Charles Mills wrote: [CHRISTMA EXEC] > I remember it. It was a real event. I was working closely with IBM at > the time. I had a BP or similar IBM PROFS account. > > It was a Christmas greeting in the PROFS system that when you opened > it, it executed a script that re-sent the greeting to everyone in your > PROFS address book. IBM had to take down PROFS for a day or two to get > things cleaned up.
It's important to remember that CHRISTMA EXEC was not self executing. It was simply a little Rexx program that started with some comment lines to the effect that reading this program was boring, but running it was more interesting. It looked as though it was going to produce a picture of a Christmas tree on the screen, but of course it also did the address-book-and-send thing. So it relied on social engineering, much as many current malware email attachments do. Around the same time there actually *was* a bug in the VM RDRLIST program that would treat a # character in a filename as a terminator, and then execute the rest of the name, but I don't believe this was ever exploited in the wild. The whole story of CHRISTMA EXEC is at http://vm.marist.edu/~vmshare/browse?fn=CHRISTMA&ft=PROB With 2020 hindsight, it's amusing to see the early attempts at things we take for granted now, such as quarantining suspicious attachments, and training users not to open just any old file they receive. Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
