The New Turing Omnibus Chapter 60 Computer Viruses

Paul Mucur edited this page Dec 15, 2016 · 12 revisions
Clone this wiki locally

The Meeting

We began by discussing the chapter from the book and confirming that we all had similarly misprinted diagrams explaining how a virus interacts with a Disk Operating System. We attempted to decipher the meaning of the diagram regardless but wondered if we would have benefited from reading the earlier chapter on Disk Operating Systems.

We agreed that the chapter suffered for its age as we discussed whether the techniques described were still in use today or rendered obsolete by the introduction of defences such as Gatekeeper, System Integrity Protection and Secure Enclave.

We then spent the majority of the meeting discussing how "viruses" (and that terminology) have changed since the chapter was written.

We discussed the early prevalence of Microsoft Office formats as a delivery mechanism for viruses over the internet and how the fact that they used to be memory dumps from the various Office programs and therefore inherently executable might explain this.

We touched on whether "virus" is an outdated term as there are now more specialised attacks such as ransomware. We wondered what qualified a virus as being "state-sponsored" (was it particularly sophisticated? well executed? wide-reaching in scale?) and touched on Stuxnet and the denial service of attack on GitHub from the Great Firewall of China.

Discussing countermeasures, we explored the use of fuzz testing such as American Fuzzy Lop to detect vulnerabilities in software. Similarly, Chris mentioned using Klee to automate discovery of errors and James talked about Hypothesis.

We mentioned recent vulnerabilities in WordPress and, most incredulously, an exploit in gstreamer's NES music file support.

Finally, Tom led us through Ken Thompson's "Reflections on Trusting Trust" and we learnt to never trust anything ever again.

Retrospective

  • There were comments that the chapter seemed light on content and has not aged particularly well (especially relative to the other chapters we've discussed) and whether its selection betrayed a lack of enthusiasm for the book's remaining chapters
  • As there's only one more meeting this year, we decided to do one more chapter from the book and then start the new year by picking a new central theme for the club (see Things to read or do next)

The Pub