Date: Wed, 01 Aug 2001 23:03:32 -0400 From: Matthew Hagerty <mhagerty@voyager.net> To: Mike Meyer <mwm@mired.org> Cc: questions@FreeBSD.ORG Subject: Re: just how many known viruses are there for FreeBSD? Message-ID: <5.0.2.1.2.20010801224548.018f7a38@pop.voyager.net> In-Reply-To: <15208.45856.59490.760556@guru.mired.org> References: <14171361@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:55 PM 8/1/2001 -0500, Mike Meyer wrote: >Please don't top post. From Greg Lehey's tutorial on -questions at ><URL: http://www.lemis.com/questions.html >: > > 9. Put your response in the correct place (after the text to which it > replies). It's very difficult to read a thread of responses where each > reply comes before the text to which it replies. > >I've not bothered trying to recover the format. If things are >mis-attributed, flame the people who are top posting. > >Matthew Hagerty <mhagerty@voyager.net> types: > > Being written in assembly has nothing to do with what a program can > > do! All programs, no matter what language they are written in are either > > compiled or interpreted down to "machine language" in order to be executed > > by the processor. > >This is wrong. Interpreted programs aren't "interpreted down to >machine language". They may not even be "interpreted by machine >language", though at the bottom level that's what's going on. If the >distinction isn't clear to you, I'll be glad to explain further. The distinction is very clear and is not wrong. The interpreter was most likely written in some language that was compiled, and even if it was not, a high level language that is interpreted winds up as a series of calls to the internals of the interpreter, which in turn executes a prepared set of code, which is usually already compiled and ready for execution, i.e. a shared lib, etc. So, yes, even an interpreted language causes "machine code" to be executed, every program does, they have to or they would not run. Does the interpreter make a 'print "hello world"' statement into machine code, no probably not, but it certainly, eventually, causes a predetermined set of machine code instructions to be executed... so what's the difference? More often than not it is simply a matter of speed, code size, development time, copy protection, budget, knowledge or the developer, and on and on. But for the original author to say that a program written in Assembly can perform things that you can't do in "high level" languages is simply not true. Your limitations are usually within the language, higher-level languages usually giving more restriction, but even then there are usually ways around that, i.e. peek and poke in BASIC, etc. > > At 07:01 PM 8/1/2001 -0400, you wrote: > > >Not entirely true. A hacker group recently completed the winux virus > > >that is capable of infecting both the Linux and Windows OSs. It is a > > >proof of concept virus, and IIRC, it is written entirely in assembly - > > >meaning that theoretically, it can infect pretty much any ix86 based > > >OS. > >Also wrong, so much so that I'm not sure where to start. Writing in >x86 assembly means the thing won't run on anything but x86 >machines. Accessing OS functions will keep it from executing on >anything that provide that OS's API. In compiled languages, those >functions are normally provided by library functions or compilers >stubs. It's possible to write code to detect which platform you're >running on and use the appropriate APIs. The code will fail on any OS >that doesn't provide any of those APIs. In the Winux case, it'll fail >on BeOS, Solaris, or BSD without Linux emulation. It seems we are making the same point here. >The other issue is that systems with Unix-like protection, a virus can >only infect binaries that it has permission to write to. Unless it's >running as root, that means "not much". That's why root exploits are >such a big deal on Unix, and why logging in as root and running things >as root is discouraged. And having root would make needing a virus null, which was my original point in my response to the original email asking about what viruses existed for FreeBSD. I simply stated that human viruses, i.e. crackers and script-kiddies where the biggest viruses on UN*X OSes. Matthew > <mike >-- >Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ >Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.2.20010801224548.018f7a38>