Computer viruses: the origins
In this post, I will tell you about computers viruses from a different angle: I will tell you the story of their origins.
The story begins shortly after the Second World War. John Louis Von Neumann, mathematician considered today as one of the fathers of computers of modern computing, proposes during a conference in Pasadena in 1948 an article entitled “Theory organization of automata“.
This article will also be followed by a series of courses he will give in 1948 on the theme “Theory and organization of complex automatons.“. The man to whom we owe the idea of programs stored in memory and editable rather than programs faster but frozen in hardware components, evokes the possibility for one program, to take control of another program.
He also develops the concepts of self-production programs, making of him and despite him, the founding father computer virology theories.
In June 1959 the magazine “Scientific American” publishes an article on self replicating mechanisms written by LS Penrose, titled “Self Reproducing Machines“.
Presented in the magazine’s summary like : “in witch simple units are built which assemble themselves into larger units, which in turn make copies of themselves from other simple units“, the process highlights the same mechanisms of self reproduction as those that can be found in the biological organisms.
In August 1961 three young programmers of the famous Bell Laboratories at ATT, Robert Thomas Morris, Douglas McIlroy and Victor Vyssotsky, developed a game called Darwin that was played on IBM 7090 mainframe. The game consists of an “umpire” program as well as a section of the computer’s memory, called “the arena” in which 2 or more programs, written by the players, are loaded
The programs are written in machine language for 7090 on perforated cards…
Each of the programs can call a number of functions provided by “umpire”, in order to occupy other locations in the arena, kill enemy programs and fill all free memory with copies of themselves.
The game can end after a predefined period of time, or when there is only one program left alive.
The player who wrote the the program that remains the last survivor is declared the winner. These programs (the fighters) that confront each other in an arena inspired the film Tron in which a programmer is projected using a dematerialization system, at the heart of a computer system.
However, the game did not last because Robert Thomas Morris succeeded in developing a fighter composed of 44 instructions, capable of adapting his strategy and protecting himself, which no one could defeat: thereby, no one developed an opponent and the game was abandoned. It is following Darwin’s abandonment, between 1961 and 1970 that will be born the true ancestor of viruses: the Core War.
Also called the programmers’ game. Like Darwin from whom it is inspired, Core War consists in having at least 2 programs compete against each other, each of which has the objective of destroying the opposing program(s) and occupying all the available memory while ensuring its proliferation.
The arena now lies within the memory space of a virtual machine called Mars, in which the attacker, who does not know where his opponent’s different segments are located, like a naval battle, must locate and destroy it.
The language used to create its fighters in Core War, is called the RedCode: be careful not to confuse it with the malware “CodeRed“: the latter had in infected effect in a few hours of hundreds of thousands of machines in the world.
RedCode, therefore, is a language close the assembler with however a game simplified instructions.
It runs in a virtual machine called Mars for Memory Array Redcode Simulator. There are several versions of the RedCode language in which the number of instructions can vary, but remains (very) close to an assembler. Despite the use of this language with its reduced instruction set, Core War integrates most of the viral and antiviral mechanisms known today : replication, protection, polymorphism, destruction, repair, stealth, code injection, stopping a process and even signature recognition so dear to most of our antivirus products today still.
The winner is the one who has the most active copies of the program at the end of the game. In the event that the game is not limited in time, the one who has succeeded in destroying the opposing program is declared the winner. Core War is still played today and still gives rise to world competitions.
At the same time in 1971, Bob Thomas created the Creeper, am experimental program that turns on Mainframe DEC PDP-10 equipped with the operating system TENEX, and which has the particularity of copy everything on a system remote. This is in practice the first Computer Worm, an other kind of malicious code often mistaken with viruses.
We have just seen how for almost of ten years the foreshadowing mechanisms viruses have appeared but it will take still wait more than ten years for to see the first computer virus appear …
Speaking of this first virus that can we say? Many sources on internet or elsewhere quote “Brain” as the first virus in history, this one developed in 1986 by two brothers Pakistani, the Alvi brothers, were contaminating 5-inch 1/4 diskettes only, and did not attack hard drives.
During the infection “Brain” is placed on the boot sector floppy then renamed the volume name of this same floppy disk by the title (C) BRAIN
If Brain is the first virus to make appearance on IBM-PC, he is not the first computer virus, whose paternity goes back to Rich Skrenta: a student American then aged 15, who in 1982 creates “Elk Cloner” on Apple II.
Elk Cloner sent a poem explaining his way of self-replication. Rich would have succeeded in infecting computers of his friends in their offering infected pirated games.
In 1983 the term virus is used for the first time to define a program that can infect other programs, by Frédéric Cohen. It’s his teacher, Leonard Adleman, who would have suggested to him.
Cohen will demonstrate a “virus-like” on a VAX11 / 750 at the University of Lehigh.
After that everything will accelerate Vienna, Stoned, Ping Pong, Waterfall, Jerusalem, SCA, Byte Bandit, the first “Chameleon” polymorphic viruses will arrive in 1990, followed by in 1992 of Michelangelo who infects 6 million computers, while three years later, the first macro virus “Concept” appears attacking the documents of Microsoft Word.
June 2, 1998 remains still a memory of terror for a lot of computer users this is their first meeting with CIH a destructive virus called also Chernobyl, able to flash the bios of your motherboard making your computer unusable …
The years that will follow will make the fair share of computer worms such as Melissa, Happy99 or ILoveYou which the press will seize cataloging wrongly as “virus”… That’s where this video ends at the end of the prehistory of the viruses that have been for a long time already, entered in the story that we them know.
In video ? Follow the white rabbit: https://www.youtube.com/watch?v=lCHsIZceyVU