Help me understand Cloverleaf

Short Answer: No

Long Answer: No,

I’d put more in terms of “what virus? never seen one of those”
Like my immune system and ebola – the two have never interacted. That’s not immunity.

It does make me wonder how many of the minute range of RO viral instances actually work on modern systems. I recall Win 95 and WinNT being immune to the Conficker virus due to lack of support for the feature Conficker required.

@Peter Howkins: What is the Icon virus?

@Götz: Marketing. To make people interested in RISC OS. Even if it is not forever it might be valuable argument for many to switch (mentally driven) to RISC OS.

“Easy to use” Is questionable if you are not used to RISC OS. Without a short introduction video most people might have trouble to use RISC OS if left alone. And this is a serious problem. Much more serious than a theoretical existant virus for RISC OS.

“Fun” How you can make someone believe in that claim. You can say convenient but fun?

Marketing. To make people interested in RISC OS. Even if it is not forever it might be valuable argument for many to switch (mentally driven) to RISC OS.

In my opinion, false marketing does nothing for the reputation of the marketers and the product. Also, are you grasping at straws for things to find this late into the game if your goal is to do a Kickstarter campaign? This causes me great concern, especially when the message is already not clear exactly what you’re doing.

“Fun” How you can make someone believe in that claim. You can say convenient but fun?

Yeah, fun is personal and subjective. I could see though bringing up the age of the OS and where it’s come from and where it is now could be very interesting to a certain group of people. It’s what drew me in, Micro Men is one of my favorite films honestly.

Can we claim that RISC OS is virus free?

Never. The fact that 32 bit RISC OS is “virus free” is because most of the viruses written only work on 26 bit machines and there has been nobody malicious enough to target the platform since.
Modern viral code likes to do stuff like mess up large amounts of data in return for bitcoin or swipe login/banking info. It’s all about the money these days, so we’re not immune, we’re just not worth it.

Just don’t even go there. Apple is widely mocked for their early virus free stance, as are the fanboys that still believe it.
https://www.vox.com/recode/2020/2/12/21134681/mac-pc-virus-malware-malwarebytes

the minute range of RO viral instances actually work on modern systems.

In theory, Icon should, being written in BASIC. The version that I have in an virus archive somewhere was so badly written it’s a surprise that it worked at all. But, then, being written in BASIC it’s likely fifty bored schoolchildren have attempted to “fix” it along the way…

Many of the rest (like Extend) were modules or other nefarious ways of messing with executables, sometimes patching in their run code into the APCS header to do their thing just before the program decompression. All of this would have been 26 bit code which would either be rejected by the OS, or crash when it does something 26 bitty.

I recall Win 95 and WinNT being immune to the Conficker virus due to lack of support for the feature Conficker required.

Perhaps because they were outdated by that time? It was aimed primarily at the contemporary NT kernel builds (2000, XP, Vista…).

What is the Icon virus?

A simple little virus that popped up random somewhat amusing messages, that rapidly became extremely annoying when you realise that the infection code was, actually, extremely effective and if you see Icon once, it’s likely already everywhere else.
[remember, in these days one would have been using a lot of floppies, so one missed infection and the cycle starts all over again]

You can say convenient but fun?

Both terms are subjective. What you might find convenient might be a pain for somebody else. Likewise I find it fun to sit down with Zap and write code (I am not normal…), other people find it fun to shoot, murder, maim and kill in World of Warcraft and the like.

In my opinion, false marketing does nothing for the reputation

In my opinion, marketing is best used sparingly. In the past few decades, marketing had gotten so out of hand and told so many lies that you’re surely a sucker if you believe any of it.
Does that mean it’ll be harder to promote RISC OS? Certainly. But perhaps the strength isn’t in “this is what you could do” style marketing that ignores all the stuff you can’t do, but maybe more in real testimonials. Who gets stuff done using the platform? Where might it be found in places that aren’t the desktops of people who were teenagers in the 70s and 80s? What does the platform bring to the table that Linux doesn’t? We possibly already have Windows beat because that needs x86 technology that is notoriously power hungry. But… Linux runs on ARM too. So what can we offer? There’s what you concentrate on.

I recall Win 95 and WinNT being immune to the Conficker virus due to lack of support for the feature Conficker required.

Perhaps because they were outdated by that time? It was aimed primarily at the contemporary NT kernel builds (2000, XP, Vista…).

Yup.
Came in quite handy to have a honeypot system with a sting (the attacking system was flagged for a visit but the honeypot actually sent and started the MS too for disinfecting as well as the required patch code for the OS)

But… Linux runs on ARM too. So what can we offer?

Something that runs rather than walks and offers near bare metal access?

Something that runs rather than walks and offers near bare metal access?

Exactly, Raspberry Pi OS is nowhere near as fluid on my Raspberry Pi 3b+ and that’s even taking into account RiscOS is not taking advantage of the multiple cores, 64 bit support or even faster storage mediums. RiscOS on the Pi 3b+ runs much better than any $200 to $300 Windows laptop you can buy and it’s much easier to attain if you already have a monitor, keyboard and mouse. Also we can offer not being Linux. I know that sounds weird, but you know there are people who use other desktop operating systems just to be different. We can offer a great inexpensive ARM experience that you just can’t get on competing platforms. Just like when RiscOS first came out.

Modern viral code likes to do stuff like mess up large amounts of data in return for bitcoin or swipe login/banking info. It’s all about the money these days, so we’re not immune, we’re just not worth it.

An alternative theory says that the malicious guys are actively avoiding RISC OS users because they don’t want to handle enquiries like “unfortunatley I cannot pay what you demanded because your website does not support NetSurf”.

The fact that 32 bit RISC OS is “virus free” is because most of the viruses written only work on 26 bit machines and there has been nobody malicious enough to target the platform since.

But, as soon as an attempt is made to promote the system on this basis beyond the usual target audience, it will only take one malicious, bored individual to prove the claim wrong. And as others have said, whilst manipulating the contents of !RunImage files requires some detailed RISC OS knowledge, an Icon-like virus only needs a little BASIC plus the ability to manipulate the text in an Obey file to become really annoying (and extremely destructive, if the author felt so inclined) very quickly.

There’s no protection on RISC OS against virus activity. In an era when software is made available on the internet as standard, and no-one is running any scanning tools because we don’t have any, anything which did emerge wouldn’t need to be clever to be very bad news.

Do we still have anything like VProtect that we could wheel out and update if it became necessary?

Even if we had nothing available at present on the client, we could at least grok the packages in the Packman and PlingStore repositories with a tool on Linux?

An alternative theory says that the malicious guys are actively avoiding RISC OS users because they don’t want to handle enquiries like“unfortunately I cannot pay what you demanded because your website does not support NetSurf”

That’s funny! I mean they know you could just do it on your smartphone, other computer, etc. Still though, quite funny.

Do we still have anything like VProtect that we could wheel out and update if it became necessary?

[…]

we could at least grok the packages in the Packman and PlingStore repositories with a tool on Linux?

The problem isn’t so much in what tool is used (whether scanned under Linux or RISC OS), but rather the time and effort required to determine what a virus/malware is, how to spot it, and how to neutralise it.
Who is volunteering to do that?

As can be amply demonstrated by any app store, it’s very much a game of whack-a-mole,
xxx x xxx xx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxxxx xxxxxxxx xxxxxxxxxxxx xxxx xxxxx xxxxx xxxxxxx xxxxxxxx xxxxxxxxxxxx xxxx xxxxxxx xxxxxxxx x it’ll be that much more difficult to track down what happened until there’s a real problem on your hands.

xxx x xxx xx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx.

[edit: as if this makes any difference…]

@ Stefan Fröhling

By the way: Can we claim that RISC OS is virus free?

Depends on what you mean: If you mean RISC OS it’s secure or anything like that, then think again:

1) RISC OS has no concept of privileged user/entity hence everything can interact with the filesystem, applications etc.

2) RISC OS has an extremely (security wise) dangerous way of dealing with Applications on the Filesystem: the so called !boot file in any “pling” application can be used to spread viruses through the filesystem itself and the network in a blink of an eye just by opening a Filer Window (yup it’s that bad)

3) RISC OS allows the use of unsigned Modules and Drivers from both File System and EEPROM on the old Podules, basically even a kid can write a fileless virus and have it running in a blink of an eye

4) RISC OS runs no services and has no open network ports, so that makes its network attack surface smaller, but it still has old code in the Network Stack, which also runs in Kernel mode and privileged user. Just an example for who is not practical: You can completely freeze a RISC OS system just by copying (yes only copying) certain byte sequences via Access protocol (basically if a file, even a data file, contains certain bytes sequences RISC OS 5.27/24/22 etc… will freeze and you need to restart the system)

5) RISC OS compressed files can be opened via tools like !SparkFS which are developed as File System extensions and so they will process the !boot file in an application directory as soon as the archive is opened, so basically by putting malware in an email attachment will infect everyone.

6) RISC OS has not mechanism to use ARM TrustZone extensions nor to provide Secured OS intercommunication services, apart from, obviously allow a user to code that himself and trigger the required exceptions to switch the CPU mode accordingly and use the monitor firmware to eventually talk with a secure OS executed in the secure mode to store secrets etc…

Should I continue or is this enough?

So, the only reason why RISC OS has no modern malware (it only has old viruses, surprisingly still going on I have recently found some on an A3020 HD I have received for refurbishing) is that the RISC OS community is so small that RISC OS “hacking value” is pretty much 0 (zero). But as soon as the community will grow the problem will arise and fast to the point of potentially breaking the future of the OS itself if not addressed quickly.

Please do not take my response as aggressive, it’s not my intention whatsoever. If it sounds aggressive then my apologies.

The reality is this: To use RISC OS as a main OS there are “few” (let’s call them) major things that needs to be addressed:

- Overall Security 

  – improve general system security

  – introduce new security protocols

  – replace Obey and make sure it provides APIs to interface !boot processing

    and !Run processing with an antivirus, this was already achieved by 

    VProtect, so please do not start with “it can’t be done song” thx

  – add audit of processing and Kernel to at least have a set of allowed 

    actions and a set of actions that requires user confirmation

  – Improve FileSystem permissions and enforce it

  – Introduce Kernel modules, general modules and drivers signatures

  – Introduce use of ARM TrustZone where possible/applicable

- Catch up with interfacing protocols (Bluetooth, WiFi, PCIe etc.)
- More drivers
- multi-core support (to keep performances high when more security layers will 

  be in place and to nominally use all the HW a user has purchased)
- The new browser 

The above just to make it acceptable to be used as a main OS (so not competitive), unless you want to use it as a main ISOLATED OS on HW where it doesn’t even use all the offered features.

The way I see this is:

On the short term, the future of RISC OS is to actually point at a market where it would requires less changes possible in order to start receiving attentions by 3rd parties quickly, and eventually drive to investments that Cloverleaf and others are seeking in order to do all the required changes for a usable Desktop OS. These changes will have to be made in such a way to fulfil first the targeted market and then, as a secondary goal, the Desktop market.

Let’s also not forget that all the computer companies who have relied on the home users market have long disappeared: read Commodore, Atari, many 80s British home computers manufacturers (too many to list them all).
Apple is the sole survivor because they targeted school market, then the professionals market and when that was no longer enough they moved to mobile and then created an ecosystem (so home users market is by many years just a strategical market: you need to be in it, but you do not rely on it to survive). Microsoft made their fortune from Corporations and business markets.

RISC OS could potentially get quickly in the IoT market where there are business (many) investing on it and then still being developed for the Desktop. This is an option, I am not saying this is the only way forward.

Another idea could be to build a RISC OS for handled devices to run retro-gaiming emulators. This is a growing market at the moment and doesn’t requires the security of a desktop, nor multi-user or complex UIs.

About the Open Source Licensing discussion:

I always find fascinating such discussions and read of all the different licenses and how people perceive them etc. and then read all these source code (I am a professional software developer) and always find Copyright by x/y/z.
I am not a lawyer, but my understanding is that to be able to make others respect a copy-left license you actually need to own the copy-right, hence all open source licenses are only distribution licenses, copyright has never left lol (silly joke I know).

P.S.
btw I’d love to have a RISC OS version that could be used as a main OS, I really would. But sometimes to get what we want means having to go through different paths and/or strategies than pointing straight to the end goal.

Well so no slogan “Virus free OS” and I will make clear that we have enough viruses already and don’t need more people to program more. ;-)
Well I am surprised that there have been any RISC OS virueses at all…surprise…

Yes looks there is much work ahead concerning security with RISC OS. And sounds for me that it might involve more complex changes than turn RISCOS into 64 bit…

Please do not take my response as aggressive

Not aggressive, just honest.

RISC OS is “virus free” because there are no viruses for it, not because there cannot be viruses for it. If somebody tries, the system will yield.

To put it into context, as a programmer, let me introduce you to my good friend OS_EnterOS. This SWI will elevate the caller to system level privilege so the code calling it (except BASIC which can only run in user mode) has complete unfettered access to the system. If the next call is an MSR to disable interrupts, then the calling code has complete unfettered uninterrupted access to the system and could quite easily perform switcheroos that the OS and it’s tasks wouldn’t even notice (an example of this in action could be the Wimp2/Tornado module that preemptively multitasked; think for a moment how that would actually work).
Things like key loggers hooking onto events are dead simple. Hell, the PRM even gives an example of messing with user keypresses.

this was already achieved by VProtect

I’ve not seen the source to VProtect but I’d be willing to place a wager on it jacking into FindV and FileV to vet files as they were opened.

Introduce Kernel modules, general modules and drivers signatures

Driver signatures aren’t so important – a signature doesn’t guarantee safety: https://duo.com/decipher/attackers-are-signing-malware-with-valid-certificates

What would be better is to have only important core modules (and I mean basically HAL, core kernel, and maybe FileCore and FPEmulator) running in SVC mode. Everything else (even the Wimp and all the kernel bits that do the endless OSByte rubbish) should run in SYS mode.
The API should be revised so that shared memory is a thing that exists between processor cores, not modules helpfully handing out bits of their own workspace.
All SVC level stuff should be inaccessible to non-SVC level code.

By now we’ve pretty much completely broken the current API, so it’ll probably never happen… ;-)

but my understanding is that to be able to make others respect a copy-left license you actually need to own the copy-right,

Yes. In order to enforce copyright, somebody has to claim ownership of it. You can assign copyright (a lot of GNU assigns copyright to the FSF), but somebody somewhere needs to be considered the “owner”.

The way the licences work is by using copyright against itself. You see, software without à licence will fall into one of two categories – public domain (in which case all bets are off) or in countries that are signatory to the Berne Convention, automatically copyrighted (in which case without a specific licence giving you the rights, using the software is technically copyright infringement). Some people/companies don’t care about old stuff, some don’t exist any more, and some will happily threaten to sue you into oblivion.
Enter the open source licence, that is the copyright holder giving you the specific right to not only use to software, but also the source, and to hack until your heart’s content. Some provide further terms that restrict further activities to the same licence conditions, some don’t care what you do only that you can do it.
This is possible because the copyright holder says so.

Without the licence, technically you couldn’t use the software.
Without the copyright, it would be much harder to go after those who don’t respect the terms of the licence, and even with copyright it can be hard – just ask the FSF about Allwinner…

Just a quick note about your comment:

Driver signatures aren’t so important – a signature doesn’t guarantee safety:

There is no 100% safe system in modern computing (unless you keep your computer off). Anyway, that again depends on the “hacking value” of an OS, when RISC OS will reach Windows diffusion I would agree with you, right now you are only looking too far ahead.

Designing malware with valid signatures is definitely not a kids job, so not something as dangerous as RISC OS is now, I believe you agree on this.

There is plenty of hope for RISC OS, as long as the things that need to be done are put into place. Otherwise it’s still a fun OS to mess with, that reminds me of my youth and when I started coding and I still can enjoy it for what it is (I use it and code on it since Arthur times).

Is RISCOS virus free?

Apparantly not. In Netsurf, this topic now needs a screen 10 feet wide to read each post.

Apparantly not. In Netsurf, this topic now needs a screen 10 feet wide to read each post.

I think this is a side effect of a fixed width component in a post in the thread.
In this case the culprit is the grey box in Paolo’s post that starts with “Overall security”

fixing it John, sorry! :)

P.S. Apparently NetSurf is not processing the tag “pre” correctly and generating the autoscrolling bars, will try to remember that in the future.

@Rick Murray
I think you should not give infos how is easiest to write virus. Someone might read it here and do it (with your help) as now everyone that can write a BASIC program can do it. So please edit your post and delete this infos. I think that should be said only in non public discussions.
No offense but in the sake of a save RISCOS.

No offense but in the sake of a save RISCOS.

I take it that you don’t read The Register?

Nothing I have said isn’t some basic stuff that couldn’t be figured out by literally any person with an interest in programming and a double digit age. What stops most people is not technical, but ethical. Messing up other people’s machines is a really crappy thing to do, and there are many more fulfilling things to do instead, to be a part of the community, not against it.

now everyone that can write a BASIC program can do it.

They always could. Burying heads in the sand isn’t a viable tactic, however I have redacted my earlier post accordingly.

What stops most people is not technical, but ethical. Messing up other people’s machines is a really crappy thing to do, and there are many more fulfilling things to do instead, to be a part of the community, not against it.

I think it sits with most people like abusing a cute kitten or puppy – some “people” do it, but they don’t even respect themselves so why should anyone else?

Subverting a protection system, be it a copyright/licence protection or anti-virus, is a challenge. RO currently presents no such challenge.

do we still have anything like VProtect that we could wheel out and update if it became necessary?

Well we can thank Jon Abbott for an update to that.

Just pop over to the Stardot forums and grab an updated version that works on modern machines here

Working ok on my ARMX6 for a few weeks now at boot up.

There is a version of Killer there as well but only for older machines and it says good against 209 variants as long as you change teh date back to 13th October 1998.

I think you should not give infos how is easiest to write virus. Someone might read it here and do it (with your help) as now everyone that can write a BASIC program can do it.

As Rick says, security through obscurity isn’t security.

there are many more fulfilling things to do instead, to be a part of the community, not against it.

Exactly. Also, most RISC OS users, at least in the RISC OS 5 community, seem to have got past the “RISC OS is so superior to every other OS and is completely invulnerable to viruses” thing (although it surfaces in the newsgroups fairly regularly, usually from people who turn out to have never seen a reason to upgrade past their RiscPC running 4.02 and still subscribe to the whole “Windoze” thing).

Actively promoting a Kickstarter beyond the community on the basis that RISC OS has no viruses – which appears to be what you, Stefan, plan to do – is very likely to attract some attention. All it needs is one person who notices to decide to prove your claim wrong, and you’ve just created a problem. For anyone who hacked around with the platform in the 80s or 90s but have since moved on, proving it wrong wouldn’t be hard to do (the biggest problem could be getting it out into the wild, I suspect).

You’re never going to be able to promote RISC OS on the basis of “a daily driver OS that’s superior to the mainstream competition”. It isn’t, and very few of its remaining users kid themselves¹. Try it, and any attempt will fail at the first hurdle, when your potential converts realise that the promotion was a big fib.

RISC OS Direct seems to have got it correct: promote RISC OS as something fun and efficient to stick on your Pi instead of Linux, to do the things that you do on your Pi, then wait. You still won’t get everyone, but it’s far more likely to be a positive experience that gets some people looking deeper into what else they can do with the OS.

¹ I should probably clarify that in the context of Michael’s request. I still use RISC OS because it’s fun to use, fun² to develop for and still does some things well. I don’t use it for everything, and can’t see me doing so – at least in the near future.

² It’s not efficient to develop for, but if you’re not constrained by having to do things by deadlines it can be more interesting and satisfying.

Well we can thank Jon Abbott for an update to that.

That’s interesting; thanks. It would really need to be maintained and part of the OS releases if there was an outbreak, however. :-)