Archive for May, 1996

Modded Super Soaker

Posted on the May 15th, 1996 under Hardware,Weapons by

Our High School had a tradition in which, about a week away from graduation, seniors and all the willing school staff participated in a huge water fight out in the parking lot near the school.  It was well-attended, and even some teachers and assistant principals were there with us in the mess.

I decided to increase my battlefield advantage and bought a Super Soaker Monster pump-action water gun (fed by a 2 gallon backpack canister).  After some field tests, I grew dissatisfied with its performance and rifled the nozzle with a heated, twisted wire.  This added a stabilizing spin to the outgoing jet, increasing the gun’s range by additional 20 feet (~50% of the original range).  This, combined with a full-body plastic lab coat, liquid-proof safety glasses and rubber gloves gave me a definitive advantage.

Here’s a photo of me geared up:


By the way, after tens of minutes of being dominated some guys found a weakness in the armor:  they discovered that by projecting sticky shaving cream at my googles they were able to induce the fog of war.   The solution, of course, was to shoot myself in the eyes to wash off the goggles.

I also remember one of my favorite chemistry teachers, Mr. Hugo, rolling up with a truck full of water balloons and grenading the bejeezus out of us.  Good times, they were.

Zero-Signature Anti-Virus

Posted on the May 10th, 1996 under Software by

In the 1990’s, computer viruses were spreading like wildfire.  The usual infection vectors were shared diskettes, uploads to and downloads from BBS’s and, eventually, through the Internet.  After losing a few months of work to harmful computer virus-related incidents, I realized it was time to learn more about the subject.

After reading Nikolai Bezrukov’s excellent “Computer Virusology” (Kiev Publishing, 1991), I learned a whole lot about the infection methods and payloads.  I was also challenged by Nikolai’s claim of non-existence of a panacea, a universal method of preventing infections.

My reasoning went like this:  I thought that any virus that was immediately destructive or interfered with the primary function of software would have had little chance to cause a full-blown epidemic.  Just like their biological counterparts, computer viruses could spread widely only if they did not fatally harm the host or showed any detectable symptoms of infection, at least for a while, long enough to copy to new transmission mediums.  Additionally, to cause an epidemic, a computer virus would have to be able to infect a wide range of programs, which further reduced the set of vulnerabilities exploitable for the purpose of infection.

Back in the day, in simpler times of non-virtualized processors and memory, there were only of few such generalized methods for intercepting DOS or Windows system functions transparently and harmlessly, which would be the prerequisite for causing a wide-spread viral epidemic.  In fact, I realized that if one saved a few key bytes of redundancy from the right locations inside the programs, the boot sector/MBR and some of the internals of the operating system software prior to the infection, while the computer was “healthy,”  I could always use these bits later to remove the code that transferred execution to virus code, at the vulnerable places where a virus could intercept program execution.  The added benefit was often that the body of the virus was left with inside the program, often inoculating it against repeat infection.

I wrote a software package called PC-Phage that implemented this idea.  It created a “clean boot” system diskette, transferred itself to the diskette, surveyed the software on the hard drive of a “clean” system and stored the key redundancy information about all the software on the hard drive, about forty bytes per executable file.  After the initial installation, a user would only need to run the software from the bootable PC-Phage disk to check for virus infections, and rid the programs from viruses with the option of “vaccinating,” i.e. leaving the inactive virus code inside programs.  A user could also add new software to the list of guarded programs.

For the state of the art of anti-virus software in 1995-1996, this was a radically new idea–nearly all anti-virus software was based on signatures, short bits of identifying virus info that someone at, say, Symantec or McAffee labs had to extract.  The state-of-the-art was problematic because the virus had to get to the laboratories first, which can take months if not years.  In contrast, my approach required no prior information about viruses themselves, just about the programs on your hard drive.

I programmed the software package in Borland’s Turbo C, for MS-DOS 6.22 and Windows 3.1/95. Then, I tested in on 14 of the most modern viruses which I got from a shady underground BBS in California, with some of the viruses being really clever, stealthy and polymorphic.  With zero prior information about the viruses, my program was 100% effective at eliminating them and was able to inoculate against 6 out of 14.

I documented this approach, software design and the testing methodology, and in 1996 won second places in the Flint Area, Michigan State, and the International Science and Engineering Fair in Tuscon, Az., gathering quite a few sponsor awards along the way.

At the 47th ISEF in Tuscon, AZ

The Michigan team

Detroit Free Press article, Page 1

Detroit Free Press article, Page 2