Quarter Life Crisis

The world according to Sven-S. Porst

« OutrunMainTriviality »

Hall of Best Knowledge available as a book!
[Order with amazon in the USA, UK or Germany]

Make your own ‘virus’

452 words

John Gruber was brave enough to wade through and report on the nonsense that has been written about that mp3 file virus thingy that has been making the rounds and has also been mentioned here. (Be sure to read John's update on CNN. And start being depressed that despite everything being blatantly obvious in this case all the standard new channels will just get away with it. Also waste a second and think about how distorted the important news items you get to hear are).

And frankly, while it is neat to make an MP3 file that also is an executable, what's so great about it? Surely the sufficiently malicious I could can generate an application that quickly extracts an MP3 file from itself and open that. It's not really magic. And it's even easier with application bundles.

I wonder whether it would be feasible for the computer to ask the user before the first time it launches some application or even executes some code (in plugins and such)? That could solve the problem of social engineering in a clean way – no more file name extensions, icons or metadata to worry about. (I guess changed prebinding might be a problem there – as is for the keychain. I also guess that only asking that question for code that isn't stored in the /Library, /System or /Application folders may keep the annoyance to a minimum.

Icon of the 'virus' in the Finder Riiight, I couldn't resist but had to think about this making your own 'virus' business for another few seconds... And the fun solution is that all the clever camouflaging you need is only two steps in the command line away. Suppose you want to make a copy of the dangerous UnicodeChecker 'virus'. It looks like an innocuous MP3 file but upon double clicking it is everyone's favourite tool for Unicode exploration and conversion.

And it's only two and a half simple steps away. Once you've cd-ed to the folder containing UnicodeChecker, do this: 

cp -R UnicodeChecker.app Viral\ Tune.mp3
and then this 
cp /Applications/iTunes.app/Contents/Resources/iTunes-mp3.icns 
     Viral\ Tune.mp3/Contents/Resources
without the line break. That's it. Honest. Now, if you're brave, try to do the same thing to create an mp4 file – you know they're all evil and proprietary if certain other FUD is to be believed...

Doing the same thing for a bundled AppleScript application, adding a music file into the bundle and opening that file once the script runs shouldn't be too hard.

Disclaimer: Don't try this at home or blame me for any damage this caused. But then, this was so trivial that you probably thought of it on your own by now. Also don't blame me for the wrong use of the word 'virus' here.


Fatal error: Call to undefined function googlise() in /home/web/web28/htdocs/earthlingsoft.net/ssp/blog/2004/04/make_your_own_virus on line 99