FUNGEN1.CVP   910727
 
           Computer operations and viral operations
 
Having defined what viral programs are, let's look at what
computers are, and do, briefly.  The functions that we ask of
computers tend to fall into a few general categories.
 
Computers are great at copying.  This makes them useful for
storing and communicating data, and for much of the "information
processing" that we ask them to do, such as word processing. 
Computers are also great for the automation of repetitive tasks. 
Programming allows computers to perform the same tasks, in the
same way, with only one initiating call.  Indeed, we can, on
occasion, eliminate the need for the call, as programs can be
designed to make "decisions" on the basis of data available. 
Finally, computer processors need not be specially built for
each task assigned to them: computers are multi-purpose tools
which can do as many jobs as the programs available to them.
 
All computer operations and programs are comprised of these
three components: copying, automatic operation, "decision"
making: and, in various combinations, can fulfill many
functions.  It is no coincidence that it is these same functions
which allow computer viral programs to operate.
 
The first function of a viral program is to reproduce.  In other
words, to copy.  This copying operation must be automatic, since
the operator is not an actively informed party to the function. 
In most cases, viral program must come to some decision aobut
when and whether to infect a program or disk, or when to deliver
a "payload".  All of these operations must be performed
regardless of the purpose for which the specific computer is
intended.
 
It should thus be clear that computer viral programs use the
most basic of computer functions and operations.  It should also
be clear that no additional functions are necessary for the
operation of viral programs.  Taking these two facts together,
noone should be surprised at the conclusion reached a number of
years ago that not only is it extremely difficult to
differentiate computer viral programs from valid programs, but
that there can be no single identifying feature that can be used
for such distinction.  Without running the program, or
simulating its operation, there is no way to say that this
program is viral and that one is valid.
 
The fact that computer viral operations are, in fact, the most
basic of computer operations means that it is very difficult to
defend against intrusion by viral programs.  In terms of
"guaranteed protection" we are left with Jeff Richards' Laws of
Data Security:
         1)   Don't buy a computer.
         2)   If you do buy a computer, don't turn it on.
 
copyright Robert M. Slade, 1991   FUNGEN1.CVP   910729

==============                      
Vancouver      ROBERTS@decus.ca    | "Le mathemtica e l'alfabeto
Institute for  Robert_Slade@sfu.ca |  nel quale Dio ha scritto
Research into  rslade@cue.bc.ca    |  l'universo."
User           p1@CyberStore.ca    | 
Security       Canada V7K 2G6      |            - Galileo