A Special Needs Class

The Little Red Book of Computer Viruses

  • alert
  • submit to reddit

Internet Security Threat Report 2014

The University of Calgary's new course in virus-writing begs the question: is it a cheap publicity stunt or just boneheaded educating, asks SecurityFocus columnist George Smith.

Did you hear the one about the college professor and his virus-writers course? For the final exam students had to work up viruses that land them in jail for eighteen months. Ta-dump!

It's a valid requirement for getting inside the mind of the virus-writer. It sufficed for virus-writer Chris Pile and would be sure to separate the men from the boys in any such class, guaranteeing that if they talked the talk of the malicious code programmer, they could walk the walk, too.

But I doubt whether John Aycock of the University of Calgary will make his Fall semester virus-writing students do that. Angry parents, outrage, lawsuits, ejection from the academy.

Outrage alone is good, though. It means publicity, and the University of Calgary's press release on its new virus-writing course explicitly promises "[i]nterviews and photo opportunities can be made possible subject to availability."

The computing men of UCal want notice and they should have it. And not just kudos for dreaming up an exciting curriculum but admonishments, too, because real virus-writers revel in their bad notices.

The aim of the UCal course is to get a personal look through the eyes of the malware maker, the reasoning being that only by generating nasty code can one understand and fight digital disease.

"This attitude is similar to what medical researchers do to combat the latest biological viruses such as SARS," blabbers the UCal statement. Absolutely! Everyone knows that the doctors who fought smallpox invented new brands of it and that all medical students specializing in infectious disease have to spend a semester cooking up new ailments.

However, a virus-writing course shouldn't be dumbed down with only milk-liver assignments like the programming of new computer viruses.

The technique of virus-writing is only about ten percent of the mind of the virus-writer and, truth be told, it's the most easily duplicatable and boring part. In addition, the programming is ephemeral: what makes a good Klez now will be no damn good in five years, and students deserve to be given skills that will last them a lifetime.

The good professor, wishing to fathom the motivations of virus-writers first-hand, will have to reproduce in the class some true virus-writer orthodoxy. Aycock, however, may not be able to fulfill this since it is alleged that students who take their work outside the lab will flunk. He might wish to think twice about that penalty.

You see, virus-writers have traditionally been stoked to produce more by observing the success of their creations in the real world. Priest, a San Diego-based virus-writer, was particularly thrilled when anti-virus companies would include the names of his viruses in ads placed in the trades. Others gained inspiration from seeing their creations appear in the anti-virus industry's "Wild List."

As a student, Harry McBungus released his work onto the computing devices of his peers in Australia and, of course, a university presents many opportunities of this nature, too.

Midterm Worms

To build esprit de corps, the class could divide into competing virus-writing claques, with names chosen with an eye toward virus history -- like NuKE[Calg@rEe] or Northern Corrupted Programming.

A week or two could be reserved for devising means of baiting victims with virus-infected porn-loaders, or the launching of mass mailing worms from an anonymous computer in the school library.

Another portion of the class could be used to build a virus-writers' website, perhaps named The Hellacious Pit, in honor of one of the largest virus exchanges of pre-World Wide Web days. A system of digital barter would be set up so that one could download viruses only by contributing new viruses. Verification could be strict or non-existent, depending on the rigor of the exercise.

Some students, for example, might want to take a digital fingerprint of all original viruses before stocking, and then scan uploads for minor variants, duplicates, non-functional "intended" viruses or dummy files. Using the fruit of this labor, viruses could be burned to CD as a unique collection and sold, the cash collected going into a fund that could be used as hush money for angry students and administrators involuntarily enrolled in the class as logical end points of a virus-writing experiment.

Viruses written during the course could be collected and published by the university press. A good title would be "The Little Red Book of Computer Viruses." I would suggest the color black but it's already been used.

By nature, virus-writers love to imagine themselves as nemeses of the anti-virus industry. The UCal course is off to a good start with its initial press, but to fully carry out this delving into the virus-writing persona it will need to continue its bonehead boasting through the semester. The school is well-suited for this capacity because it can issue inflammatory can't-miss press releases like: "Elite Aycock group produces midterm worms that could cause [fill in the blank] billion dollars in damage to world economy if released."

Students should be prepared, with knowledge born from course experience, to also explain how virus assaults to the US economy -- $266 billion, according to the UCal press release -- are over three hundred times more destructive and dangerous than the September 11 attack on the Pentagon, which resulted in $800 million in damages. If they can't do this, they'll become the object of jests, their faculty regarded as buffoons. Perish the thought.

George Smith is Editor-at-Large for VMYTHS and founder of the Crypt Newsletter. He has written extensively on viruses, the genesis of techno-legends and the impact of both on society. His work has appeared in publications as diverse as the Wall Street Journal, the Village Voice and the National Academy of Science's Issues in Science & Technology, among others.

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story


Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.