May 1, 2005 As cell phones, PDAs, and other wireless devices become more sophisticated, hackers are starting to spread viruses that can infect them. Software engineers have developed an application that allows a PC to scan the memory of a mobile device and eliminate malicious software.
PITTSBURGH--It takes constant vigilance to combat the viruses that persistently lurk in cyber space. While we all know our PCs are vulnerable to data loss, you might be surprised to find out so is your cell phone! A new technology could be the key to ferreting out electronic viruses forever.
That fancy cell phone you use to surf the Web and check e-mail could be infected with a computer virus.
"Our cell phones are becoming more and more sophisticated to look more and more like regular computers, and so they can also acquire viruses," says Adrian Perrig, an assistant professor of engineering at Carnegie Mellon University in Pittsburgh.
While most of us take steps to safeguard our PCs, cell phone viruses are so new you might not even know about them. Engineers at Carnegie Mellon University found a key to detecting even the most evasive electronic bugs.
Perrig says, "Our technique is called SoftWare-based ATTestation, which allows an external host -- like the laptop computer or even another cell phone -- allows them to look into the memory of a device in a way that even malicious code executing on the device cannot hide."
Traditional anti-virus programs scan for a list of known threats, but if a threat is not on the list, it's not detected. With software-based attestation -- SWATT for short -- there's no virus roster. Rather it scans the memory of a handheld device. Because all viruses must dwell in memory, any deviation signals a potential virus.
Right now SWATT only detects bugs. Once they figure out how to exterminate them, it will go on the market. In addition to computers, PDAs and cell phones, this software can detect viruses in any communication device, even the navigation systems of luxury cars.
There are several different ways a computer can become infected. A virus is a small piece of software that attaches itself to an existing program. Every time that program is executed, the virus starts up, too, and can reproduce by attaching itself to even more programs. When contained in an email, the virus usually replicates by automatically mailing itself to dozens of people listed in the victim's email address book.
Unfortunately, viruses don't just replicate, they often cause damage. There is usually a trigger -- a command or keystroke -- that causes the virus to launch its "attack." This can be anything from leaving a silly message to erasing all of the user's data. For example, whenever the current minutes on an infected computer's clock equaled the day (for example, at 6:27 pm on the 27th of any given month), the Melissa virus would copy the following Bart Simpson quote into the current document: "Twenty-two points, plus triple-word-score, plus 50 points for using all my letters. Game's over. I'm outta here."
Worms are a different type of infection. A piece of worm software uses computer networks and security holes in specific software or operating systems to copy itself from machine to machine. Because Microsoft's Windows platform is so pervasive, for example, many hackers design their worms to exploit security holes in those products. In 2001, the worm Code Red spread rapidly by scanning the Internet for computers running Windows NT or Windows 2000.
In contrast to a worm, a Trojan horse can't replicate itself at all: it is simply a computer program pretending to be something harmless -- a game, for example -- but instead does damage when the user runs it, often erasing the hard drive.
Protect yourself from computer viruses
- Buy virus protection software and keep it up-to-date.
- Avoid downloading programs from unknown sources; stick with commercial software purchased on CD-ROMs.
- Make sure that the Macro Virus Protection feature is enabled in all Microsoft applications.
- Never double-click on an email attachment containing an executable program. These will have extensions like .exe, .com, or .vbs.
- Consider switching to a more secure operating system, like Linux.