From: Michael Lorrey (retroman@together.net)
Date: Fri May 29 1998 - 14:55:17 MDT
Bryan Moss wrote:
> Michael Lorrey wrote:
>
> "And it is just as easy to have programs written
> on a CD which automatically run when the CD is
> accessed. This is how viruses get away with their
> mischeif. While AV software may be able to wipe a
> virus on a floppy, a) on a CD there is plenty of
> room for multiple copies to watch over each other,
> and b) a CD cannot be overwritten that easily."
>
> Point B is invalid because of your earlier
> statement:
>
> "If write attempts are made to specific hidden
> read only files, the virus or worm built into the
> software will corrupt enough data to foil the
> tampering attempt, making the software unusable."
>
> Since CD's "cannot be overwritten that easily"
> destroying the data contained on the CD wouldn't
> be an option.
However, since we are talking about serial numbers, in order to escape
the virus guard, you would need to do a straight copy on a dumb copy
device, not on a computer, thus leaving the serial numbers and other
fingerprints intact. When the software is installed, it then becomes
active, and leaves the purchaser open for enforcement actions against
them.
> If you used a small writable sector
> or room on the users HD to store a "no copy" file
> (a method commonly used) it could be just as
> easily changed and wouldn't offer much protection.
> Creating systems of copyright protection in both
> hardware and software on user systems can stop the
> initial "casual" copying of files, but cracked
> versions are released in next to no time. So the
> only option your virus would have is to destroy
> data on the users computer (an option that was
> explored on some software in the late 80's). But
> even then the boot sector of the CD need not be
> run, so none of the viruses would be initialised
> in the first place.
As far as I can tell, any time you put a CD in a drive, or any other
disk in a drive, the drive checks the boot sector of the drive. This is
how you can get a virus from an infected floppy simply by sticking the
disk in the drive. You do not need to 'look at it' in order to give the
virus a go at your system. Granted you could use a specially rigged CD
copying machine, but these are expensive devices, not likely to be owned
by the casual pirate. This cost of entry limits potential pirates to
those with the capital to take the risk. Thus this limits the potential
pirates, and eases enfocement.
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 14:49:08 MST