DEFGEN1.CVP   910701
        Towards a Definition of computer Viral Programs
 
The "man on the street" is now often aware of the term "computer
virus" even if he (or she) does not use a computer.  However, it
is often the case that those who are otherwise technically
literate do not understand some of the implications of the
phrase.  This is not surprising in that the term is slang, is
often misused, and that "hard" information is difficult to come
by.
 
It is important to know what a computer virus is if you are
going to defend yourself against the many that are "out there." 
It is also important to know what a computer virus is not. 
There are other types of programs and situations which can do
damage to your computer or data, and many of these will not be
caught by the same methods which must trap viral programs.
 
A biological analogy, which we find in the dictionary, is
helpful.  The Oxford English Dictionary, which speaks of:
    "... a moral or intelletual poison, or poisonous
    influence..."
while satisfying to the wounded ego of those who have been hit
is not terribly helpful in a technical sense.  Webster, however,
steers us in a more helpful route in stating that a virus is:
    "... dependent on the host's living cells for their growth
    and reproduction ..."
 
By elimating the biological references, we can come to the
definition that a virus is an entity which uses the resources of
the host to spread and reproduce itself without informed
operator action.  Let me stress here, the word "informed."  A
virus cannot run completely on its own.  The computer user must
always take some action, even if it is only to turn the computer
on.  This is the major strength of a virus: it uses *normal*
computer operations to do its dirty work, and therefore there is
no single identifying code that can be used to find a viral
program.
 
I must make mention, before I continue, of the work of Fred
Cohen.  Dr. Cohen is generally held to have coined the term
"computer virus" in his thesis, published in 1984.  However, his
definition covers only those sections of code which, when
active, attach themselves to other programs.  This, however,
neglects many of the programs which have been most successful
"in the wild".  Many researchers still insist on this
definition, and therefore use other terms such as "worm" and
"bacterium" for those viri which do not attack programs.
 
copyright Robert M. Slade, 1991   DEFGEN1.CVP   910701

==============
Vancouver      ROBERTS@decus.ca         | "If you do buy a
Institute for  Robert_Slade@sfu.ca      |  computer, don't
Research into  rslade@cue.bc.ca         |  turn it on."
User           p1@CyberStore.ca         | Richards' 2nd Law
Security       Canada V7K 2G6           | of Data Security