Copy Link
Add to Bookmark
Report
xine-1.005
/-----------------------------\
| Xine - issue #1 - Phile 005 |
\-----------------------------/
Here is a small interview that I, b0z0, made to Rogue Warrior of
Genesis. Let's see what he prospects for the future and what does it think
about some specific topics of interest to our readers :)
Well, <R> is our guest Rogue Warrior and <b> is the interviewer :)
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
<b> Who you are and what you do everyday??? :)
<R> I am Rogue Warrior, I am mainly using my computer all day.
<b> Why 'Rogue'?
<R> I chose that to make it sound evil. Which newspaper will
write about "Snoopy" the virus coder? not many...
<b> When did you started dealing with computers?
<R> I started when young (forget exactly when), then i stopped
and later restarted with an IBM PC when in school.
<b> Which was your first experience in the underground computing world?
<R> I first discovered a fidonet VIRUS group and found some friend who
gave me a few viruses. I taught myself to code viruses from it.
<b> When did you join Genesis?
<R> Rajaat and myself formed Genesis, so it is more a matter of
when was it started - about 1 year ago.
<b> Why do you write virii and when you started writing them?
<R> I write them for revenge, fun, fame, challenge, protest, so many
reasons :) Started writing them in school.
<b> Which docs/material do you keep for most valuable for programming viriis?
<R> Well being famous for the crappy Nuclear, i got all my info from the
Help sections (hit F1 key)
As for my DOS viruses i use INTERRUPT list by Ralph Brown (rarely) and
some reference books which are really crap - I know most stuff off by
heart so don't usually need reference material.
<b> Which did you used most?
<R> Hmmm I don't know probably the very first ASM book i got - I stick
with what I know :)
<b> Which programming languages do you know and which do you use?
<R> Asm, C, C++, Word Basic ... about 9 total languages, and a few
scripting languages.
Only use: asm, C
All languages are self-taught except for one.
<b> How many viriis did you write?
<R> I have written heaps (30 or more) but I have only ever
released Nuclear to public - I will release some good
DOS viruses now that I am in Genesis.
<b> How do you name your viriis?
<R> I pick cool sounding names on TV :) or evil sounding names.
Eugene's crew picked WinMacro.Nuclear name and i thought it
was an EXCELLENT choice - good job bastards!.. it was
called Winword but the AV had to change because of
MicroSloth trademarks and shit.
<b> How do you spread your viriis?
<R> I have never spread viruses.
<b> Do you make also destructive viriis?
<R> Yes sure! What good is a virus without a payload.
<b> Do you prefer a specific type of virus?
<R> Yes, I like Polymorphic viruses, especially ones which are very hard
to remove (gives AV support persons more grief) - One Half is
probably my favourite virus.
<b> Which virus do you consider 'a good virus'?
<R> One Half - difficult to remove and detect
Bomber - for same reason (easier to remove)
Natas - cleaness of code (ie lack of errors)
<b> Do you think to continue to working on wordmacros?
<R> Yeah only for fun, they are so easy to detect butI'm sure there will
be people wanting to see more still :)
<b> Have you spreaded Nuclear yourself or how it spreaded?
<R> No, I never spread nuclear. Although I did attach it to Eugene's
text for a joke. If someone spread Eugene's infected document I did
not request for it to happen.
<b> Which can be the right approach from tha AV people to fight macro-virii?
<R> Heuristic Document Scanning building a profile of Macro Names -and-
the tokens in the template, adding a weighting for each particular
attribute a file has and then triggering an alert if the sum of these
values goes above a threshold.
Not many macro's should need to use MacroCopy, Kill, AutoOpen.
Pretty simple crap really..
<b> What do you think about the rumours that Concept was written by a MS
employee?
<R> Sounds plausible, they could have made it do something more - It's
rather lame (Isn't it like an M$ programmer to make a crap program?
;) - but then again so is Nuclear.
Nuclear is 99% AV marketing hype.
Look at Joe's wild list - it isn't even reported in one place yet.
Plus it's got those bugs! I hate bugs - Nuclear2 will be bug
free and the dropper will work and it will drop DOS or/and Windows
viruses (I've tested it! ;).
Maybe I will deliver a payload when ToolsMacro is activated (like
Vess suggested).
<b> Any plans for Win95 or NT native virii?
<R> Yes, in the future I will switch to writing for Win95/NT.
<b> How do you consider the actual virus scene?
<R> 1% great virus writers
4% good virus writers
5% average virus writers
30% collectors
60% morons
I don't know where i fit in this table - we'll see.
<b> How are your contacts with components of other vw groups?
<R> I talk to many people from the different active and inactive
groups, but usually I do it anonymously.
<b> Who is the greatest virus writer in your eyes?
<R> Well I cannot pick just one, Dark Avenger must be the best for new
ideas, vyvojar must be the best for troubling AV scanners and
Bit Addict is a wizard with size+speed+correctness of his viruses.
<b> What do you think about the current circumstances in alt.comp.virus?
<R> It sucks shit. AV get the fuck out (go back to comp.virus now it's
back up) - VX start posting *NEW* viruses to group.
<b> What do you think about Antivirus Resarchers?
<R> Researchers :) I think it's an alias for "virus collector" :)
What is there to research eh? Neural nets for detecting viruses?
Researchers at the virus labs? well they are just asm programmers
who work in AV sweatshops. They should join the VX team!
TBAV's heuristics could be MUCH better than the shit it is now.
All the other scanners suck too.
<b> What do you think about the AV market in general?
<R> If it were not for us - they would not exist - they denounce
us in public and cheer us when they pay for their mortage.
They had better start thinking about moving out of the AV
business because it won't be big enough for all of them soon.
<b> Which AV product would you use if you had to?
<R> AV product? Probably one you've never heard of :)
The mainstream AV product I would choose is AVP it has a nice code
emulator and the author(s) are not afraid to use unclean methods to
detect viruses.
I also like the way AVP cures viruses in memory while the virus is
still active - F-PROT and TBAV are too gutless for this and say "please
boot from a clean boot disk".
AVP realise that most people don't have a boot disk and if they do
it's probably infected :-)
<b> What do you think about the future of viriis?
<R> Their future is bright for Win* systems - they will not become
extinct as some people say. MS-DOS will be around for many years yet
and Win95 has security flaws ;) It's just a case of applying old tricks
to the new environments.
<b> What do you think about the Java language in virus writing?
<R> Java - possible to make a very cheesy virus
JavaScript - impossible
<b> Do you make part also of other parts of computer underground (hacking,
phreaking, carding...)?
<R> none
<b> What do you think about general legal problems concerning virii writing
in your country?
<R> Making virus writing a jailable offence would not work - It would only
inspire me to work harder and be even more careful about it.
<b> What do you think about countries where even the storing of virii code is
strongly prohibited? Where does this lead us to?
<R> I don't care much for local laws - I reside on the Internet this place
is essentially anarchy and you can do what you want.
<b> What is your opinion about the internet censorship?
<R> it is bad of course! stop it.
<b> What do you thing about the IKX?
<R> I think you are a great group. With good ideas for the future.
<b> Do you have any advice for us?
<R> You should work hard to bring freshness to the collective scenes
(h/p/a/v/c) and don't worry about your non-destructive policy :).
<b> Any new release from you in the near future?
<R> Nope ;) too lazy!
Rogue.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Well, thanx again Rogue!