On 01 Mar at 07:36, David Desrosiers of 1:320/2600 wrote to Chris Maddock:
DD> -=> Quoting Chris Maddock to Andrew Swinn <=-
CM>> The file is =read= and not executed. It is data only.
CM>> It is possible to "hide" a virus in a GIF file. The "why" escapes me.
CM>> It would need to be extracted by a separate custom made program.
DD> OR, unless the person that wrote the original source can just tailor
DD> it to "run" the code once the graphic viewer (determined in advance) is
DD> invoked to view the graphic. If someone wanted to, they could "embed" 
code 
DD> in their image file, and then customize it to the point where it 
interacts 
DD> with Graphic Workshop for example, will read the file, and then "load" 
he
DD> executable code within the file. As long as the person isn't receiving it 
DD> as a graphic, they can be sure that they're going to be infected. Simple, 
DD> but difficult.
Possible but it is just conjecture. It wouldn't be a virus either by your 
description, but a dropper at best.
The chances of it succeeding are remote at best and near impossible in 
reality.
(In *my* opinion of course.)
However, assuming what you say is true. The chances of a virus writer doing 
it this way are extremely remote. Why do this to a GIF viewer when there are 
many more programs much more used ?
No. Impractical and near impossible to ensure that the user gets both the 
viewer *and* the "doctored" GIF as well. Too easy to find too.
Regards,
Chris Maddock
chrism@softtech.brisnet.org.au
--- Msged/386 4.00
---------------