Archive for September, 2007

Friday 28th September

September 28, 2007

Today we did some revision questions on viruses and talked a bit more in depth about a particular virus, “I love you”. This virus sent itself to everyone in your address book as an attachment to an email with the subject “I Love you”. As it reproduced itself it is classified as a worm.

We also did the revision questions below. They cover what utilities are, a detailed question about defragmenter and a question to work out what anti virus techniques may have been successful against the I love you worm.


You lot also went and made powerpoints showing the difference between GIF, JPEG, TIFF and BMP. Here is some of your work (see if you can recognise your own….)


Just to be clear JPEG supports true colour (i.e. 24 bits per pixel)


Utility Programs

September 27, 2007

Today we did utility programs. There are 4:

  1. Virus checker (think Peter Norton)
  2. Disk Editor (cleaning up things like downloaded internet pages )
  3. Recovery (we had a discussion about whether you would get a mark for calling this restore or not)
  4. Disk defragmenter (shown below)


Remember the key word about the defragmenter is contiguous. This describes how the files should be next to each other on your hard drive, which is basically what the defragmenter is trying to achieve. If you are looking for another mark then I said you could mention that defragmenting should increase system performance

Detection techniques

September 26, 2007

There are four methods of spotting a virus that you have to know about, they are:

Searching for a virus signature

This means trying to find a match for a bit of programming code that has been recognised as a virus. This is the main way most anti virus programs detect viruses and is why you need to keep your anti virus up to date!

Memory resident monitoring

This is looking at the programs in memory (like in the screen I showed you when I talked about memory monitoring) and trying to spot a program that is trying to do something unusual. It is a bit like watching for pupils who keep turning round in an exam, they are probably trying to cheat. Not all anti virus programs do this and it has to be running all the time to be of any use.

Using something called checksum

Viruses sometimes change files. Anti virus programs can detect changes by getting a value out of a file (by doing a calculation with the binary numbers) and then later on trying to get the same value by performing the same calculation. If they don’t match someone or something (i.e. a virus) has changed the file.

Using something called heuristics

A heuristic is a trick or technique that helps you solve a problem. We know that viruses often display wierd behaviour, like trying to delete all your files without you clicking the mouse, or on a particular date disabling your computer (see michaelangelo virus). So anti virus programs can increase their chances of finding a virus by looking for these kinds of actions (another way of saying they are using a heuristic).

I hope this helps. If you are still finding it tricky there is some good stuff on Scholar, here, also I will be back tomorrow so you can ask questions then (I hope you have been behaving Dara 😉 )

Viruses, Worms and Trojans

September 24, 2007

Today we went through what the difference between all of these are, trying to tread a careful line between showing examples and enough information to make sense and holding back enough to prevent Dara from taking up a new career as a hacker/virus creator/general nuisance.

I showed an example of a trojan called spysherrif which pretended to be a security software program but actually reported false threats in order to make a sale.


September 23, 2007

Today (Friday, but I am late typing it up) I covered viruses, I showed the class a clip of How to make a simple virus on Youtube. A bad idea, all questions that followed related to how this could be spread around the computers of friends and family 😦

Keith claimed to be keen to learn about virus writing so he could “help uninfect computers”.

virus powerpoint

We also had a look at what you could do with a macro and the difference between these types of viruses and boot sector/file virsues. Below is a sall screenshot of the part of the syllabus that we are covering at the moment (if you want the full syllabus go here)

The Bootstrap loader

September 20, 2007

I have backdated this post to when you were meant to learn about it (I wasn’t actually in class) so think of this as an alternative lesson….

The bootstrap loader is 1. a piece of software 2. responsible for loading the rest of the operating system, these are pretty much the main pieces of information you need for the exam although if you do want to learn more here is a link to show I am not lying and here is a link to a massive page from wikipedia.

Main jobs of an Operating System

September 18, 2007

In this lesson I talked about the main funtions of a single user operating system and somehow managed to find a way to tie in a picture of an early flight simulator that I used to play back in the early nineties. Unfortunately I forget exactly why this was relevant now but it might be that I was trying to give a link between providing an HCI or interpreting user commands.

I did also show you this powerpoint which shows all the jobs that you need to know:

  • Managing memory
  • Resource allocation
  • File management
  • Input/Output