Often the weakness has to do with an array of data where there is no checking being
done on the boundaries of the array. Programs written in the C programming language, perhaps the most popular
system programming language, can be vulnerable, because C does not provide built-in boundary checking on
arrays. A worm program can change data beyond the boundary of an array, thus altering, perhaps, the return
address on the call stack so as to cause the method to transfer control to the worm.
Why do people write and release viruses, Trojan horses, and worms? Sometimes it is for clearly criminal
intent. The perpetrator wants to gain access to private information, perhaps with the intention of stealing money
or credit. Sometimes it is for a quasi-commercial purpose, such as gaining access to another??™s computer to
employ it to send spam e-mail to others. Sometimes it is simply to prove one??™s technical ability, and perhaps
also to gain recognition among one??™s peer group or reference group.
Sometimes the perpetrators claim to be doing the victims a favor by exposing a weakness in the victims??™
security! That argument can be addressed by analogy. What would a homeowner think if some stranger came
to the front door, the back door, the basement door, the windows, etc.
Pages:
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482