Hi again guys this time I have a question about computer security that's related to my programming hobby. I hope this isn't against the rules. I am asking this out of curiosity and concern, not because I want to do evil. However thanks to some knowledge I gained from a few friends of mine I know a little bit about how viruses are made, how they do what they do, and I don't have any intention to write malware. However what I am wondering about is if I do not include protections in my software hobby against things that can allow malicious software to execute its code when I run my program or have it sitting on my hard drive, am I opening myself up to potential security threats? What if my computer already has some form of malware?

My guess is that I am making things waaayy too easy for them but again I don't exactly know.

Edited 2 Years Ago by Curious Gorge

You are asking if just writing software can open your computer to external malware?
No, it doesn't.

Of course if you write software that goes out and downloads and runs stuff from around the net without your control when you run it, it might download and run anything at all.

Just run your system using the normal security precautions that you'd use at any time and you're no more at risk than at any time (and how much that is is impossible to tell without knowing what precautions you normally take, if all you do is browse stackoverflow and daniweb for information while running a firewall and AV package you're a lot less at risk than if you're downloading stuff from every anonymous website and p2p network you come across and running it without any security in place at all).

No, there is in general no risk of opening up your computer to malware by writing your own software.

First of all, most malware is either packaged with specific applications (e.g., tainted freeware, or pre-installed crapware) or it exploits a vulnerability in a specific application or platform (e.g., MS Office, flash, .NET, etc.).

There are some vicious viruses that infect everything, but they are rare, and your home-made software is no more vulnerable to them than any other program (i.e., basically, the only protection against those are in anti-virus software or anti-viral recovery media).

Secondly, the things that are really dangerous from a malware perspective are applications that straddle across safety boundaries of the operating system. In an operating system, there are boundaries like between user-space and kernel-space, or between different privileges levels of users (guest, user, admin, super-user, user-groups, etc..). The key to most viruses and malware is to find a crack in those boundaries to try and move "up" from a normal application execution environment (e.g., low-privilege user-space) to a more powerful environment (e.g., super-user / admin, or running kernel-space code). This is because that is the environment in which you can truly do some damage or be able to permanently "hide" the existence of the malware / virus.

So, when people try to diffuse malware or viruses, they will look for vulnerabilities (or exploits) that will allow them to make that move. This means that they need to target applications, frameworks, protocols or OS APIs that provide some kind of bridge across one of these protective boundaries. For example, they might target protocols for remote login to a system (e.g., ssh, telnet, RDP, RFB(VNC), etc.) which are obvious targets as the gate-keepers of the system. They might target frameworks such as .NET, JVM, and various run-time environments for interpreted programming languages (such as the infamous "Vista gadgets"). These frameworks typically have the ability to create the kinds of powerful execution environments needed by malware, and so, if you can find a hole in one of these frameworks, you can "get in" that way. Most of these frameworks are full of vulnerabilities and get exploited all the time, but they are not that useful for "real" hacking because nobody who is concerned about security would be running any of these frameworks anyways. And finally, there are some applications that also carelessly create internal bridges into one of those privileged execution environment, and people exploit them, most notoriously, Excel (and Office in general), anything that uses remote execution (SharePoint, Cloud services, Google Docs, etc..), and things like that.

So, unless your home-made software provides such a bridge into the "privileged" world, there is no real danger that it would be exploited for anything, because there would be no reason to do so. And malware that runs in low-privilege user-space is not really something to worry about too much, as they can't really do much except a few silly things like turning on a webcam or channel some pop-ups (i.e., they can't log your keystrokes or overtake your system).

And of course, as jwenting said, your applications shouldn't act in an obviously reckless way (e.g., downloading random stuff from dubious sources, disabling security, etc..). Basically, if your application does any of these things, then your software is actually malware (or more precisely, crapware, i.e., software that spreads you-know-what all over the system).

This article has been dead for over six months. Start a new discussion instead.