus Free
AVG Internet Security
Avira Antivirus Premium
Avira Internet Security
Bitdefender Antivirus Plus: Editor’s Choice 2011, AVAV Test Choice 2012-05
BitDefender free
Bitdefender Internet Security
Bitdefender Total Security: PCMag editor’s choice 2013, AVAV product of year 2012
Browser Hijacking Symptoms
Clam Antivirus
CometCursor
Defender
Denial Of Service attack
Dr. Web for Windows
Emisoft Antimalware
Emisoft Free Antimalware
Emisoft Internet Security
eScan Anti-Virus
ESET Cybersecurity for Mac
ESET NOD32 Anti-Virus
ESET Smart Security
extortionware
F-Prot for Unix/Linux
F-Prot for Windows
F-Secure Anti-Virus
F-Secure Internet Security
Fortinet FortiClient 3.0
IOBit: free and pro versions
Java security
Kaspersky Anti-Virus
Kaspersky Internet Security
Kaspersky: ten different anti-virus products, : winner of C-Net Editor’s Choice 2007
Lavasoft Ad-Aware Free Internet Security
malvertisement
malware
Malwarebytes Anti-Malware
Malwarebytes Junkware Removal Tool
McAfee Anti-Virus Plus
McAfee Internet Security
McAfee Total Protection
McAfee VirusScan
Microsoft Security Essentials: free
Microsoft’s List of Antivirus Programs
NormanVirus Control
Norton 360
Norton AntiVirus: Editor’s Choice 2010
Norton Internet Security
Panda Antivirus
PC PitStop PC Matic antivirus: suite including defragger, registry cleaner…
PC-cillin
Preventing browser attack
rootkit
scareware
Sophos Sweep
SpyGuard: free, claims to block websites spying on you
spyware
Stuxnet
Top Ten Antivirus Programs: like Vipre
Trend Micro Titanium Antivirus Plus
Trend Micro Titanium Internet Security
Trend Micro Titanium Maximum Security
Trojan
Vipre Antivirus
VirusTotal: free web service to test a single file for viruses using 53 virus scan programs
Webroot Secure Antivirus: PC Mag editor’s choice 2011 and 2012
Webroot Secure Anywhere Complete also locates laptop if stolen and password database
Webroot Secure Anywhere Essentials
Winpatrol: tool to help manually detect crapware
worm
zombie

This page is posted
on the web at:

http://mindprod.com/jgloss/virus.html

Optional Replicator mirror
of mindprod.com
on local hard disk J:

J:\mindprod\jgloss\virus.html
Canadian Mind Products
Please the feedback from other visitors, or your own feedback about the site.
Contact Roedy. Please feel free to link to this page without explicit permission.

IP:[65.110.21.43]
Your face IP:[34.236.152.203]
You are visitor number