Talking tactics with ‘Doctor Owl', virus writer

Talking tactics with ‘Doctor Owl', virus writer

IDG: What got you started and what was the first virus you wrote?

Doctor Owl: I came across a disk that had the Stoned virus on it - a really common old boot sector virus written by someone in New Zealand - and I read some books trying to understand how it worked. In the end I liked writing them more than trying to understand how someone else's worked.

What was the first virus you wrote, and what did it do?

It was a stealth boot sector virus named "Facade". I'd written it for a friend who wanted a virus named after how he was feeling - that corporate managers don't care about their workers. It was set to wipe the hard disk of infected computers on February 27, his birthday. He didn't end up using it.

A year or two later it went wild and infected a university in the US, but it was handled on the quiet by a private company to save [the university's] reputation. I don't know who spread it.

Had your friend planned to release it within his company?

I don't know what he had planned to do with it. I think he just wanted something nice for his birthday. If he had used it, it would have been very obvious that he was to blame.

How many viruses have you released into the wild?

None. Were I to spread a virus, I would need to design it from the ground up to make sure it will last in the wild for a very long time and never be forgotten. I'd like that, but I have a lot of work to do before then. Smaller viruses that create flashes in the media which are forgotten the next day are not worth the trouble . . . I'd feel bad releasing a virus that I wrote that didn't have a chance to survive.

You said you'd "feel bad" if you wrote a virus that didn't have a chance to survive. What do you mean by that?

You put a lot of yourself into viruses in the design process, just as if you were teaching a child. You get an emotional attachment. You feel proud if they spread; you feel bad if they fail somehow, and even worse if they're put into a collector's zoo and never seen again.

What motivates you to write viruses - especially if, as you say, you don't unleash them?

I write viruses because every virus is a step forward in technology, and that brings me closer to creating a virus that will survive transparently in the wild for months. That alone is something to be proud of. Then, the longer you survive in the wild undetected, the more information gathering power you have over even otherwise inaccessible PCs, and you could use that power or even just sell the technology.

What do you mean by "information gathering" power? Are you referring to a Trojan horse?

No. I will give you an example. Take any virus today and put it into the wild. It will be discovered in a few days' time and destroyed worldwide - because [antivirus vendors] will update their software to eradicate it. That means that virus is worthless; it's unlikely to reach any target you might want it to get to, whether it be to gather information or [be destructive].

But if you wrote a virus that survives a long time undetected - weeks or months - you're more likely to reach your target, or multiple targets, for whatever you want.

It seems like a virus isn't the most efficient method to reach a target, unless you unleash it on the specific system you're targeting.

Current viruses are unable to target specific systems, but only because they don't survive long enough to. Example: Imagine the flu. Everyone gets the various types of the flu and it spreads very fast and dies down because we have such good immune systems. So you couldn't target somebody with the flu easily if they lived on the other side of the world. But if you could make a flu that the immune system couldn't handle, you could reach anyone.

Hmm. "Owl" is starting to sound like a misnomer. It's such a gentle animal.

Owls are cute. They're also a highly developed killer. Nature is cruel like that. I chose the name because they signify intelligence.

Are we to understand that your main aim in writing viruses is to destroy a user's system?

My main aim has nothing to do with destroying systems. My point was that not only could you be proud of creating the virus itself that could [survive in the wild] like that, but you could reap rewards by infiltrating even the most secure systems, or just selling the technology off and retiring.

My aim in writing viruses is to start the new breed of smart, semi-alive viruses that are unstoppable for weeks at a time. Then I retire happy knowing I was the creator of the smartest and most powerful virus ever, and sell the technology off to the government, or [do] whatever I decide really . . . considering the world is run by computers, you could do almost anything.

You talk about writing really destructive viruses, but you've been a victim of viruses as well. Don't you have empathy for unsuspecting people who will be affected by your work?

I never said anything about writing destructive viruses, or wanting to. I've only talked about a virus that stays in the wild for months. For a virus to do that, it needs to be bug-free, non-destructive and non-obtrusive. I don't release viruses, so people don't get hurt by me. And if I do, the virus will be good enough not to cause harm, only survive as best it can.

But you said Facade was set to "wipe out the hard disk of infected computers". That's not destructive?

That was not meant for the wild; it was for a friend. Plus it was my only destructive virus out of all 20 I've done, and my first.

But it did infect a university in the US. That must have been fairly destructive to the university?

Maybe, maybe not. Someone used it for something that was unintended; they could have just as easily set the school on fire.

But the virus did infect the school. And since it was set to wipe out the hard disk, one assumes it was successful at this task.

I don't know whether it was caught in time or not. You could not say either way.

But you're chasing this as if I wrote a destructive virus to destroy a university. That's not the case. I don't feel responsible in any way for someone taking a virus I created and using it for their own purposes, just as Microsoft doesn't feel responsible if you accidentally reformat a disk [with its program].

But even if you don't distribute it yourself but hand it off to someone who does, doesn't that make you responsible as well, since you created the program in the first place?

If I write a program and somebody else uses it destructively, that's not my fault. Blame whoever spread it.

A virus needs to be set in motion to cause destruction. I may create a virus but, by itself, it is nothing until you run it to infect somebody's system.

But I haven't done it yet. I'm not a bad person until I commit the deed.

Do you have empathy for someone who may be the victim of a program like Facade?

Empathy I do. Responsibility I don't. Unless I personally infected their computer to spite them, I'm no more to blame than the match company for creating the matches someone burned your house down with.

Follow Us

Join the newsletter!

Error: Please check your email address.
Show Comments