Author Topic: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed  (Read 17724 times)

0 Members and 2 Guests are viewing this topic.

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: Blast Antivirus Version 5.0
« Reply #30 on: April 13, 2010, 11:13:13 am »
yeah if the viruses got updated regulary the antivirus updates could get much harder and could even overhelm the author with work.

Offline willrandship

  • Omnimagus of the Multi-Base.
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2953
  • Rating: +98/-13
  • Insert sugar to begin programming subroutine.
    • View Profile
Re: Blast Antivirus Version 5.0
« Reply #31 on: April 13, 2010, 11:22:16 am »
Yeah. That's why linux rules. :D

Honestly, viruses on calcs seem too much like a curiosity to have that much work on either side.

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: Blast Antivirus Version 5.0
« Reply #32 on: April 13, 2010, 11:31:22 am »
Oh let's not get started with OS fanboyism here it got pretty annoying on IRC a few weeks ago. If you be careful on Windows (such as not using IE and watching out what you download) you won't get much viruses anyway.

As for calcs yeah they're very uncommon. And if someone make a bad ASM program he can simply rename it to Mario or Galaxian and make it the exact same size as the original game. All he has to do is use bad Axe Parser code then put loads of data at the end of his program, enough so the file is the same size. I am sure some detection could be done code-wise, though, but it would still be hard x.x

Offline willrandship

  • Omnimagus of the Multi-Base.
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2953
  • Rating: +98/-13
  • Insert sugar to begin programming subroutine.
    • View Profile
Re: Blast Antivirus Version 5.0
« Reply #33 on: April 13, 2010, 10:42:46 pm »
i meant the antivirus, actually. As in it dissassembles the program being scanned and detects bad code. For instance, you could have a scanner program that you can tell to scan specific programs, then have it tell you the result.

Offline ACagliano

  • LV8 Addict (Next: 1000)
  • ********
  • Posts: 919
  • Rating: +32/-2
    • View Profile
    • ClrHome Productions
Re: Blast Antivirus Version 5.0
« Reply #34 on: April 14, 2010, 11:36:51 am »
Well, I need a list of bad hex codes. Ones that are malicious. Without them, I can't do it.

Offline ACagliano

  • LV8 Addict (Next: 1000)
  • ********
  • Posts: 919
  • Rating: +32/-2
    • View Profile
    • ClrHome Productions
CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #35 on: July 03, 2010, 11:40:14 am »
I have decided to revive the Blast Antivirus project, using Celtic III app, designed to be compatible with both Celtic III and DCS7. This will be version 5. Also, whereas the settings and updates to the virus definitions were lost in a RAM clear in version 4, I am working on making them crash-proof in version 5. Also, the subroutines will be provided in a group file, and i will use Celtic3 to call them when needed and delete them when they are no longer needed. No ungrouping nessecary. I will post here on my project as I complete it.


Question: Let's say, the calc is currently running prgmBLAST5. I then use Celtic III to move BLAST5 to archive before quitting it, and move it back to ram upon launching it. Assume that no other software (ie: CalcUtil) is installed. Will that be an error? If yes, then I have another way around it.

Offline ACagliano

  • LV8 Addict (Next: 1000)
  • ********
  • Posts: 919
  • Rating: +32/-2
    • View Profile
    • ClrHome Productions
CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #36 on: July 18, 2010, 12:29:12 pm »
This above program is nearing completion. While it will be some time before it is available for beta testing, I am posting here to ask if anyone is willing to beta test when the time comes. If you want to participate, please post so here, and provide a VALID email address. Thank you.

Offline shmibs

  • しらす丼
  • Administrator
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2132
  • Rating: +281/-3
  • try to be ok, ok?
    • View Profile
    • shmibbles.me
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #37 on: July 18, 2010, 03:18:40 pm »
im not sure what the point of antivirus would be, but i have nothing better to do and am somewhat curious so... sure, why not

« Last Edit: May 09, 2011, 02:46:05 am by shmibs »

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #38 on: July 18, 2010, 07:03:49 pm »
Unfortunately, since I am slowly returning from some break and might be busy with some stuff outside the community such as some games (*cough*Starcraft II*cough*) and my calc project, I don't think I'll have time to test this, especially that I do not know assembly programming or anything that would allow me to figure out how to find security breaches in your program.

That said I'll be honest with you. I do not mean to be rude and I generally don't do this when it comes to calc projects, but like Shmibs is implying, I do not really see the use of a calculator anti-virus. Maybe inside school, where students who barely know anything about calcs can get infected with some sort of Ion-virus renamed to Phoenix or risks of running programs like OSKill, also renamed to popular game names, it could be useful to have on someone's calc, but online, in the TI community, I personally doubt anyone with minimal calculator knowledge will want an anti-virus on their calc, especially that ASM programmers can easily modify their program to circumvent the protections you would need to keep updated regulary. Another issue is that a virus needs to be on a popular archive to be popular. This means ticalc.org. However, ticalc.org deletes such file from their archives. Hence why Iambian's Ion infector program (I forgot the name and URL) as well as BrandonW's OSKill program are not available there.

I noticed that since you joined the forums, you have a huge dedication in such programs, and it can be seen by how you resumed work on Blast Antivirus after most of us thought it was dead. However, I think that in long terms, persisting in creating such program could ruin your TI programmer reputation (like what happened to KermMartian between 2002 and 2004). Once a reputation is ruined, it is hard to repair it afterward. On certain other sites, you may get an even harsher response to an anti-virus project, or the thread may be turned into a troll fest in a day, as people will not take its author seriously anymore. Most people will think you only make useless programs or programs that were done 100000 times before and flood the ticalc.org archives with them, and people in the TI community often suggested to ticalc.org to stop allowing said "anti-viruses" and "Windows XP" clones in their archives, because about 90% of the archives are made of those (as well as Quadratic Solvers and Number Guessing Games). In the past, I was one of those people. Later, I simply stopped visiting TI-83 Plus BASIC Misc. Programs altogether, until Ticalc.org split them in sub-directories.

I think that once this project is done, you should maybe focus on something that would be more useful to the average Omnimaga/Cemetech/UTI/etc user and that hasn't been overdone either in the past decade. Examples would be games (like the Star Trek game you had in the works a while ago) or programming tools (like your TI-BASIC tutorials, providing they are made to provide a way of learning that other tutorials don't). That's unless your audience is meant to be people at school, but then still remains the issue that programs for school users may not really attract attention on a site like Omnimaga. As you could notice already, even math programs have an hard time getting attention on Omnimaga as well. The thing is that the average crowd here is only interested in games and tools to develop games.

Of course that's up to you, though. I am just giving a suggestion. I would like to see at least one anti-virus for calcs that actually work and do something, even if it's to protect against Iambian's and BrandonW.

Also, I merged your 3 anti-virus threads together and moved them to calc projects and ideas, since I felt one was enough.
« Last Edit: July 18, 2010, 07:05:09 pm by DJ Omnimaga »

Offline ACagliano

  • LV8 Addict (Next: 1000)
  • ********
  • Posts: 919
  • Rating: +32/-2
    • View Profile
    • ClrHome Productions
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #39 on: July 19, 2010, 12:22:58 pm »
Ok. I actually lost track of the other two threads, so sorry about that.

As for persistence, ever since the release of Version 4, I wanted to make one with the potential to search by contents rather than just by name. Also, as you will see in the release, it is more than just an anti-virus. It will also have RAM restore capabilities, if I can get it working properly. And, yes the tool is designed to be used by an average student to wipe out malicious stuff that endangers their ability to play games or cheat on tests.

PS: Version 5.0 will detect OSKILL and BRICK by BrandonW. If Iambian is kind enough to provide his code, I'll include it as well.

PS2: My tutorial in game design is still on the menu to be worked on, and I will also complete the Star Trek game, once I see the necessary command support within Axe.

So thanks to all who are willing to test. My purpose of testing is to make sure it works. And to all the skeptics...this one will actually work.

Regards. 

Offline calcdude84se

  • Needs Motivation
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2272
  • Rating: +78/-13
  • Wondering where their free time went...
    • View Profile
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #40 on: July 19, 2010, 12:31:42 pm »
Just to repeat a couple things you are probably already aware of:
This is extremely difficult, especially since a person who was really trying to be malicious could simply disassemble, slightly change, then reassemble the code, which would render your checks inoperable.
As for RAM restore, realize that this can only be done on the 83+SE and older 84+(SE)'s, because newer ones (and any normal 83+) do not have the RAM required to backup the main 32KB of RAM.
Anyway, ignore my skepticism and good luck! :) (Do be aware of the reputation damage that could be done, though, like DJ said)
"People think computers will keep them from making mistakes. They're wrong. With computers you make mistakes faster."
-Adam Osborne
Spoiler For "PartesOS links":
I'll put it online when it does something.

Offline ACagliano

  • LV8 Addict (Next: 1000)
  • ********
  • Posts: 919
  • Rating: +32/-2
    • View Profile
    • ClrHome Productions
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #41 on: July 19, 2010, 09:37:46 pm »
1. This is extremely difficult, especially since a person who was really trying to be malicious could simply disassemble, slightly change, then reassemble the code, which would render your checks inoperable.

2. Anyway, ignore my skepticism and good luck! :) (Do be aware of the reputation damage that could be done, though, like DJ said)

1. Not if you are tailoring your checks toward b_calls like unlocking Flash, editting the certificate and stuff like that. The scanner will throw a warning if it detects such routines. Regardless of what they do to the code, they'll still need to use certain b_calls.

2. I know of reputation damage. That's why I'm taking my time working on this and planning it out well. I plan on Blast AntiVirus being known as the AntiVirus that works. Prior to release, I will test it extensively on BrandonW's stuff and try to make it as thourough as possible before release.

*Another feature is this: You may modify the virus definitions file (appvar BDefs) within the program. Let's say someone designs a new virus (or prank) called BXC1 and that program is not in the definitions, you may add it yourself.

**The virus definitions update file that I will periodically provide (for new virus/pranks that are designed after release) is called appvar BUDefs. When you run the antivirus, it will detect the update if one is present. With a single keypress, the antivirus auto-updates the virus definitions, then deletes the update file. Due to the structure of the update process, any self-modifications to the defintions file will be preserved across updates.

***The antivirus and all of its subroutines, appvars, and needed ingredients will be specifically designed so that you only need to send ONE file to your calculator. The installer will do the rest. Furthermore, all parts of this program are designed to endure in the event of any RAM clear.


If anyone has any more suggestions/ideas, please let me know.

Offline thepenguin77

  • z80 Assembly Master
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1594
  • Rating: +823/-5
  • The game in my avatar is bit.ly/p0zPWu
    • View Profile
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #42 on: July 19, 2010, 10:48:26 pm »
The main problems that I see though are that I'm not sure you can really block everything. If I wanted to, I could make a bad program, decrease every byte by one, and send it to someones calc. Your program wouldn't even pick up a single bcall because in it's current state, there are none. But then when it is run, it increments all the data and runs.

Not to mention, I found a way to invalidate an os, (in my case, erase page 0) with 7 bytes. I could make a 3k program that slowly through a process does those commands. I could add $70 + $0F to get $7F. Then use out (06), a, to bring in flash page $7F which is the boot code. Finally, add $4300 + $0014 to get $4314 which I could use jp (hl) to hide. I just don't see how you can protect against everything.
zStart v1.3.013 9-20-2013 
All of my utilities
TI-Connect Help
You can build a statue out of either 1'x1' blocks or 12'x12' blocks. The 1'x1' blocks will take a lot longer, but the final product is worth it.
       -Runer112

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #43 on: July 19, 2010, 10:57:14 pm »
The best thing you could do is probably get some people to write bad programs for you to test your anti-virus on, but of course make sure to test on emulator first, and watch out about programs that deletes the certificate x.x

Offline thepenguin77

  • z80 Assembly Master
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1594
  • Rating: +823/-5
  • The game in my avatar is bit.ly/p0zPWu
    • View Profile
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #44 on: July 19, 2010, 11:14:15 pm »
The best thing you could do is probably get some people to write bad programs for you to test your anti-virus on, but of course make sure to test on emulator first, and watch out about programs that deletes the certificate x.x

Reading this I think to myself, "I just disassembled the boot code yesterday... I know how to do this!"
zStart v1.3.013 9-20-2013 
All of my utilities
TI-Connect Help
You can build a statue out of either 1'x1' blocks or 12'x12' blocks. The 1'x1' blocks will take a lot longer, but the final product is worth it.
       -Runer112