By Andy Patrizio,
It was inevitable.
If Java could be used to write cross-platform applications, then someone would likely find a way to cause cross-platform havoc with a Java-based virus.
The Symantec Antivirus Research Center (SARC) has found the first such virus, but the good news is it can't hurt Web surfers.
The research center's automated virus-hunting engine, called Seeker, found the virus during a routine scan of websites. The virus, called Strange Brew, is just an infector. It spreads itself from one Java application to another, and it can jump from anything from a Network Computer to an IBM S/390 mainframe.
"This is just proof of concept," said Kerry Nachenberg, chief researcher at SARC, in Santa Monica, Calif. "The guy is showing it can be done, and he was the first to do it."
The virus affects only Java applications, not applets run inside a browser. Because the Java Virtual Machine has built-in security measures -- such as not allowing applets to access to the hard disk or modifying applications -- Strange Brew can't get at other Java code.
The Java Virtual Machine will kill the Strange Brew virus because it's trying to do something it shouldn't, said Nachenberg. "So the main point is users shouldn't be afraid of this because it cannot affect users as they surf the Web," he said.
Because Strange Brew functions differently than standard non-Java viruses, anti-virus programs can't detect it even with a new definition file. A new executable is needed to detect it, which Symantec said it will make available for download through the LiveUpdate function in Norton AntiVirus.
Full-blown applications don't have the same restrictions as applets because they need to perform certain functions, like disk access, which is why the Java Virtual Machine security measures don't work, Nachenberg said.
There will inevitably be more viruses written in Java, said Peter Tippit, president of the International Computer Security Association, an anti-virus research firm in Carlisle, Penn. But he said that of the near-20,000 viruses his company has found, roughly 300 have caused any havoc in companies because very few can actually survive.
"For a virus to be an issue, it has to have a few properties," he said. "It has to fit into the ecology of the current computing environment, and Strange Brew doesn't fit into the ecology of the way viruses have to move to live."
Nachenberg, however, doesn't think there will be a big outbreak of Java viruses. "Not too many people use Java applications," he said. "But should they find a security hole in the [Java Virtual Machine], then it could be more of a threat."
Try TechWeb's RSS Feed!ISIS Papyrus America seeking Software Pre-Sales Analyst in Southlake, TX
Agilent Technologies seeking Business Manager in Bangalore, IN
Covidien seeking Principal Validation Test in Boulder, CO
T-Mobile seeking Unified Subscriber Database Engr in Bellevue, WA
20th Century Fox seeking Sr. Production Software Engineer in Los Angeles, CA
For more great jobs, career-related news, features and services, please visit our Career Center.
TechWeb's FREE e-mail newsletters deliver the news you need to come out on top.
Get definitions for more than 20,000 IT terms.
Editorial and vendor perspectives
