The PC, as we know it today, appeared on the scene about 20 years ago. Despite there already being 8-bit systems such as Commodore, Timex or Sinclair, until the appearance of the IBM-compatible PC, there was no real homogeneity among systems. Although John von Neumann had, as far back as 1949, described self-reproducing programs in the Theory of Self-Reproducing Automata, it wasnít until there was widespread uniformity that computer viruses became a reality.
Thousands of home computers soon became millions, all using the same operating systems, with virtually identical hardware structures and compatible processors, creating an ideal breeding ground for viruses. The possibility of exchanging information from machine to machine became the key to the rapid growth in computer ownership but also in the proliferation of viruses.
As with many other technology-based consumer products, a steady reduction in price has also contributed to the explosion in PC ownership, with more and more households finding that buying a computer doesnít require taking a second mortgage.
The enormous potential of the majority of PCs is largely underused at the hands of users with limited technological knowledge. From workers who see a computer as little more than a type writer with a screen, to families whose use of the computer is limited to surfing the web and playing games.
At the same time, the power of home computers has increased exponentially. PCs are now advertised at the same price that once would have bought computers a thousand times inferior in terms of memory and disk size. Computers that, just a few years ago would have been used as top-end servers are now in the hands of children or adults who just want to learn a little bit about the equipment they own. One of the first things they often do, with scant regard for the consequences, is install a heap of pirate software donated by friends or downloaded from the Internet.
These seemingly innocuous circumstances are in fact a recipe for disaster; a disaster which is often just around the corner. An apparently inoffensive e-mail from a trusted friend turns out to carry an infected file capable of wreaking havoc on the system.
Even those cautious enough to install an antivirus will not be out of danger forever. Leaving the antivirus without updates for a couple of days could be enough to let new generation viruses enter a system, without the user even being aware of the infection until it is too late.
A further problem is the failure of the majority of users to install the patches supplied by software manufacturers. This is fuelled by the mistaken belief that once an operating system is installed and running, thatís all there is to do. Not only does this mean users miss out on numerous improvements to the functionality of the system but also that they will not have applied patches to cover the potentially serious security holes that may be discovered.
Home-users are frequently connected to the Internet with optimized broadband connections. These connections, once the exclusive privilege of large organizations, and flat-rate connection charges mean that many homes have permanently open connections to the Internet ñ and to hackers. Accessing unprotected domestic systems is a relatively easy task, although fortunately, not one that greatly arouses the interest of many malicious users. A greater risk however, is that these systems will be used as ëZombiesí, machines used to launch anonymous attackers on other systems.
Given all these security problems, itís not difficult to anticipate where attacks are going to come from in the future and how users should ensure that they are adequately protected. According to the latest statistics, 80 percent of infections stem from e-mails.
It is reasonable to assume that viruses will continue to exploit flaws in operating systems and other common applications. Potential vulnerabilities, buffer overflows, file opening errors are all typical problems exploited by viruses to infect systems. The only defense is to be up-to-date on the latest application bugs detected and to apply the corresponding patches. Manufacturers of operating systems and critical applications (e-mail programs, browser, FTP clients etc.) release regular information to this effect.
However, no matter how diligent you are with system updates and patches, your efforts will be wasted if you ignore another equally important threat: pirate software. As well as being a crime in itself, using pirate software carries other serious threats, not least the propensity that such programs have to containing Trojans and viruses. Add this to the lack of any kind of tech support, system malfunctions or defective programs and the attraction of this kind of software begins to wane. Pirate CDs that contain viruses are impossible to clean and if infected with certain Trojans, could give an attacker complete remote control over the affected system.
Finally there are viruses sent via encrypted messages. The widespread use of encryption systems for e-mail messages can make detection of hidden viruses even more complicated, which is why workstation protection should be constantly updated and enabled.
Mark Price
Technical Manager
Panda Software
Viruses and Home Computers.
.