• (nodebb)

    Funny how the US military and security services went from getting attacked by silly viruses of the 90s to creating some of the most dangerous malware targeting things like Iranian nuclear program.

  • Jonathan Wilson (google)

    I wish I could go back in time and find the idiot that decided that a document format needed to have the ability to run arbitrary code (sand-boxed or otherwise) and prevent Word Macros/VBA from being invented/implemented in the first place.

    Is there a single legitimate use for World Macros or VBA? What was the original reason for creating World Macros/VBA anyway?

  • Sole Purpose Of Visit (unregistered) in reply to Mr. TA

    Difficult to argue that it was amongst "the most dangerous;" after all, it did set back the centrifuge program quite a bit.

    It was also very finely targeted, as I recall: not just a Windows Puke Anywhere virus.

    ... although the idea of the Ayatollah opening his desktop and being confronted by a torrent of porn is quite appealing, really.

  • (author) in reply to Jonathan Wilson

    There was a legitimate reason for Excel macros: custom functions. Then it just sorta spiraled out of control from there.

  • (nodebb) in reply to Sole Purpose Of Visit

    I was going to joke that the ayatollahs watch porn themselves, and then realized that it's entirely possible that they are crazy enough to actually (not just verbally) forgo all life's pleasures, including questionable ones like porn.

  • Alistair (unregistered) in reply to Jonathan Wilson

    There are better ways to do it now, but I have used macros to assemble insurance documents based on database queries that were too complicated to do with mailmerge.

  • (nodebb)

    For those who think this originated with Word macros, perhaps take a look back at TECO [DEC 1962] and some of the "fun" that occurred back then.

  • (nodebb)

    "wolf3d.exe...... must have been pretty dire I see what you did there.

  • (nodebb) in reply to Remy Porter
    There was a legitimate reason for Excel macros: custom functions.
    . While having custom functions might be nice, that's no excuse for allowing macros to be embedded in the workbook itself.

    For that matter, IMSNHO all engineering would be a lot better off if Microsoft had refused to put any functions not required by accountants into Excel. Engineers who insist on using Excel to do (very badly) what should be done in R, MATLAB, Python, C, or other high-level math languages need to be severely dopeslapped.

  • (nodebb)

    It's not really the existence of macros in a word processor that caused this problem. The real problem is that Word had an AutoExec macro. That's a monumentally bad idea.

  • (nodebb)

    Ultimately, the problem is not that there is a Turing-complete programming language embedded in the applications, nor that its macros can be embedded in documents, but that a macro-container can contain a macro that is automatically executed when the container is loaded.

    That automatic execution (combined with the ability to inject macros from this container into another) is what allows macro viruses to spread themselves. (Without autoexec, they don't run when loaded, and without injection, they cannot spread.)

    Final oddity: the story goes that the first Word macro virus, Concept, was written by a guy at Microsoft as a proof of concept (duh) to show one of his colleagues that it could be done. It spread throughout Microsoft and elsewhere like corn through a goose.

  • (nodebb) in reply to Jonathan Wilson

    Is there a single legitimate use for World Macros or VBA? What was the original reason for creating World Macros/VBA anyway?

    Automation, of course. Though if I’m honest, I’m hard-pressed to come up with things that you would want to automate in a word processor, if it supports paragraph and character styles (which Word already did at the time). Excel and Access would have more actual use for VBA, and I suppose it got included in Word simply because they wanted to put this into all MS Office programs.

    Like Steve the Cynic says, the real problem is auto-execution of macros, not the macros themselves. But MS had that particular blind spot anyway back then — autorun.inf, anyone? Or automatic JavaScript execution in email message in Outlook, for that matter.

  • Alex (unregistered)

    OK, original submitter of the story here. Being a former Navy Journalist, I am obligated to correct some minor embellishments by Mr. Porter.

    First off, the files we used were Rich Text Format (.rtf), not Word Documents (.doc). Fair credit to Norton Antivirus, they had *.doc in the whitelist but not *.rtf. Once I did add RTF to kill the WTF, things did start working smoothly, enough to make me a big fan of Norton Antivirus for at least ten years following my Navy days.

    Second, this reference to WOLF3D.exe? Completely made up. Ditto the slew of viruses. We were dealing with one macro virus, and it survived by embedding itself in the RTF files on 3.5 inch floppy disks we used to carry our files around. It was just as annoying as Mr. Porter described, though.

    Third, the Defense Information School is real. It's at Fort Meade, Maryland, which is huge. We stayed on the same base for the war game, just a different part of it.

    Fourth, I never had any direct contact with the IT department. It's true that they ignored me, as far as I could tell. Why, I have no idea.

    Basically, I was a student at DINFOS who knew a little about computers, and very, VERY young. Mr. Porter definitely got the gist of the story right.

  • (nodebb)

    For what it's worth, I heard a talk once by Admiral Grace Hopper. She promoted the use of computers in the Navy by showing how individuals could make a difference by adopting them. Our hero Alex did the same thing with his simple infosec work.

    I guess it helps to be an admiral.

  • xtal256 (unregistered) in reply to Jonathan Wilson

    "I wish I could go back in time and find the idiot that decided that a document format needed to have the ability to run arbitrary code"

    But, but... that's how the entire web works today! You have a document format (HTML) running arbitrary code (JavaScript) and everyone thinks it's the glorious future.

  • Old timer (unregistered) in reply to Jaime

    The real problem is that emacs and vi and vim had auto start and auto config macros. But then AT&T (and DEC) had that blind spot.

  • Raj (unregistered)

    Nowadays it's arguable because web services are common and easy to integrate in Office without code, but back then there were plenty of valid reasons for VBA. I've seen interesting use cases such as a buzzword checker in Word or a more advanced XIRR implementation (the one in Excel only supported around 10 iterations).

    Macros and VBA are like payday loans - they're easy to bash until you find yourself in a situation where there's nothing better available.

  • (nodebb) in reply to Gurth

    Though if I’m honest, I’m hard-pressed to come up with things that you would want to automate in a word processor, if it supports paragraph and character styles (which Word already did at the time).

    I can give you an example: for a number of years, we would get an insurance renewal document for the hundreds of brokers for whom we were acting as intermediary. One document, with a page or two for each broker giving their renewal details. I created a macro that would split this up into hundreds of separate documents, named according to the data included for each broker, so that they could be mailed out to the respective brokers - a task that previously had to be done manually.

    On a smaller scale, I also used it for things like "here's a complicated replacement that I have to do fairly often and is tricky to recreate from scratch". Create a macro for it and save it in Normal.dot and it's available whenever you need it.

  • (nodebb)

    I created a macro that would split this up into hundreds of separate documents, named according to the data included for each broker, so that they could be mailed out to the respective brokers - a task that previously had to be done manually.

    That does benefit from automation, yes, but TBH the problem is that the people you got the document from didn’t appear to know about data merge to create those separate documents themselves …

  • (nodebb) in reply to Gurth

    but TBH the problem is that the people you got the document from didn’t appear to know about data merge to create those separate documents themselves

    And how, exactly, do you propose to fix the incompetence (or lack of caring) of another organization?

    Never state a problem in a way that makes fixing it impossible. The problem isn't "these people are idiots", the problem is "I have this tedious task to do and I need it to go faster".

  • markm (unregistered) in reply to Scarlet_Manuka

    There are good reasons for providing automation that applies to Word documents. I doubt there is ever a good reason for putting the program code in the Word document itself, let alone having it auto-run when the document is loaded.

  • Anonymous (unregistered) in reply to Jaime

    The "I need it to go faster" part does not depend on Macros. Without them, you would likely have used a small VB or VB.NET application that reads the document and splits it up. Or found an example online form someone who did this in Python. Or with Auto-It, or at least a dozen other ways.

    There's no need to do this inception-like from within the document itself.

  • Prime Mover (unregistered)

    Way back in 1985 or 1986 I worked in an electronics calibration laboratory. One of our tasks was to send notifications to all departments that their apparatus was due for calibration at the appropriate time. We employed a clerk whose job was just to do that. He had his little card-index system. Every day he would look through his list and do what was necessary to notify those departments.

    We had just taken ownership of one of the early PCs. It had a word processor on it. Now there were two of us calibration dudes who had BBC-B computers with lots of groovy enhancements, at the time when the BBC-B in the hands of a hobbyist was easily as desirable as a new PC (in fact, more so). So we said: why don't we configure the word processor to automatically collate all the information that the clerk would normally collect by hand, and automatically print out an automatic letter which would be automatically sent to the departments concerned automatically?

    All very well, but there did not exist the facility in that brand new exciting PC to merge multiple pieces of apparatus into one letter. So, rather than issue a note (this would of course be hard-copy, no electronic communication for us) of the form:

    "Dear (xyz department), please note that these pieces of apparatus need to be calibrated: (long list). Please arrange for them to be collected and sent to the calibration department."

    ... what we in fact could only manage to do was issue a whole series of letters:

    "Dear (xyz department), please note that this piece of apparatus needs to be calibrated: (item 1 identifier). Please arrange for them to be collected and sent to the calibration department."

    ... and we strung them all together in a great long piece of form-feed paper.

    This caused us to be ridiculed. "We could have done it properly using a BBC-B," we informed them.

  • Richard Wells (unregistered) in reply to TheCPUWizard

    Especially since TECO programs were indistinguishable from line noise.

    I once implemented UUCP for VAX/VMS using TECO so my roommate could transfer files between the VAX and his home-brew S100 system over a 300 baud acoustic modem. Damn, those were the days.

Leave a comment on “A Military Virus”

Log In or post as a guest

Replying to comment #513626:

« Return to Article