Evolution of viruses, malware, spyware – a personal perspective

After reading this very well written article on how to protect yourself against government (and other malicious parties’) evesdropping on your electronic communications, it struck me that it’s amazing how the world has changed in the past 30 years when it comes to these things: 

when I started programming computers some 30 years ago,  computer “viruses” did in fact exist, but they were not known to anyone outside of the computer labs of those days, and their purpose was not to be “malware”, instead, these ancient seminal viruses were a programming technique for expoiting the von Neumann architecture and particularly the limited amount of memory and processing power available in the machines of those days.  Thus basically, these seminal viruses were a smart programming trick to overcome the very limited resources available in the computers of those days, and they did not impact anything or anyone outside of that particular computer lab.  Today, this type of computer “viruses” might be called “genetic algorithms”, i.e. self modifying programs. 

The real outburst of “malware” did not occur until the general public got to use the internet, sometimes in the early 90-ies: public access to the internet, particularly when combined with the dominance of the Windows operating system. For sure, there had been well known malware attacks before that, e.g. those by Kevin Mitnick, but to a large extent, the general public was not the target of any attacks until the proliferation of internet access, Windows OS, and particularly, the WWW in the mid-90ies. 

With general public access to the Internet and the WWW, things changed quickly: “hackers” became (in)famous, and companies developing anti-virus-programs became rich.  People eventually got used to that some level of care had to be taken when “clicking” all those links now available on the web, lots of users found their personal computers becoming sluggish over time, and crashing frequently.  

Some of these problems were caused by bad programming in otherwise benign applications, but some of them were caused by malware of various types having found their way into your computer.  

Until recently, most people had reason to believe that the source of this malware was evil teenage “hackers” in basements just enjoying themselves by making your computing experince miserable, thereby making themselves a name in the “dark hacking” circles.  An other source of malware attacks was from people with criminal intentions, i.e. those who are looking for e.g. your credit card info, your bank account numbers etc, all in an attempt to make a financial gain by stealing your money. 

But recently, as been revealed in the NSA-debacle, the vast majority of “malware” in our global interconnected world of computers and telecommunications seems to be coming not from teenage hackers looking for fame, nor from criminals looking for your creditcard number, but from government officials attempting to monitor  your entire life, by evesdropping  into all your communications, your private and personal matters, your social networks, your thoughts, opinions and relationships.  No longer is the world of malware dominated by misfit individuals with a desire to make themselves a name or a buck, but by government agencies and commercial companies, running in a tight leash, blindly obeying the orders of their Masters (who are these masters, btw…?) 

Before, at least I felt that I could trust government as well as well established commercial companies a lot more than I would trust an anonymous website offering me some cool application just by clicking an obscure link, but now, after Snowden’s revelations about the massive government surveillance of anything and everything, I’m not so sure anymore….

On the business side, the damage to future business for all Western companies, particularly in Telecom and Computing, will be massive. Who will be able to trust any ISP’s such as Facebook, Google or Yahoo, who will be able to trust telecom operators such as ATT, Vodaphone or Verizon, who will be able to trust computer companies like Microsoft, IBM, Cisco, Apple, HP, … ?  Who will trust any Cloud provider…? 

As an example: yesterday Apple launched the new iPhone 5s, which includes fingerprint technology. Would you trust Apple’s statements that the scanned fingerprint will not leave your phone, that it will not be transmitted to the Cloud…?

I don’t.  Since the US government can enforce all US-based companies to comply with their demands on access to any data, I don’t see how Apple (or anyone else) could resist when the request for customer fingerprint data comes, and trust me, it will come (if it hasn’t already come!) as soon as iPhone 5s hits the stores.  If you don’t believe me, have a look at this

 

 

Advertisements

About swdevperestroika

High tech industry veteran, avid hacker reluctantly transformed to mgmt consultant.
This entry was posted in development. Bookmark the permalink.

2 Responses to Evolution of viruses, malware, spyware – a personal perspective

  1. tevirselrahc says:

    My first encounter with a virus (well, actually a Trojan) was in the mid-80s, while running a BBS at university. I don’t remember what it was disguised at, but it overwrote a DOS interrupt to point to itself in high memory where it would wait for a floppy to inserted to infect the MBS. It was such a pain to make users believe our system was still safe afterwards…very similar to what is happening now…
    There was also this exchange student who had a word processor on a 180K floppy that was self-modifying in order to run in limited memory space. I now wonder whether that’s where the virus came from…

  2. Fond memories! 🙂 I wrote a couple (very well contained, didn’t leave the machine they were written on!) on DEC-20’ies and later VAXes… wouln’t been possible without sysMgr priv’s, which I happened to have. Will for ever remember when one of my hacks went a bit wrong in kernel mode, and accidentally made the largest VAX machine with some 100 or so users logged-on to shut down…! 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s