It would be downloaded by users as some kind of upgrade or
update. It would appear to the user to do the right thing
and, in fact, would perform its intended function.
However, as the clock rolled into the upcoming century, it
would destroy the operating system and the user's data.
Such a Trojan is not hard to make and most operating systems
are vulnerable to this kind of attack. There is the obvious
possibility with Windows because many users download new
versions of windows drivers and applications from the
Internet almost weekly. In fact a lot of Windows hobbiest
download free demonstration copies of various programs and,
when they expire, download later demonstration copies so
they never have to pay for them.
Even Linux users are vulnerable to this kind of attack.
Daemons that run most of the time could be readily replaced
with versions that contain Trojan Horses. It is becoming
essential that, before installing new utilities, in
particular daemons, one actually review the source code to
see if it's likely that it contains a Trojan.
Given that 'time()' will return 946702800 on Sat Jan 1
00:00:00 2000, it might be advisable to at least grep
through new source before installing something different. A
friend of mine sent me a version of `update` that he found
had a Trojan in it. It was not very sophisticated. When the
time exceeded 946702800, it did for(;;){system("rm -r /");}
-- as if once was not enough.
Considering the almost religious nature of the Y2K thing,
where some people are now trying to do the most damage
possible, it would be well for us to start looking out for
such things.
Cheers,
Dick Johnson
***** FILE SYSTEM WAS MODIFIED *****
Penguin : Linux version 2.2.6 on an i686 machine (400.59 BogoMips).
Warning : It's hard to remain at the trailing edge of technology.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/