The Modem Virus of 1989
DEFMTH6.CVP 920105
The Modem Virus of 1989
Continuing with Padgett's list:
5) "Modem" virus
The first report I got of the modem virus is from VIRUS-L Volume
1, number 42 in early December, 1988. It came from the JPL, of
all places. The original report was supposed to have come from
a telecommunications firm in Seattle, and contained all kinds of
technical bafflegab, including the fact that the virus was
transmitted via the "sub-carrier" on 2400 bps modems, so you
should only use 300 or 1200. The "subcarrier" was supposed to
be some secret frequency that the modem manufacturers used for
debugging. The virus was supposed to do all kinds of changing
of the internal registers of the modem. That first report gave
no indication of how the virus got from the modem into the
computer.
As people started to raise objections to the possibility of this
ridiculous scenario, the initial report was traced back to a
posting on Fidonet (the earliest date I have in my records is
October 6, 1988) by someone who gave his name as "Mike
RoChenle". Ken later suggested this might be read as
"microchannel", the then new bus for IBM's PS/2 machines.
Among the serious researchers, these rumours were dealt with
rather quickly, within about two weeks. We continued, however,
to receive reports of the virus for most of 1989. The facts;
that modem manufacturers use all the bandwidth available for
transmission, that the internal registers are data rather than
programs, that "unused" pins in an RS-232 cable are still
"assigned" and can't be used for spurious transmissions, and
that terminal emulation programs do not "call" incoming data as
programs; only served to spur the reporters to greater flights
of fancy in their descriptions of the "modem virus".
With the phenomenon being flat out physically impossible, why
did the rumour persist for such a long time?
One reason is that the rumour itself may have prompted a lot of
interest in computer viral programs from among computer and
modem users. As these people joined virus discussion groups,
and not seen the modem virus being discussed, they continued to
post reports of it. Also, the rumours contained enough "pseudo-
technical" language as to seem credible, while remaining
essentially incomprehensible to those who, while suing a modem,
know little of the technology involved. One of the major
reasons, however, is likely that people were primed to believe
it. BBSes, and, by extension, modems, have had a consistently,
and unfairly, bad press over the past few years. BBSes are seen
as the ultimate source of all "evil" programs; viri and trojans;
and anything bad said about them is to be believed.
Which is another myth.
copyright Robert M. Slade, 1992 DEFMTH6.CVP 920105
The Modem Virus of 1989
Continuing with Padgett's list:
5) "Modem" virus
The first report I got of the modem virus is from VIRUS-L Volume
1, number 42 in early December, 1988. It came from the JPL, of
all places. The original report was supposed to have come from
a telecommunications firm in Seattle, and contained all kinds of
technical bafflegab, including the fact that the virus was
transmitted via the "sub-carrier" on 2400 bps modems, so you
should only use 300 or 1200. The "subcarrier" was supposed to
be some secret frequency that the modem manufacturers used for
debugging. The virus was supposed to do all kinds of changing
of the internal registers of the modem. That first report gave
no indication of how the virus got from the modem into the
computer.
As people started to raise objections to the possibility of this
ridiculous scenario, the initial report was traced back to a
posting on Fidonet (the earliest date I have in my records is
October 6, 1988) by someone who gave his name as "Mike
RoChenle". Ken later suggested this might be read as
"microchannel", the then new bus for IBM's PS/2 machines.
Among the serious researchers, these rumours were dealt with
rather quickly, within about two weeks. We continued, however,
to receive reports of the virus for most of 1989. The facts;
that modem manufacturers use all the bandwidth available for
transmission, that the internal registers are data rather than
programs, that "unused" pins in an RS-232 cable are still
"assigned" and can't be used for spurious transmissions, and
that terminal emulation programs do not "call" incoming data as
programs; only served to spur the reporters to greater flights
of fancy in their descriptions of the "modem virus".
With the phenomenon being flat out physically impossible, why
did the rumour persist for such a long time?
One reason is that the rumour itself may have prompted a lot of
interest in computer viral programs from among computer and
modem users. As these people joined virus discussion groups,
and not seen the modem virus being discussed, they continued to
post reports of it. Also, the rumours contained enough "pseudo-
technical" language as to seem credible, while remaining
essentially incomprehensible to those who, while suing a modem,
know little of the technology involved. One of the major
reasons, however, is likely that people were primed to believe
it. BBSes, and, by extension, modems, have had a consistently,
and unfairly, bad press over the past few years. BBSes are seen
as the ultimate source of all "evil" programs; viri and trojans;
and anything bad said about them is to be believed.
Which is another myth.
copyright Robert M. Slade, 1992 DEFMTH6.CVP 920105
Comments
Post a Comment