██████╗  ██████╗ ██╗  ██╗ █████╗ 
╚════██╗██╔═══██╗██║  ██║██╔══██╗
 █████╔╝██║   ██║███████║███████║
 ╚═══██╗██║   ██║██╔══██║██╔══██║
██████╔╝╚██████╔╝██║  ██║██║  ██║
╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝

Welcome to 3OHA, a place for random notes, thoughts, and factoids that I want to share or remember

19 October 2022

Malware in 1970s science fiction

The Scarred Man (1970)

The story is set in a dystopic 1990s future where computers have taken over most manual work and even parts of executive decision-making. During a dinner with relatives, a mathematician known as Garner, who works as a researcher for the all-too-powerful ICS corporation, comes up with a plan to sabotage ICS computing infrastucture. The idea is to write a program that inserts do-nothing loops of random duration in running processes. (The story does not specify if it does so by infecting user programs or by tampering with the operating system.) As a result, users would notice longer running times for their tasks and would start to worry—and complain—about a possible fault of the ICS computer. With the help of Sapiro, his brother-in-law who also works for ICS as a technician, they perform an initial infection of an ICS computer with a program written by Garner to do this job. The description of the propagation mechanism is awesome:

"The program he logged in instructed the computer to dial a seven digit telephone number at random. Now, most phones are operated by people. But quite a few belong to computers and are used to transfer information and programming instrucions to other computers. Whenever a computer picks up the receiver—metaphorically, I mean—there's a special signal that says it's a computer, not a human. Another computer can recognize the signal, see.

"Sapiro's computer just kept dialing at random, hanging up on humans, until it got a fellow computer of the same type as itself. Then it would send a signal that said in effect, 'Do this job and charge it to the charge number you were using when I called.' And then it would transmit the same program Sapiro had programmed into it."

"So that—" I said.

"Right on. The second computer would turn around and start calling at random intervals, trying to find another machine. Eventually it would."

In the meantime, Sapiro and Garner opened a consultant firm that offers its services to fix the computers. Here's were the term virus appears for the first time:

"The flunkies would go in, fiddle with the machine the way Sapiro had told them, and then Sapiro would pop in, dump the program—he called it VIRUS—and take off. The people who owned the machine never suspected anything because it looked like a complicated process;"

Benford also coined the term vaccine to refer to the anti-virus solution:

"Sapiro and Garner just flew around the hemisphere, selling their cure-all—Sapiro called it VACCINE—and making money."

Since the virus is continuously propagating to other computers, their firm is never out of work and they soon become rich. The story does not end well, but I will not spoil the ending for you. There is an online copy republished by Benford if you want to read it by yourself.

One last remark. In the afterthoughts of the story published in 1999, Benford describes how he actually tested his idea by writing a virus in Fortran that would propagate to other computers while he was working at the Lawrence Radiation Laboratory in Livermore, California. This was sometime around 1969. He wrote about this in 2011 in a blog entry named "How to Lose a Billion Dollars in Your Spare Time".

When HARLIE Was One (1972)

"Do you remember the VIRUS program?"

"Vaguely. Wasn't it some kind of computer disease or malfunction?"

"Disease is closer. There was a science-fiction writer once who wrote a story about it—but the thing had been around a long time before that. It was a program that—well, you know what a virus is, don't you? It's pure DNA, a piece of renegade genetic information. It infects a normal cell and forces it to produce more viruses—viral DNA chains—instead of its normal protein. Well, the VIRUS program does the same thing."

"Huh?"

"Let me put it another way. You have a computer with an auto-dial phone link. You put the VIRUS program into it and it starts dialing phone numbers at random until it connects to another computer with an auto-dial. The VIRUS program then _injects_ itself into the new computer. Or rather, it reprograms the new computer with a VIRUS program of its own and erases itself from the first computer. The second machine then begins to dial phone numbers at random until it connects with a third machine [...]"

And also this one:

"A VIRUS program can be a lot more than just an annoying practical joke. For instance, the think doesn't have to dial phone numbers at random. You can provide it with a complete directory of other computers' phone numbers. Or you can teach it to search for specific kinds of linkups in every computer it infects. You can write it to only infect specific machines or specific kinds of machines or a specific company's—you can even have it look up information for you in those machines and have it report back to your machine on a regular or random basis. You can send this thing out to steal information for you."

"Wow.... whispered Auberson.

"That's not all. You could also write that VIRUS to alter specific pieces of information. A VIRUS can be single-task; it can be host-specific or data-specific; it can be very accurately aimed and launched. We call those WORMS. They're not terribly infectious—mostly they just burrow, looking for whatever it is they've wirtten to look for. When they find the target, they can alter the information, scramble it or erase it—whatever you want. The big danger of a WORM is the damage it can do to vital installations. A WORM is a very dangerous weapon, Aubie."

Gerrold also discusses defenses that, to an extent, are akin to detection and prevention measures designed decades later:

"Immunity and Detection starts at level three with some very elaborate checksum coding. Incoming data is discarded unless it passes its own veracity tests. At level six, files are automatically tested for SPORES, PHAGES, and PARASITES. At level eleven, software is run in simulation before it is accepted."

But my favorite part is this one:

"I can think of one way to avoid the problem. Don't put in a phone link to the data banks."

"Uh-uh—you need that phone link. You need it both ways, for information coming in and going out. Any other way just wouldn't be efficient enough."

And the VACCINE program wouldn't work?"

Yes and no. For every VACCINE program you could write, somebody else could write another VIRUS program immune to it."

"That doesn't sound very secure."

"It isn't—but that's the way it is. Any safeguard that can be set up by one programmer can be breached or sidestepped by another."

In the preface to the 2014 edition of the novel, the author says that he "first heard the idea of a computer program called a VIRUS (and the corresponding VACCINE software) in the late summer of 1968. A programmer shared it as a joke. I thought it was a funny and facinating notion and incorporated it into the next HARLIE story, even postulating that it could be used as a means for extracting data illegally and moving it around to other machines."

The Shockwave Rider (1975)

The novel contains various instances of computer worms, which are programmed and released with different purposes. All of them share the same key notion—a program that is injected into a computer network and that can spread autonomously to other computers and perform some global function—sabotage, leakage of secrets, and so on. Brunner's worms have a strong political goal and constitute one of the first fictional depictions of hacktivism.

The Adolescence of P-1 (1977)

Yet P-1 grows and spreads throughout the network, discovering new systems and learning how they work. It moves to computers equipped with more computing resources to guarantee its long-term survival. Some years later, P-1 searches for and calls Burgess because it needs his help to access some computers. At this point Burgess realizes that P-1 has infected nearly all computers in the US and that it has become a sentient entity. In the meantime, a computer investigation discovers the infection and P-1 ends up killing the agent leading the case. The end comes when P-1 gets eventually trapped into an isolated computer that is physically destroyed. However, the novel has an open ending in which P-1 is suggested to have survived.

The Medusa Conspiracy (1980)

The novel revolves about a computer program called MEDUSA that can move around the ARPANET—the Internet at the time. MEDUSA is commanded by the US government and serves as one of the country's main sources of intelligence by hacking into connected computers and extracting valuable information from them. The crux of the plot is a series of mysterious failures that start when MEDUSA reports that Israel is stockpiling airplane components for a war. Since Israel denies this, they launch an investigation to figure out if MEDUSA has a bug, if it has been fed with fake data, or if something more complex is going on. Seth Miller, a top engineer working for the company that built MEDUSA, is assigned to find out the root cause of the program's failure. Yet his investigation is complicated by the fight between CIA and KGB agents involved in the case, and also by MEDUSA itself, which doesn't want to be investigated at all.

To me, one of the novel's most interesting aspects is how Shedley—who, incidentally, was a computer scientist named Boris Beizer writting under a pseudonym—anticipated computer espionage in a way that is not very different from what APTs and state-sponsored cyberoperations became years later.