A Project of Vision - An Analysis of Pr0ject Zer0 - By Rhape79 [Ultimate Chaos '99] With Additional Comments From MidNyte "Woe is he who tries to be the worlds (or the Vx) 'crossing guard'" -Opic [CodeBreakers] Introduction ------------ Before I begin the main article about Pr0ject Zer0 and discuss its flaws, ideals and the way we could use part of this to make our day-to-day lives influence others fer a better outcome I think it's only fair I explain who I am, so that you can understand my position in all of this. I started activity in the pro-virus scene about late 1997 then in February of '98 I co-founded The Ultimate Chaos Virus Team. I have spoken with many VXers and several AVers and other viruses educated individuals and fully understand all sides of the issue from being an infected user (on more than one occasion) to being the writer / distributor or even having to clean it up on other people's systems. So now you know where I'm coming from... The Original Pr0ject Zer0 ------------------------- The original Pr0ject Zer0 text, as written by the BSJ. ------------------ Well welcome back you Guys I've been wondering what would happen if new virii in the wild, dried up somewhat for a while (say for perhaps a year)? I can imagine perhaps two outcomes. You may be able to extend that. Firstly, would it help to bring about an AV vendor shakeout? Would that be a good or bad thing? And if a shakeout did occur, which ones would suffer? Perhaps some of the bigger boys (not mentioning any names of course) with the big overheads and/or the smaller ones who may presently be struggling for critical mass. What do you reckon? During the interval, virus research and development would still progress albeit contained within the "lab". A time to reflect, regroup, etc. before the next big breakout, more potent than ever. If any living organism is confined to a sterile "clean" environment, its defences ie immune system weakens due to lack of exercise. Not being put through its paces so to speak. Yes? How long would it take for the worldwide IT immune system(s) to likewise weaken? Probably more than a year, but perhaps less? Who knows! Have you guys ever contemplated along these lines? Perhaps it's purely naive day dreaming! Even if the above concept has any merits, I somehow doubt that you dudes could collectively organise such an experiment. It would be a huge undertaking to get everyone to commit and then stick to an agreed timetable. But I leave it with you for your considerations. You may wish to water it down, somewhat, or somehow modify it. A global experiment. A challenge ever. The BSJ. ------------------ The Understanding of Pr0ject Zer0 --------------------------------- The idea behind Pr0ject Zer0 was that given enough time without new viruses the AV companies would slowly start to suffer because of no new supply, therefore no new updates, therefore effectively after a period of time no job. Now, obviously this wouldn't be an overnight thing and would take many months if not years to accomplish, but furthermore it would require every single virus writer in the world to co-operate and not release a virus during this period, which is a near impossible task in itself. Now, what I am going to put forward to you, the reader, is a view of the project, show what it's flaws and ideals were and then suggest an alternative idea based upon the project, which I hope the majority of VX will agree with and help promote throughout the scene. The Flaws of Pr0ject Zer0 ------------------------- Pr0ject Zer0 was all fine in theory except fer several minor details. Firstly all VXers around the world were going to have to co-operate in this massed project and, if that weren't hard enough, all new virus coders would have to be brought up to speed on the project and need to agree to follow the project until it's expiry date. Now, obviously there are some VXers out there that will not follow the project fer any number of reasons and that is their choice. The main problem even if the project was accepted by most of the vast VX community is that there is no channel to contact all the VXers everywhere, there are people who would leave the scene and also new people join and wouldn't know about the project. Another issue is many of the older VXers/VX teams won't agree to participate because they have a zine or other code they want to put out fer the world to see and many new VXers who have just written their first "Hello World!" virus won't care about the project since they are so excited about coding their first virus which, like the established virus teams are doing with their more advanced viruses. Another downer to the plan in todays current situation is that I heard an estimate that the number of macro viruses that have been produced over the last few years would keep the AV busy fer at least another three to five years. And many VXers aren't going to wait that long, if any would. Large viral projects and zines by the various teams will want to be released, and some just don't care about the idea of finding out if an AV would go under as they can't see it, and feel if anything, the lack of viruses would just help lower the standard of the average virus. A Modification of Pr0ject Zer0 ------------------------------ Ideally during this silent period virus coding and techniques would be improved within the teams, new information and ideas would be shared within the VX community whilst the AVers were left to play with pre-Zer0 era viruses.. Now as well as the possible, but unlikely, closing of some antivirus companies. The VX community would have new technologies and ideas the AVers had no protection or method to combat this therefore their scanners will be next to useless against the new generation of viral code but, that will never happen. The entire VX community is always in such as state of flux that there is no way you could get everyone to participate at any one time. However, if the virus creations were to be channelled through another method such as through group zines rather than straight into the wild the information and code could still be seen by anyone who's interested in it, and the average computer user need never see it. Yet the code and author's name gets known by the VX community, and overall will result in less "Hello World!" type viruses found ITW. Another side-effect of releasing through zines rather than directly ITW is that as less users get infected the media has less to hype so therefore the VX community as a whole doesn't get any worse a reputation and their is no need fer enforcement agencies such as the FBI to start tracking down individuals. It has been pointed out that it's not the VX community who are putting "Hello world!" and hacked viruses ITW, it's the newbies who are learning and are excited and "want to see if it werks". I feel that they shouldn't be stopped from getting their creations known, but should be encouraged to release their creations in a manner in which people are far less likely to get effected and their data will stay intact. During a chat with Opic of the Codebreakers he said "i like the fame, i like the attention, i like the challenge, i like trying to turn an inherently 'bad' thing like a virus into a 'good' thing which makes positive changes (like caligula)." This shows that some virus authors want to be recognised fer their work, which is not a bad thing, but in it pushes the coder to want to release their work ITW to be noticed, and many coders see that what they do is to one degree or another unethical and irresponsible. But then, isn't smoking? Now, seeing above that Pr0ject Zer0 would be impossible to run successfully, allow me to make a suggestion. I'm not trying to suggest that you don't share your code with other VXers, all I'm saying is that the older VX community should try to encourage the new generation of VXers to distribute their code though zines, either of their own or as part of a larger team's zine, such as the Codebreakers or 29A. If the newbies write articles and well commented source to distribute in zines which will help other newbies learn without spreading old 'clone' viruses, such as another .COM appender or a .EXE OWer which has been done a hundred times already then the end-users don't have to worry about the virus, the coders learn the techniques and can teach others their skills and overall the VX community as a whole gets away without getting its reputation made any worse. The Ultimate Chaos Team is willing to put together a small zine on a regular basis dedicated to purely code and nothing else.. So if you've just written a virus that you'll like people to see send it to one of the members and we'll do our best to get it published in the zine fer you. MidNyte's Comments ------------------ Would newbie coders actually take in and appreciate the concept of Pr0ject Zer0? It all depends on the mentality of the coder and the way the idea of Pr0ject Zer0 is presented to them. The best approach could be to offer more help and more recognition to coders who use this forum, giving the impression that it's the accepted route into VX recognition. This could motivate them to use this forum for quick recognition rather than waiting for their virus to spread enough to make the wildlist. Those who would get bored quickly would do no damage before tiring of the scene. Maybe if the coders from the group offered a review of each submission released through the magazine, with credit where it is due, and constructive criticism to help the newbie achieve what they want to, we could help encourage this perception. Maybe groups could also bias the acceptance of new members on people who have used project zero, or deny acceptance to those who flout it. This last point of course depends on the groups willingness to accept Pr0ject Zer0's principles. We would like all the other groups to follow Ultimate Chaos' example and try to encourage newbie coders to release their creations through ezines. We have the chance to help the press realise we're not entirely deserving of the image we have, that we don't all write viruses for the sole purpose of wilfull destruction. We all know that, but the press is never going to accept the fact without us making an effort to persuade them. ------------------ If anyone is interested in helping with this or any other similar projects, has any suggestions or comment please feel free to contact me at ultchaos@godnet.demon.co.uk. Thank you fer reading. Peace, Rhape79 and MidNyte [Ultimate Chaos '99] Find us at http://www.ultimatechaos.org