Run virus, run virus, run run run!Published: 27th Sep 2001, 01:02:27 | Permalink | Printable
Here comes Slayer with its gun gun gunFor RISC OS users, viruses are seen as a mild irritance; there's not many of them about, they can't chew on the silicon ROMs RISC OS lives in and the latest build of Pineapple's Killer virus scanner is built into every recent release of RISC OS. However for PC users, where the grass is always seemingly greener, viruses are frankly a nightmare. While most PC users see viruses as a way of life, for the Slayer software from the software-group-formerly-known-as-Kiwisoft, viruses are seen as prey. It hunts, it examines and it removes RISC OS viruses and it's completely free. It's also getting a rewrite soon and recently an update was released for existing users.
GPL'ed last year, Slayer was created in 1996 and since then developed by Luke Graham, Rob Kendrick and numerous contributors including Paul Vigay and Pineapple software who each develop their own anit-virus software. A rewrite is now apparently waiting in the wings. drobe.co.uk recently caught up with Rob to chat about the popular anti-virus Slayer software, the creepy world of viruses and other things. Here's what Bob had to say for himself. drobe is in bold and Rob is in normal text. Enjoy and learn.
Why did you write it?
Well, myself and Luke Graham (who recently did the MySQL client ports) went to secondary school together. I'd recently rediscovered Acorn computers. I originally started with a BBC B, but I went to PC land for a while, doing QuickBASIC and Visual Basic stuff, and I wanted to get back into BBC Basic again.
Luke had been doing WIMP stuff for a while at this point, and I was a complete newbie to it... for a *long* time, I didn't even input any code to Slayer, just spurred Luke in to writing it, as I only offered a brain to throw suggestions at.
I suggested writing a virus killer to Luke because at school, it was the rules that Pineapple's !Killer must be loaded at *all* times. Back then, !Killer was deadly slow, and made most machines usless. Most of the other students just put this down to 'Acorns are crap'. Neither I or Luke believed this, so we set about writing our own for our school to use.
The only thing I contributed for a long time was the icon, the seemingly
famous grinning grim reaper, which I drew in 15 minutes in a GNVQ lesson,
as Luke isn't the most talented person at graphics, and his axe image was laughable :)
Luke wrote Slayer almost exclusively for about a year... when I finally managed to get a box with an 'OK' button appearing in the WIMP, I started to help with the real code... Although the core of the original Slayer is written almost 100% by Luke, I spent many many nights thinking of ways to make it go faster, doing the filing system menu (I can tell you, it's harder than it looks, and I've not yet seen any other program do it as well or as correctly), the scripting, and lots of the fluff around the edges that make it so pretty and flexible :)
Luke went to university to study cybernetics, I got a job. I had more spare time, so I took up almost 100% development after that.
How did you write it?
Well, both myself and Luke saw Slayer as a tool to learn to program RISC OS. We knew next to nothing about the under-the-bonet of RISC OS, and spent many months of the four years of Slayer's development in the PRMs, and bodging test cases together to work out how to do things. I still don't know how half of it actually works to this day. This just goes to show that you don't learn anything from doing something you know.
Slayer is one of the largest BASIC programs that I've seen, and has some of ththough that's mainly how it's done, rather than clever code. :)
What does it kill?
We made a rule: Only detect and remove viruses that we had *seen* and had *samples* of. We've still got loads of data on viruses about how to detect and remove them. We never added them unless somebody actually sent us a sample, otherwise they might have just been in captivity, and not in the wild. Not much use in searching for them... this is how PC virus killers are so quick... they claim knowledge of 100,000 viruses, but they only scan for 7,000 of them.
What is the worst virus you've come across?
Nimda. Although that's not a RISC OS virus. For RISC OS, I'd say Jester. It's surprisingly devious and naughty. I've seen viruses written by friends of mine as tests that were *really* nasty, and Killer and VZap wouldn't have been able to detect them the way they work, but as they were never released in to the wild, Slayer never had detection of them.
What is your experience with viruses?
I've always been interested in viruses... they're a form of art. How they work, what they do, the ways they hide themselves. People who write effective viruses are *very* clever people, and I sort of respect them for that. It's just a pitty they don't put there efforts elsewhere.
Why rewrite a new version of Slayer?
Well, Slayer was never what we expected it to be. It's a horrible stinking mess. One of the suggestions that I got when asking for ideas for a new version of Slayer was "Get rid of the two original authors, they were crap." Luke said this. :)
I've been searching for something to do, and seeing how the other two big virus killers havn't really progressed since all of Slayer's secrets where released under the GPL, I thought I'd have another try, and do it properly this time.
I'm happy to see the amount of enthousiasm over the new version, it's made be feel useful :) I've had lots of good ideas for the new version from where I've been working since the last version, both at QNX (funky operating systems) and as a back-end web development (don't do any of that HTML stuff, I just did the stuff that /generated/ the HTML.).
You'll have to wait and see how funky it is... but just remember this, people who were begging for the network support to arrive (which never did, whoops) you've got a treat instore.
People currently using a working version of Slayer can download this file, rename it to VDEngine and save it into !Slayer.Plugins and then restart Slayer. If you don't have Slayer, you'll have to wait for Rob to rebuild the software as currently there is no working pre-built copy online anymore. The sources to Slayer can be found here but they are incomplete. While Rob gets round to releasing a working version of Slayer, he does ask for any comments or suggestions to be emailed in his general direction. More details when they arrive. Feel free to badger Rob into releasing a working copy of Slayer, he has promised drobe.co.uk that it will be done within the next few days.
Chris Williams, myriscos.co.uk spy
Previous: GUI support for Python coders
Next: Cerilica's Vantage reviewed
DiscussionViewing threaded comments | View comments unthreaded, listed by date | Skip to the end
Please login before posting a comment. Use the form on the right to do so or create a free account.
Search the archives
Today's featured article
RISCDomain magazine reviewed
A media watch special
9 comments, latest by druck on 30/10/07 8:55AM. Published: 20 Oct 2007
Castle publish 100MBit details
Yes, that's right. 100MBit is a typo, innit?
9 comments, latest by cjashley on 15/4/02 11:39PM. Published: 30 Jan 2002
News and media:
RISCOS Ltd •
RISC OS Open •
MW Software •
Advantage Six •
CJE Micros •
Liquid Silicon •
Chris Why's Acorn/RISC OS collection •
The Register •
The Inquirer •
Apple Insider •
BBC News •
Sky News •
Google News •