Classic Computer Magazine Archive COMPUTE! ISSUE 94 / MARCH 1988 / PAGE 59

Telecomputing Today

Arlan R. Levitan

The Trojan Wars

Telecomputing and the sharing of public domain data is a way of life for hundreds of thousands of computer users. Unfortunately, a handful of miscreants seem to want to share their misery with the rest of us as well. These antisocial folks write programs intended to wreak havoc on innocent users and their computer systems. Such programs, which masquerade as useful code, are often referred to as "Trojan horses" and have been around for years. As the popularity of modems and downloading public domain programs from computer bulletin boards and information services increases, the chances that the average user will encounter a Trojan Horse also increases.

A nondescript BASIC statement for the Commodore PET is generally credited as being the first Trojan program. The one-line program could actually damage the system's hardware, due to a design flaw in the PET. Since then, most Trojan programs have concentrated on corrupting data stored on disks.

One recent Trojan horse program was even widely rumored to have been created by a less-than-responsible copy-protection firm. The Trojan's description professed that it would remove a particular proprietary copy-protection scheme. Upon invocation, the program would prompt the user to insert the original copy-protected disk and then would erase all disk space that the system could access. After the erasure, a stern lecture on the evils of disobeying the terms of software licenses was displayed.

Computer Virus

"Viruses" are a new variant of Trojan Horse programs that are more difficult to detect and control. When virus programs are run, they typically inject a lethal bit of code into a file or disk location used by your computer's operating system. Viruses even have an "incubation period" which is controlled by a counter within the infecting code. During incubation, the virus will attempt to spread itself to any media that is inserted in or attached to the infected system.

The first microcomputer virus appeared late in 1987 and managed to infect thousands of Amiga computer systems. Thankfully, the Amiga virus was relatively benign. The Amiga virus's mission in life is to write itself to the hidden boot block on Amiga floppy disks, and, after infecting a number of disks, flash the message "Your computer has a virus" on the user's screen. Shortly after the virus was detected, a "cure" program was written that could detect and remove the virus from infected disks (for more on this topic, see "The Amiga Virus," elsewhere in this issue).

It didn't take long for a new, more virulent bug aimed at IBM PCs and compatibles to show up. The PC virus inserts itself onto one of DOS's disk files and goes into incubation. It waits until it replicates itself four times and then attempts to wipe out every file it can lay its binary fingers on.

How To Protect Yourself

So what is the average telecomputer to do? While some may choose to abstain completely from downloading or accepting public domain program files from acquaintances, such behavior is contrary to the norm of the computing community at large. If forswearing shared data is not compatible with your computing style, there are a number of precautions you can take to minimize the danger involved.

1. Know where you're getting your data. Restrict your downloading activity to commercial information services and bulletin boards that you know and trust. While dialing into new and far away systems is a lot of fun, it's often impossible to tell how closely system operators screen their files.

2. Try to be selective. Resist the temptation to immediately grab every new program that comes available. If you insist on being a downloading pioneer, be prepared for the occasional arrow in the back.

3. Take steps to protect your system. Make liberal use of write-protect tabs on your floppies. Hard disks usually cannot be physically write-protected but can often be logically protected by "anti-Trojan" programs that inhibit disk write activity or intercept updates to critical operating system files (ironically, one such "anti-Trojan" has turned out to be a cleverly disguised destructive program).

4. Backup is your best defense. Backup data regularly and keep multiple backups to insure that if you do encounter a virus, you can fall back to a clean operating environment. Keep the original disks from commercial publishers in pristine (write-protected) condition as a base to build upon if all else fails.

All warnings considered, it's important to keep the magnitude of the problem in perspective. In over ten years of regular telecomputing, using many different types of systems, I have encountered only a single Trojan horse program. While the experience of having one of my hard disks wiped clean in early 1986 was decidedly unpleasant, the would-be catastrophe was mitigated to an inconvenience by the availability of a system backup I had luckily made the day before.

Even so, this Achilles has traded his thongs for combat boots and remembers to beware of geeks bearing gifts.