Discussion:
Malware Turns Delphi Software Compilers into Virus Breeders
(too old to reply)
anonymous
2009-08-22 23:57:30 UTC
Permalink
Security experts seem more intrigued than alarmed over a
newly-discovered virus that inserts itself into a Delphi compiler, and
replicates itself in every program compiled.

http://www.wired.com/threatlevel/2009/08/induc/
--
Robert novak: 'Always love your country — but never trust your
government!'

Robert novak: 'Always love your country — but never trust your
government!'
nemo_outis
2009-08-23 02:02:11 UTC
Permalink
Post by anonymous
Security experts seem more intrigued than alarmed over a
newly-discovered virus that inserts itself into a Delphi compiler, and
replicates itself in every program compiled.
http://www.wired.com/threatlevel/2009/08/induc/
Talk about old news!

To understand why security experts are not particularly surprised one need
only read the famous 1984 paper, "Reflections on Trusting Trust" by the
also-famous Ken Thompson. It's been known for 25 years that a suborned
compiler can infect what it compiles - Ken even provided proof-of-concept
code.

Regards,
anonymous
2009-08-23 12:53:49 UTC
Permalink
Post by nemo_outis
Post by anonymous
Security experts seem more intrigued than alarmed over a
newly-discovered virus that inserts itself into a Delphi compiler, and
replicates itself in every program compiled.
http://www.wired.com/threatlevel/2009/08/induc/
Talk about old news!
To understand why security experts are not particularly surprised one need
only read the famous 1984 paper, "Reflections on Trusting Trust" by the
also-famous Ken Thompson. It's been known for 25 years that a suborned
compiler can infect what it compiles - Ken even provided proof-of-concept
code.
Regards,
'It's been known for 25 years...'. Yes, but is it old news that a
virus is CURRENTLY inside of some Delphi compilers?
--
Robert Novak:
'Always love your country — but never trust your government!'
Marco van de Voort
2009-08-23 13:04:27 UTC
Permalink
Post by anonymous
Post by nemo_outis
only read the famous 1984 paper, "Reflections on Trusting Trust" by the
also-famous Ken Thompson. It's been known for 25 years that a suborned
compiler can infect what it compiles - Ken even provided proof-of-concept
code.
'It's been known for 25 years...'. Yes, but is it old news that a
virus is CURRENTLY inside of some Delphi compilers?
... and in the wild.
nemo_outis
2009-08-23 17:33:39 UTC
Permalink
Post by anonymous
Post by nemo_outis
Post by anonymous
Security experts seem more intrigued than alarmed over a
newly-discovered virus that inserts itself into a Delphi compiler,
and replicates itself in every program compiled.
http://www.wired.com/threatlevel/2009/08/induc/
Talk about old news!
To understand why security experts are not particularly surprised one
need only read the famous 1984 paper, "Reflections on Trusting Trust"
by the also-famous Ken Thompson. It's been known for 25 years that a
suborned compiler can infect what it compiles - Ken even provided
proof-of-concept code.
Regards,
'It's been known for 25 years...'. Yes, but is it old news that a
virus is CURRENTLY inside of some Delphi compilers?
Only 25 years from vulnerability exposure to a real world exploit? Wow,
what blinding speed! Kinda takes your breath away. Truly those "evil
hackers" are cutting-edge devils.

So vulnerabilty announcements are followed by exploits - whodda thunk it?
You may as well make an trumpeting announcement for every virus in
Norton's and Mcafee's databases.

Moreover, besides the non-newsness of it all, my post was specifically
addressed as to why neither "security experts" nor I were surprised -
it's just another run-of-the-mill exploit of a long-known vulnerability.
Script-kiddie stuff.

Yawn!
Marco van de Voort
2009-08-24 05:24:01 UTC
Permalink
Post by nemo_outis
Only 25 years from vulnerability exposure to a real world exploit? Wow,
what blinding speed! Kinda takes your breath away. Truly those "evil
hackers" are cutting-edge devils.
So vulnerabilty announcements are followed by exploits - whodda thunk it?
You may as well make an trumpeting announcement for every virus in
Norton's and Mcafee's databases.
Moreover, besides the non-newsness of it all, my post was specifically
addressed as to why neither "security experts" nor I were surprised -
it's just another run-of-the-mill exploit of a long-known vulnerability.
Script-kiddie stuff.
Strictly speaking, it infects the precompiled libraries, not the compiler
itself, so isn't the same as e.g. the Richie post.
nemo_outis
2009-08-24 14:49:55 UTC
Permalink
Post by Marco van de Voort
Post by nemo_outis
Only 25 years from vulnerability exposure to a real world exploit?
Wow, what blinding speed! Kinda takes your breath away. Truly those
"evil hackers" are cutting-edge devils.
So vulnerabilty announcements are followed by exploits - whodda thunk
it? You may as well make an trumpeting announcement for every virus
in Norton's and Mcafee's databases.
Moreover, besides the non-newsness of it all, my post was
specifically addressed as to why neither "security experts" nor I
were surprised - it's just another run-of-the-mill exploit of a
long-known vulnerability. Script-kiddie stuff.
Strictly speaking, it infects the precompiled libraries, not the
compiler itself, so isn't the same as e.g. the Richie post.
A distinction without a difference.

Yawn!
Marco van de Voort
2009-08-24 15:50:34 UTC
Permalink
Post by nemo_outis
Post by Marco van de Voort
Post by nemo_outis
Moreover, besides the non-newsness of it all, my post was
specifically addressed as to why neither "security experts" nor I
were surprised - it's just another run-of-the-mill exploit of a
long-known vulnerability. Script-kiddie stuff.
Strictly speaking, it infects the precompiled libraries, not the
compiler itself, so isn't the same as e.g. the Richie post.
A distinction without a difference.
Please read the original article. It is about bootstrapping compilers, Unix
style, and a totally different topic.

The only real connection is that both somewhere are remotely connected to
compilers.
Post by nemo_outis
Yawn!
Sigh!

sengsational
2009-08-23 15:04:06 UTC
Permalink
Post by anonymous
Security experts seem more intrigued than alarmed over a
newly-discovered virus that inserts itself into a Delphi compiler, and
replicates itself in every program compiled.
http://www.wired.com/threatlevel/2009/08/induc/
I expected this forum to be abuzz with Delphi developers comparing
notes on the date of their first compile with the virus. Those with
the earliest infections would have a chance to see where this came
from (I suspect maybe a Delphi productivity tool).

Is there a place where Delphi developers hang-out and talk geek stuff?

--Dale--
Chris Burrows
2009-08-23 23:04:01 UTC
Permalink
Post by sengsational
I expected this forum
Which forum? The original post went to several.
Post by sengsational
to be abuzz with Delphi developers comparing
notes on the date of their first compile with the virus. Those with
the earliest infections would have a chance to see where this came
from (I suspect maybe a Delphi productivity tool).
Is there a place where Delphi developers hang-out and talk geek stuff?

There have been at least four separate discussions on this topic under way
for the last week in the Delphi non-tech forum:

https://forums.codegear.com/forum.jspa?forumID=67

--
Chris Burrows
CFB Software
Armaide v2.1: ARM Oberon-07 Development System
http://www.armaide.com
Loading...