Stopping Computer Viruses
and other malware

V   
iruses spread in people because we have numerous commonalities that support the life of the virus. When it encounters someone whose genetic makeup is sufficiently different ... it ceases to work in that environment and that human is said to be immune. There are numerous ways to be immune to any given virus. It's a complicated thing at the molecular level.

The same is true of the computer. Viruses are written to take advantage of commonalities from one machine to the next. If the virus encounters a machine which is sufficiently different than those to which it is spreading ... it stops there. Thus, a virus written to attack Windows does not function on Linux ... an attack on Internet Explorer leaves Firefox unscathed.

To make all computers immune to all virus attacks it is simply necessary to make them all different. Each machine must have a different OS ... like WinXP, WinXX, WinQT, WinFungu, etc. That is, a different version of windows on every machine.

Well, la dee dah ...

How does this solve the problem? Who can create hundreds of millions of different OS's ... sufficiently different to shutdown a virus or other such nasty program? I believe that this can be simply done.

Here is a schematic picture of what's going on ...

antivirus.gif - 3kb Understand that if you write a program (good or evil) to run on somebody's machine, it must be written in a code understandable to that machine. There are several levels of coding in the machine ... and probably more that I don't know about. Fortunately for hackers and programmers as well, you don't have to understand all that's going on in the machine. It's all been taken care of before by others. You just write your program in a language that conforms to the Orange-Blue interface. You write it to run on, say, Windows XP.

Suppose then that we alter the OS in a unique way?

Like this ...

antiviru2.gif - 4kb Here, the light blue is something we graft onto the OS to make it different so that applications must conform the the new LightBlue-Orange line. Now, if you load a program into your machine that conforms to the former XP line in the first picture ... it won't work. Of course not, you've altered the OS so as to make it unusable for anything ... except what would conform to the new line. Sort of like monkeying around with the registry at random in every computer. No two are alike so no software written to the universal WindowsXP Operating System conformal line will work ... including viruses or any other malware.

So far it's all obvious and ... equally ... worthless.

Unless ...

We change the applications to conform to the new line

Change every individual application on your machine to conform to the unique Windows XP variant resident on your particular machine. And ... if you want to load a new program into your machine, you'd have to rewrite that program to conform to your machine individually ... then ... it would work just as well as it would on the standard WinXP that it was originally coded for.

How can this be accomplished in reality?

I'll offer a simple technique but there would probably be hundreds of much more sophisticated methods that real programming gurus could come up with. But the basic idea will remain the same ... make every computer different from every other so as to grant them universal immunity.

Suppose we just change the name of many .dll files in the operating system. Can you imagine what would happen to your system and applications if you just went into the windows systems folders and started changing names at random. Sure ... when you reboot ... you're screwed ... you'll need "GoBack" for sure if you ever want to run again (or maybe a reformat C?).

So what Bill Gates (or any third party software maker) must do is provide a program that goes through a new machine ... after all the software has been loaded ... and change all the chosen .dll files to random names ... and ... most importantly ... all the software "calls" for those .dll files. Then the program will run fine on that machine ... but won't on any other if you burned it to CD and gave it to your friend. So there are also copyright possibilities here as well as stomping out all virus attacks.

So, when you open an executable file (a virus) downloaded from the internet ... it can't run on your machine. It can't locate the files it needs to do its dirty work. It comes with directions about what to do on a Standard XP machine and yours is now Non-Standard. I think you can see where this is going?

With your machine and operating system software comes a small "translation" disk. When you want to load a new program you've purchased (which are all still written in Standard XP conformity), you are prompted to put in the translation disk which loads into ram ... then you take that out and put in your new program and it's installed and its code is altered so as to conform to your machine's variances from standard code.

Thus, if gomby.dll has been changed to hamandcheeze.dll, anywhere in the program where that file is called will also change gomby to hamandcheeze and everything runs like it should.

A plan like this won't stop all hacking into systems. It will stop all those wild spreaders that go around the world in 80 minutes. If one machine sends it to another, it just sits there on the new machine unable to make use of the OS that is different.

PS. It might be necessary to put in a few lines of dummy code to alter the number of bytes in a file so it couldn't be found easily by that identifier. Also, you could place the needed file in a different folder and change the calls for it so it would be fetched from the new folder. This can be very subtle. At any rate, it would be impossible for any program to "self-install" because you'd be prompted to insert the translation disk and you'd say, "Whuddafuk? I ain't puttin' no program in today! Why does it want my disk?".

Well, that's it. What do you think? Is this a winner? Or, is this a winner?

Wait a minute ... we have a problem.

All the programs resident on your machine have the translation info on them already. A virus writer needs to get your machine to search that code for the new names ... then use the new names to set itself up to do its nasty work on your newly altered machine. So, something has to be changed so that the virus writer can't even generate a search. If it can't get critical files right away, it's dead in the water. It can't start. It can't execute.

Hmmmm ... yup, I think it will work admirably. The basics appear to be sound. Anybody see a way to hack around this? It's like the new approach to cockroaches (ca. mid 1990's) ... kill all of them and none can build up immunities to the poisons. Hence, all German cockroaches can be and are eliminated whenever and wherever the new poisons are used.



Ebtx Home Page