Prank starts 25 years of security woes
By ANICK JESDANUN, AP Internet Writer Sat Sep 1, 2:33 AM ET
NEW YORK - What began as a ninth-grade prank, a way to trick already-suspicious friends who had fallen for his earlier practical jokes, has earned Rich Skrenta notoriety as the first person ever to let loose a personal computer virus.
Although over the next 25 years, Skrenta started the online news business Topix, helped launch a collaborative Web directory now owned by Time Warner Inc.'s Netscape and wrote countless other computer programs, he is still remembered most for unleashing the "Elk Cloner" virus on the world.
"It was some dumb little practical joke," Skrenta, now 40, said in an interview. "I guess if you had to pick between being known for this and not being known for anything, I'd rather be known for this. But it's an odd placeholder for (all that) I've done."
"Elk Cloner" — self-replicating like all other viruses — bears little resemblance to the malicious programs of today. Yet in retrospect, it was a harbinger of all the security headaches that would only grow as more people got computers — and connected them with one another over the Internet.
Skrenta's friends were already distrusting him because, in swapping computer games and other software as part of piracy circles common at the time, Skrenta often altered the floppy disks he gave out to launch taunting on-screen messages. Many friends simply started refusing disks from him.
So during a winter break from the Mt. Lebanon Senior High School near Pittsburgh, Skrenta hacked away on his Apple II computer — the dominant personal computer then — and figured out how to get the code to launch those messages onto disks automatically.
He developed what is now known as a "boot sector" virus. When it boots, or starts up, an infected disk places a copy of the virus in the computer's memory. Whenever someone inserts a clean disk into the machine and types the command "catalog" for a list of files, a copy gets written onto that disk as well. The newly infected disk is passed on to other people, other machines and other locations.
The prank, though annoying to victims, is relatively harmless compared with the viruses of today. Every 50th time someone booted an infected disk, a poem he wrote would appear, saying in part, "It will get on all your disks; it will infiltrate your chips."
Skrenta started circulating the virus in early 1982 among friends at his school and at a local computer club. Years later, he would continue to hear stories of other victims, including a sailor during the first Gulf War nearly a decade later (Why that sailor was still using an Apple II, Skrenta does not know).
These days, there are hundreds of thousands of viruses — perhaps more than a million depending on how one counts slight variations.
The first virus to hit computers running Microsoft Corp.'s operating system came in 1986, when two brothers in Pakistan wrote a boot sector program now dubbed "Brain" — purportedly to punish people who spread pirated software. Although the virus didn't cause serious damage, it displayed the phone number of the brothers' computer shop for repairs.
With the growth of the Internet came a new way to spread viruses: e-mail.
"Melissa" (1999), "Love Bug" (2000) and "SoBig" (2003) were among a slew of fast-moving threats that snarled millions of computers worldwide by tricking people into clicking on e-mail attachments and launching a program that automatically sent copies to other victims.
Although some of the early viruses overwhelmed networks, later ones corrupted documents or had other destructive properties.
Compared with the early threats, "the underlying technology is very similar (but) the things viruses can do once they get hold of the computer has changed dramatically," said Richard Ford, a computer science professor at the Florida Institute of Technology.
Later viruses spread through instant-messaging and file-sharing software, while others circulated faster than ever by exploiting flaws in Windows networking functions.
More recently, viruses have been created to steal personal data such as passwords or to create relay stations for making junk e-mail more difficult to trace.
Suddenly, though, viruses weren't spreading as quickly. Virus writers now motivated by profit rather than notoriety are trying to stay low-key, lest their creations get detected and removed, along with their mechanism for income.
Many of the recent malicious programs technically aren't even viruses, because they don't self-replicate, but users can easily get infected by visiting a rogue Web site that takes advantage of any number of security vulnerabilities in computer software.
Although worldwide outbreaks aren't as common these days, "believe it or not there's exponentially more malware today than there ever was," said Dave Marcus, a research manager for McAfee Inc.'s Avert Labs. "We find 150 to 175 new pieces of malware every single day. Five years ago, it would have been maybe 100 new pieces a week."
Symantec Corp. formed the same year Skrenta unleashed "Elk Cloner," but it dabbled in non-security software before releasing an anti-virus product for Apple's Macintosh in 1989. Today, security-related hardware, software and services represent a $38 billion industry worldwide, a figure IDC projects will reach $67 billion in 2010.
Even as corporations and Internet service providers step up their defenses, though, virus writers look to emerging platforms, including mobile devices and Web-based services like social-networking sites.
"Malware writers can't assume you are on PCs or won't want to limit themselves to that," said Dave Cole, Symantec's director of security response.
That's not to say Skrenta should get the blame anytime someone gets spam sent through a virus-enabled relay or finds a computer slow to boot because of a lingering pest. After all, there no evidence virus writers who followed even knew of Skrenta or his craft.
Fred Cohen, a security expert who wrote his Ph.D. dissertation in 1986 on computer viruses, said the conditions were right, and with more and more homes getting computers, "it was all a matter of time before this happened."
In fact, a number of viruses preceded "Elk Cloner," although they were experimental or limited in scope. Many consider Skrenta's the first true virus because it spread in the wild on the dominant home computers of its day.
"You had other people even at the time saying, `We had this idea, we even coded it up, but we thought it was awful and we never released it,'" said Skrenta, who is now heading Blekko Inc., a month-old startup still working in stealth mode.
And where was his restraint?
Skrenta replied: "I was in the ninth grade."