Technology & Science

Computer virus just a joke 25 years ago

Computer viruses, which turn 25 this year, began as a prank by a precocious ninth grader.

'Elk Cloner' not malicious like its successors

What began as a ninth-grade prank has earned Rich Skrenta notoriety as the first person ever to let loose a personal computer virus.

Although over the next 25 years, Skrenta started the online news business Topix, helped launch a collaborative Web directory now owned by Time Warner Inc.'s Netscape and wrote countless other computer programs, he is still remembered most for unleashing the "Elk Cloner" virus on the world.

"It was some dumb little practical joke," Skrenta, now 40, said in an interview. "I guess if you had to pick between being known for this and not being known for anything, I'd rather be known for this. But it's an odd placeholder for [all that] I've done."

"Elk Cloner"— self-replicating like all other viruses— bears little resemblance to the malicious programs of today. Yet in retrospect, it was a harbinger of all the security headaches that would only grow as more people got computers and connected them with one another over the Internet.

Skrenta's friends were already distrusting him because, in swapping computer games and other software as part of piracy circles common at the time, Skrenta often altered the floppy disks he gave out to launch taunting on-screen messages. Many friends simply started refusing disks from him.

So during a winter break from the Mt. Lebanon Senior High School near Pittsburgh, Pa., Skrenta hacked away on his Apple II computer— the dominant personal computer then— and figured out how to get the code to launch those messages on to disks automatically.

He developed what is now known as a "boot sector" virus. When it boots, or starts up, an infected disk places a copy of the virus in the computer's memory. Whenever someone inserts a clean disk into the machine and types the command "catalog" for a list of files, a copy gets written on to that disk as well. The newly infected disk is passed on to other people, other machines and other locations.

The prank, though annoying to victims, was relatively harmless compared with the viruses of today. Every 50th time someone booted an infected disk, a poem he wrote would appear, saying in part, "It will get on all your disks; it will infiltrate your chips."

Skrenta started circulating the virus in early 1982 among friends at his school and at a local computer club. Years later, he would continue to hear stories of other victims, including a sailor during the first Gulf War nearly a decade later (Why that sailor was still using an Apple II, Skrenta does not know).

Viruses multiply

These days, there are hundreds of thousands of viruses— perhaps more than a million depending on how slight variations are counted.

The first virus to hit computers running Microsoft Corp.'s operating system came in 1986, when two brothers in Pakistan wrote a boot sector program now dubbed "Brain"— purportedly to punish people who spread pirated software. Although the virus didn't cause serious damage, it displayed the phone number of the brothers' computer shop for repairs.

With the growth of the Internet came a new way to spread viruses: e-mail.

"Melissa" (1999), "Love Bug" (2000) and "SoBig" (2003) were among a slew of fast-moving threats that snarled millions of computers worldwide by tricking people into clicking on e-mail attachments and launching a program that automatically sent copies to other victims.

Today, security-related hardware, software and services represent a $38 billion US industry worldwide, a figure IDC projects will reach $67 billion US in 2010.

But even as corporations and internet service providers step up their defences, virus writers look to emerging platforms, including mobile devices and web-based services such as social-networking sites.

"Malware writers can't assume you are on PCs or won't want to limit themselves to that," said Dave Cole, Symantec's director of security response.

'A matter of time'

That's not to say Skrenta should get the blame anytime someone gets spam sent through a virus-enabled relay or finds a computer slow to boot because of a lingering pest. After all, there is no evidence virus writers who followed even knew of Skrenta or his craft.

Fred Cohen, a security expert who wrote his PhD dissertation in 1986 on computer viruses, said the conditions were right, and with more and more homes getting computers "it was all a matter of time before this happened."

In fact, a number of viruses preceded "Elk Cloner," although they were experimental or limited in scope. Many consider Skrenta's the first true virus because it spread in the wild on the dominant home computers of its day.

"You had other people even at the time saying, 'We had this idea, we even coded it up, but we thought it was awful and we never released it,"' said Skrenta, who is now heading Blekko Inc., a month-old startup still working in stealth mode.

And where was his restraint?

Skrenta replied: "I was in the ninth grade."