Feeds

The 30-year-old prank that became the first computer virus

Elk Cloner creator Rich Skrenta looks back

Protecting against web application threats using SSL

To the author of ‪Elk Cloner‬, the first computer virus to be released outside of the lab, it’s sad that, 30 years after the self-replicating code's appearance, the industry has yet to come up with a secure operating system.

When Rich Skrenta, created Elk Cloner as a prank in February 1982, he was a 15-year-old high school student with a precocious ability in programming and an overwhelming interest in computers. The boot sector virus was written for Apple II systems, the dominant home computers of the time, and infected floppy discs.

If an Apple II booted from an infected floppy disk, Elk Cloner became resident in the computer’s memory. Uninfected discs inserted into the same computer were given a dose of the malware just as soon as a user keyed in the command catalog for a list of files.

Infected computers would display a short poem, also written by Skrenta, on every fiftieth boot from an infected disk:

Elk Cloner: The program with a personality
It will get on all your disks It will infiltrate your chips Yes it's Cloner!
It will stick to you like glue It will modify ram too Send in the Cloner!

Elk Cloner, which played other, more subtle tricks every five boots, caused no real harm but managed to spread widely. Computer viruses had been created before, but Skrenta’s prank app was the first to spread in the wild, outside the computer system or network on which it was created.

Rich Skrenta

Rich Skrenta today

“I was a geek and a computer nerd, interested in all aspects of technology,” he says. “I wanted to build a robot but there was no kit available and I had no mechanical skills. At elementary school, I used to experiment with vacuum tube radios but the slightest mistake during construction meant they didn’t work. I didn’t even find it easy putting together railway sets.”

“With programming I discovered a way to mimic things I saw in the movies,” Skrenta says, noting that some of his favourite films at the time were 2001: A Space Obyssey and Colossus: The Forbin Project.

“The physical stuff was frustrating by comparison,” he added.

Skrenta received an Apple II Computer as a Christmas gift in 1980. “It took over my life. I spent every waking hour immersed in computer games and programming.”

Skrenta wrote his own text-based adventure game, the opening of which placed the gamer into the role of a survivor of an airliner crash. This taught him to program in Basic and he later picked up assembly language skills.

The Apple II came with two floppy disk drives, and enthusiasts shared software and games through computer clubs. Software piracy was rife, and Skrenta was right in the middle of the scene.

“I was a member of a computer club in Pittsburgh. I used to copy software and share it with friends. There was a thriving pirate software market and people used to exchange games and software on floppy discs,” he explains.

It was this that got him thinking about how he could use this mechanism to play tricks on his pals. He sometimes altered the floppy discs he shared with friends so that they would display on-screen messages or shut down thier computer.

Booby trap

“I decided to booby trap new games to put up a message,” he recalls. “I gave a floppy to one of the guys at the computer club, and it worked. At the time I though it was hysterically funny.

“I did a couple of more pranks before people wouldn't let me touch their discs any more.”

This got him thinking: could he alter the contents of a floppy disc without touching it? His experiments led him to develop program that would run in the background, checking for the presence of a new disk and, if it found one, could modify files stored on the disk.

The result of this work was a program that, in effect, was coded to hop from disk to disk, propagating itself from machine to machine. The first virus, Elk Cloner, was born.

“Tech books on hacking the Apple II covered system entry points, such as turning on the disc drive motor. One of the core applications, System Monitor, had holes in it. Elk Cloner used those holes.”

Brain virus disk

Floppy target: Brain A was the first Windows virus
Source: Mykko Hypponen, F-Secure

Elk Cloner took about two weeks to write in assembly language, Skrenta recalls. And if it’s mode of operation sounds simple, making it actually happen was quite a technical challenge. His earlier adventure game took longer but was more creative, like making a puzzle.

“It worked like a charm and spread all over the place,” Skrenta remembers with a chuckle. His cousins in Batimore and - years later, he discovered - a friend in the US Navy were among those whose computers caught the virus.

Not that there weren’t ways of avoiding infection.

“Elk Cloner created a rattling noise when the program started. If a disc was infected you could hear it. If you inserted an infected disc in an Apple II you can hear the head swoosh sound, an audible signature.

“It would infect a new disc if machine wasn’t rebooted. If an Apple II was rebooted every time, Elk Cloner wouldn’t have spread. But, given people computer habits, it spread like crazy,” Skrenta explained.

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.