Preface to the Electronic Edition
The Little Black Book of Computer Viruses has seen five
good years in print. In those five years it has opened a door to
seriously ask the question whether it is better to make technical
information about computer viruses known or not.
When I wrote it, it was largely an experiment. I had no idea
what would happen. Would people take the viruses it contained and
rewrite them to make all kinds of horrificly destructive viruses? Or
would they by and large be used responsibly? At the time I wrote,
no anti-virus people would even talk to me, and what I could find
in print on the subject was largely unimpressive from a factual
standpoint—lots of hype and fear-mongering, but very little solid
research that would shed some light on what might happen if I
released this book. Being a freedom loving and knowledge seeking
American, I decided to go ahead and do it—write the book and get
it in print. And I decided that if people did not use it responsibly, I
would withdraw it.
Five years later, I have to say that I firmly believe the book
has done a lot more good than harm.
On the positive side, lots and lots of people who desperately
need this kind of information—people who are responsible
for keeping viruses off of computers—have now been able to get
it. While individual users who have limited contact with other
computer users may be able to successfully protect themselves with
an off-the-shelf anti-virus, experience seems to be proving that such
is not the case when one starts looking at the network with 10,000
users on it. For starters, very few anti-virus systems will run on
10,000 computers with a wide variety of configurations, etc. Secondly,
when someone on the network encounters a virus, they have
to be able to talk to someone in the organization who has the
detailed technical knowledge necessary to get rid of it in a rational
way. You can’t just shut such a big network down for 4 days while
someone from your a-v vendor’s tech support staff is flown in to
clean up, or to catch and analyze a new virus.
Secondly, people who are just interested in how things
work have finally been able to learn a little bit about computer
viruses. It is truly difficult to deny that they are interesting. The idea
of a computer program that can take off and gain a life completely
independent of its maker is, well, exciting. I think that is important.
After all, many of the most truly useful inventions are made not by
giant, secret, government-funded labs, but by individuals who have
their hands on something day in and day out. They think of a way
to do something better, and do it, and it changes the world. However,
that will never happen if you can’t get the basic information about
how something works. It’s like depriving the carpenter of his
hammer and then asking him to figure out a way to build a better
building.
At the same time, I have to admit that this experiment called
The Little Black Book has not been without its dangers. The Stealth
virus described in its pages has succeeded in establishing itself in
the wild, and, as of the date of this writing it is #8 on the annual
frequency list, which is a concatenation of the most frequently
found viruses in the wild. I am sorry that it has found its way into
the wild, and yet I find here a stroke of divine humor directed at
certain anti-virus people. There is quite a history behind this virus.
I will touch on it only briefly because I don’t want to bore you with
my personal battles. In the first printing of The Little Black Book,
the Stealth was designed to format an extra track on the disk and
hide itself there. Of course, this only worked on machines that had
a BIOS which did not check track numbers and things like that—
particularly, on old PCs. And then it did not infect disks every time
they were accessed. This limited its ability to replicate. Some
anti-virus developers commented to me that they thought this was
The Little Black Book of Computer Viruses