California Educational Data Processing Association
	The DataBus - Vol. 36, No. 3 April-May, 1996

Viruses and the Internet

Brian Lloyd, Lloyd Internetworking

I don't know about you but, over the past year I have received a copy of the same electronic mail message over and over. The message warns of the "Good Times" virus (see related article-Ed.) being propagated in an email message and that reading the message is enough to infect your computer with the virus.

The short answer is, no, your computer will not become infected with a virus by simply reading an email message so you can safely ignore this particular message. *PLEASE* do not forward it on to others! To do so is to perpetuate a not particularly funny joke.

In fact, in a way this annoying email message is a virus of sorts. While it doesn't actually do anything at all on the computer, it does reproduce and replicate itself on other computers. The reproduction process is a concerned human who replicates the message and sends it on to friends and acquaintances, who then send it on to friends and acquaintances, who then send it on ... ad nauseam. If you happen to receive this message, just ignore it and break the chain.

On the other hand, this type of message certainly points out both the concern and lack of understanding surrounding computer viruses. There are ways to send a virus to someone's computer using email. Now granted the recipient has to actually perform an additional step beyond reading the message in order to infect his/her computer but many will unthinkingly perform that step and thus infect their computer(s).

The key factor for any computer virus is that, somehow, the computer must execute or "run" the virus code. Therefore *ANY* type of program can conceivably contain virus code. If you don't run the virus code, your computer won't become infected. Most viruses are propagated by becoming attached to a popular program or game, or by infecting the "boot block" on a floppy disk. [footnote: the boot block is a small hidden program at the very beginning of a disk that is usually executed when the disk is inserted and/or booted.] This sort of virus is somewhat more difficult to automatically propagate over the Internet.

So how do crackers and other evil denizens of the Internet coerce you into doing their dirty work for them? Usually it is by offering you something, usually a program, that you would like to have. For that reason beware of *ANY* program you receive from an unknown or unexpected source. While I am unaware of any crackers actually mailing a trojan horse program to someone, it can be done.

For the most part, programs from the major software repositories are safe. I have never received an infected program from any of the major software repositories. Use a virus scanner just in case.

There is a new threat that has recently appeared. It turns out that some crackers have discovered that it is possible to write a virus as a Microsoft Word macro. The macro is embedded as part of a document that appears perfectly innocuous. When you open the document the macro is executed by Word. The macro makes permanent modifications to Word macro environment so that the macro is replicated into every word document after that. From then on, whenever you give a Word document to someone, you infect the ir computer as soon as they look at the document.

Steps to avoid infection:

1. Never execute a program you have gotten off the Internet without first checking it with a virus checker. Be especially careful of programs from the alt.binaries news group.
2. Never execute a program mailed to you as an attachment especially if it comes from an unknown source.
3. Never open a Microsoft Word document without first disabling Word's ability to execute startup macros.

So be careful but don't be paranoid. Your local BBS is a much greater threat to you than the Internet. Use common sense and you won't be burned.

Return to April-May index