virus : Java Glossary

In a Nutshell

1. Boot track viruses

   infect your hard disk when you accidentally boot while an infected floppy is inserted. My launder utility will kill any boot virus on a floppy, even ones that have not been written yet. My BootSave utility will restore your hard disk boot track that has been infected. However, you must inoculate your disk (make a copy of the intact boot track) by using it before you get infected.

2. Exe Viruses

   piggy back on exe files. They arrive most commonly as email attachments or on floppy. Sometimes even files you download from websites are infected. They cause no damage until you execute the corresponding file. You can do a directory list safely. You can insert an infected floppy safely (subject to my earlier warning about the sneaky boot track viruses). Norton Antivirus or the McAfee Virus Scan will check all the files on a floppy, all incoming email and all your hard disk files against a weekly updated list of known viruses. The trouble is the kids make them up by the thousands and this technique is defenseless against a brand new virus. Never execute a file that arrives by email, even if it comes from a friend. These are most often infected.

3. ActiveX Viruses

   These are the most dangerous of all because you can pick them up just browsing the Internet. Turn off ActiveX and only turn it on when dealing with a site you are absolutely sure is trustworthy. Turn off the autodownload feature as well. The CometCursor virus is the world’s first commercial virus that spreads itself by this technique. It does no harm other than make your cursor look like Nelson Mandela’s head, but it installs itself without your permission. It is very hard to kill once you are infected.

4. Worms

   Worms manage to spread without actually attaching themselves to executable files. They typically use the Swiss cheese security in Microsoft Outlook to spread themselves by sending email to everyone in the address book. This can cause a chain reaction than can shut down the mail system, even of those who have solid virus protection. Well-known people just get swamped by incoming garbage emails.

5. Benign Viruses

   A virus that just puts up some silly message but does no damage.

6. Trojan

   is a virus that just does damage, but makes no special attempt to spread itself. It may masquerade as a silly game, but will erase everything on your hard disk.

7. Java Viruses

   There are no known Java viruses, that piggyback on class or jar files, though in theory they are possible. The Applet security system makes it impossible for virus to infect your system via Java Applets you run in your browser.

8. MS Word

   There are some lesser viruses which can hide inside Microsoft word documents in the form of autorun macros.

Protecting Yourself

1. Don’t open or run any email enclosures except *.gif, *.jpg, PDF (Portable Document Format), TXT, HTML (Hypertext Markup Language) and JAVA.
   EXE, COM (Component Object Model), BAT (Batch), DOC and OCX (Object linking and embedding (OLE) Control extension) are the most dangerous.
2. Avoid putting floppies from outside your shop into any of your machines. If you must, scan them with a virus checker first.
3. Run a nightly virus scan such as Norton Antivirus using freshly updated virus definitions.
4. Don’t surf the web with Internet Explorer unless you disable ActiveX first.
5. Don’t install software unless it comes from a reputable source. Avoid installing any software you don’t absolutely need.
6. Make sure your Internet connection goes through a firewall.
7. Don’t let people use any of your machines who you can’t trust to follow these rules.
8. If you become infected, get help quickly from someone who knows what to do. If you don’t know what you are doing, you can easily lose all your data and easily reinfect yourself. You must disinfect and/or protect yourself from reinfection from every single floppy, CD (Compact Disk) burned, backup tape, ZIP drive…

Free Anti-virus Software

AV (Anti-Virus) Originally there were only three free Antiviruses, but now almost every company offers a stripped down free version. Most companies now also offer a premium edition and an Internet edition (which is actually a firewall). You have to read the websites carefully to discover the differences in features and price. Consider that reviews might be talking about the super premium plus edition, where you are interviewing for the entry level one. I have a long memory for companies that good or evil. I think this three orginal free vendors deserve continued support:

• Alwil Avast. The home version is free. You get it free for the first 60 days just by downloading, then you register your email address to get it free for a further 12 months at a time. This is not explained anywhere. I found out by emailing for clarification. It is comprehensive with a ridiculously complicated toggling user interface designed like a child’s Transformer toy with secret compartments. I suggest downloading one of the more adult skins which are a bit more intuitive. The company is Czech. Avast detects viruses, and can sometimes repair them. It has also has a checksum scheme to detect virus infection by unknown viruses. Avast has bigger brothers. Avast is a bit braindamaged in that it scans the recycle bin for viruses finding infected files you have already deleted. I have been unsuccessful at installing it on Vista, though it worked fine on W2K/XP. Alwil has ignored my emails.
• Clam Antivirus and the ClamWin front end. It is run by a team of unpaid volunteers who are rather impatient with anyone who does not understand and follow their undocumented rules. Clam just finds viruses. It does not remove them. All you can do is delete infected files.
• Kaspersky online. The off-line version is not free. The online version requires IE (Internet Explorer) because it is an Active-X program. It quite thorough, reporting programs with security vulnerabilities as well as actual malware. Unfortunately, it refuses to believe you when you tell it there is a false alarm. It insists on blocking you any time you run or use that program in any way. Further, it insisted on fixing what it considered my unwise use of Take Command even though I told it not to.

Microsoft plans to release a free virus checker code named Morro. Perhaps it will just be Defender ported to the older operating systems. This should save MS money on phone support. Much the way vaccination works, it should greatly reduce incidence the of viruses by removing sources of infection.

Configuring

Serious Solutions

Viruses could be stopped in their tracks, including future viruses, simply by enforcing a rule that all executables, including OS (Operating System) modules, be digitally signed by their authors, the same way the Java Applets are. Then a virus can be detected simply by verifying the digital signature. It is all but impossible for a virus to fake a digital signature for an executable it has modified. If vendors posted the originals, digitally signed, then any contaminated modules could be automatically restored without human intervention. This would not stop Trojans, but it does identify who created them, making prosecution and civil legal action easy. The problem is half-assed anti-viral utilities that require constant updates are big business. They don’t want a solution that works once and for all.

One interim solution would be to have disk partitions or SSD (Solid State Disk)s that were read-only. You would put your executables and DLL (Dynamic Link Library)s there, (or rather installs would.) Access would be by password, good only for one install instance. They would all have digital signatures, or at least digests, that would be checked on copying in. This would make it very difficult for a virus to modify an executable. The problem is, it would require all vendors to digitally sign executables, and use the API (Application Programming Interface) to install excutables and other files on different drives. The most important vendor to comply would be Microsoft, who currently puts all its data and executables on C: