TIP: Click on subject to list as thread! ANSI
echo: virus_info
to: DAVID DESROSIERS
from: BRANDON PILKINGTON
date: 1997-03-09 20:00:00
subject: RE: GIFS AND VIRUSES
On 5 Mar 97 05:59am, DAVID DESROSIERS wrote to RICK COLLINS:
 -=>> Quoting Rick Collins to David Desrosiers <=-
 dd>> What if the virus is tailored to look for a specific jump
 dd>> sequence in a specific viewing program, and then "load" based on
 dd>> that, and use the jump as a "wave" to ride upon, completing the
 dd>> execution sequence? Wouldn't that work?
 RC>> If the virus is "looking for a specifc jump sequence" then the virus
 RC>> is _already_ loaded, and executing.  Now:  How did the virus get
 RC>> loaded?
 DD>         Ok, let's change that. Let's say the "virus" is not executable,
 DD>         but as it sits in memory, the viewer (which this "virus" is
 DD>         specifically tailored to work with) sees it as a part of
 DD>         itself, like two parts of a whole, or like a plug-in for a
 DD>         browser looking for a stub or jump. It runs that, instead of
 DD>         the one on disk, or the one built into the executable later on.
 DD>         Now, the "virus" isn't really running, but the program that
 DD>         "sees" the viral code as part of itself is running it. I think
 DD>         this could be possible, if viruses were tailored more
 DD>         specifically to specific programs. With the advent of the net,
 DD>         these programs (like mIRC, Netscape, IE, and so on) are being
 DD>         proliferated all over the place, and these intelligent
 DD>         "designer viruses" could then become the rage.
NO. This will not work.
Consider the 'Chinese Box' thing. (If that isn't what it is called, then you
know (Or will know) what I am talking about.
The program opens a file.
It looks at the data it has.
It looks for instructions in the programs code to find out what to do with
this data.
It does what the instructions tell it to do.
The program doesn't execute any code that wasn't already planned.
Kinda like reading something and then saying it out loud... But having no
idea what you just read.
Now, I know there are Macro MS-Word viruses, but that is because MS-Word's
Macro language supports commands to do that... Picture and sound players DO
NOT have this in their 'macro' language. (Where the macro is the data that
the GIF or whatever holds.)
BRANDON PILKINGTON
... Without my ignorance, your knowledge would be meaningless
 * Evaluation copy of Silver Xpress. Day # 167
 * Silver Xpress V4.01
--- PCBoard (R) v15.3/M 5
(1:275/178)
---------------
* Origin: FidoNet: Merlin's Workshop BBS 757-485-0787/7410 Ches.VA
SOURCE: echomail via exec-pc

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.