Author Topic: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed  (Read 12193 times)

0 Members and 1 Guest are viewing this topic.

Offline DJ Omnimaga

  • Former TI programmer
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55925
  • Rating: +3152/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • DJ Omnimaga Music
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #45 on: July 19, 2010, 11:18:21 pm »
Lol. Just as an head up, though: try to make such bad programs as hard to reach by the community as possible :P.


Offline Deep Toaster

  • So much to do, so much time, so little motivation
  • Administrator
  • LV13 Extreme Addict (Next: 9001)
  • *************
  • Posts: 8217
  • Rating: +758/-15
    • View Profile
    • ClrHome
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #46 on: July 21, 2010, 04:33:31 am »
Hm, an idea: Maybe you could market this to teachers with the "virus definitions" changed to instead block games on school-owned calculators? (I'm being perfectly serious. It'd actually be pretty useful.)




Offline calcdude84se

  • Needs Motivation
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2272
  • Rating: +78/-13
  • Wondering where their free time went...
    • View Profile
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #47 on: July 21, 2010, 10:08:09 am »
That wouldn't be to hard, just block anything with the Ion, MirageOS, or DCS header, since virtually all well-known games are written for those shells. (Not to mention many people don't use the shells for anything other than to play games anyway)
"People think computers will keep them from making mistakes. They're wrong. With computers you make mistakes faster."
-Adam Osborne
Spoiler For "PartesOS links":
I'll put it online when it does something.

Offline DJ Omnimaga

  • Former TI programmer
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55925
  • Rating: +3152/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • DJ Omnimaga Music
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #48 on: July 21, 2010, 12:12:39 pm »
you could also check for BASIC code that sets Xmin to 0 and Xmas to 94. That would be enough to block most graphical games, although it may also block legitimate math programs.


Offline matthias1992

  • LV6 Super Member (Next: 500)
  • ******
  • Posts: 408
  • Rating: +33/-5
    • View Profile
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #49 on: July 28, 2010, 02:43:37 pm »
Are you still working on this? I am also quite sceptic towards it's use but the more I read the more I got convinced it might be useful. I would suggest however that you install it invisble. I would also password protect the program and make it only removable if you have entered the right password...of course there are disadvantages to this but since this is a antivirus i'd recommend it to be as silent, fast and protected as possible. I'd recommend you to let the program scan at startup and save the state of the calculator (e.g. there are 5 programs) then on the next boot it checks the savestate and if there are any changes rescan. Also I'd make an option whether or not to scan basic prgms/ dcs prgms/ asm prgms/ ion prgms etc. Another function would be to check whether or not apps are allowed.

Last but not least it is extremely difficult to check all malicious asmcode. Any wrong (order) of asm commands will ram-clear the calc (the antivirus should be bullet -proof to that as well) so essentially 99% of the malicious hex code clears the ram, the other 1% is worse.

Actually the whole teacher-security idea isn't that bad at all, altough I would personally dislike it you might just be able to resell it to math teachers so that games are blocked.
The second use is, me. /me wants to write a virus that bypasses this :) just for the fun and giggles of it :P

Good Luck!

PS: You can give me version 5 @ [email protected]
« Last Edit: July 28, 2010, 02:44:32 pm by matthias1992 »
MASM xxxxxxxxxx aborted | SADce ====:::::: 40% -Halted until further notice| XAOS =====::::: 50% -Units done| SKYBOX2D engine ========== 100% -Pre-alpha done. Need to  document it and extend |

~Those who dream by day are cognizant of much more than those who dream by night only. -Sir Edgar Allen Poe-

Offline ACagliano

  • LV8 Addict (Next: 1000)
  • ********
  • Posts: 917
  • Rating: +32/-2
    • View Profile
    • ClrHome Productions
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #50 on: October 06, 2010, 02:49:56 pm »
The details are at Cemetech, but I revived this project using Axe and working with help from Kerm Martian. This program will have a full system scan feature, which will check all programs on calc BY CONTENT!!!! It will search for a bunch of hex malcodes saved into a virus definitions file. No more searching by name, people. Also, it will install a parser hook, fully compatible with DCS7's hook, that, when you run a program, will scan that program for malcodes and request manual confirmation if they are found. Also, if I can get this working, the installer will create a file for itself in DCS and place itself in that folder, AUTOMATICALLY. Stay tuned for updates.

Offline DJ Omnimaga

  • Former TI programmer
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55925
  • Rating: +3152/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • DJ Omnimaga Music
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #51 on: October 06, 2010, 02:52:19 pm »
Nice. I wonder what kind of program we could create to test this when it is released in beta? Would stuff such as For(Z,32768,65535):0->{Z}:End do the trick as well or does it have to be programs like OSkill? IN the later case I am not too sure how to write one :P
« Last Edit: October 06, 2010, 02:54:48 pm by DJ Omnimaga »


Offline ACagliano

  • LV8 Addict (Next: 1000)
  • ********
  • Posts: 917
  • Rating: +32/-2
    • View Profile
    • ClrHome Productions
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #52 on: October 06, 2010, 02:54:30 pm »
It is designed to deflect OS invalidating, certificate screwing, or other extremely harmful stuff. It will not, nor is it intended to, intercept everything that could possibly crash or freeze.

Offline DJ Omnimaga

  • Former TI programmer
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55925
  • Rating: +3152/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • DJ Omnimaga Music
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #53 on: October 06, 2010, 02:56:07 pm »
Oooh ok, I see. I think it might be good to add some small protections for that stuff too, though, such as that program Iambian wrote that infects Ion programs. Detecting potential OS/certificate harming seems pretty nice, though.


Offline yunhua98

  • You won't this read sentence right.
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2718
  • Rating: +214/-12
  • Go take a dive in the River Lethe.
    • View Profile
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #54 on: October 06, 2010, 02:57:52 pm »
wow, Thats sounds really cool!

Spoiler For =====My Projects=====:
Minor setback due to code messing up.  On hold for Contest.
<hr>
On hold for Contest.


Spoiler For ===Staff Memberships===:






Have you seen any good news-worthy programs/events?  If so, PM me with an article to be included in the next issue of CGPN!
The Game is only a demo, the code that allows one to win hasn't been done.
To paraphrase Oedipus, Hamlet, Lear, and all those guys, "I wish I had known this some time ago."
Signature Last Updated: 12/26/11
<hr>

Offline ACagliano

  • LV8 Addict (Next: 1000)
  • ********
  • Posts: 917
  • Rating: +32/-2
    • View Profile
    • ClrHome Productions
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #55 on: October 06, 2010, 03:00:15 pm »
Here's what will be included:

Null programs (crash sometimes)
Stack Overflow (maybe)
A While 1 loop
OS invalidation routines
b_call Unlock Flash  (but, wouldnt this occur any time you move something to archive???)
writing to certificate

Any of these things will trigger the antivirus. More may be added later though. I have included a definitions update routine within the program.

« Last Edit: October 06, 2010, 03:10:40 pm by ACagliano »

Offline DJ Omnimaga

  • Former TI programmer
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55925
  • Rating: +3152/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • DJ Omnimaga Music
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #56 on: October 06, 2010, 03:51:45 pm »
Ah right. For While 1 loops I assume you'll check for endless ones, right? Cuz it's possible to have While 1 loops that are not endless loops. Axe Tunnel uses one I think.


Offline thepenguin77

  • z80 Assembly Master
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1591
  • Rating: +823/-5
  • The game in my avatar is bit.ly/p0zPWu
    • View Profile
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #57 on: October 06, 2010, 04:20:58 pm »
There's no bcall(_unlockFlash). (If there was, BrandonW would fall out of his chair laughing.) You have to glitch the OS into giving control back to your program while flash is unlocked.
zStart v1.3.013 9-20-2013 
All of my utilities
TI-Connect Help
You can build a statue out of either 1'x1' blocks or 12'x12' blocks. The 1'x1' blocks will take a lot longer, but the final product is worth it.
       -Runer112

Offline ztrumpet

  • The Rarely Active One
  • CoT Emeritus
  • LV13 Extreme Addict (Next: 9001)
  • *
  • Posts: 5712
  • Rating: +364/-4
  • If you see this, send me a PM. Just for fun.
    • View Profile
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #58 on: October 06, 2010, 05:44:33 pm »
Actually...
(from #omnimaga today)
Quote
[15:25:56] <ztrumpet> "There's no bcall(_unlockFlash). (If there was, BrandonW would fall out of his chair laughing.) You have to glitch the OS into giving control back to your program while flash is unlocked." lol
[15:29:18] <calc84maniac> where dat quote be from?
[15:30:25] <ztrumpet> http://ourl.ca/4351/125226
[15:30:31] <calc84maniac> also, I want a bcall(_unlockFlash) :P
[15:31:20] <ztrumpet> So how does it work (providing you feel like explaining something else to me... =P )?
[15:31:51] <calc84maniac> I've never done it before :P
[15:31:59] <ztrumpet> ah
[15:33:20] <calc84maniac> I'm thinking that for TI-Boy I should only do whatever hack needs to be done the first time it is run with an OS
[15:33:43] <calc84maniac> then write my own unlocking routine to the end of one of the pages
[15:34:06] <calc84maniac> and use that from then on
[15:34:36] <calc84maniac> cause I'm not sure these hacks even work if rom page 0 is trashed
[15:38:20] <+BrandonW> There used to be a BCALL that more or less did that, but TI actually fixed it.
[15:38:33] <+BrandonW> ld a,1 \ ld (appInfo+2),a \ bcall(50CBh) That used to unlock Flash.
[15:40:35] <ztrumpet> lol
[15:40:37] <calc84maniac> BrandonW, what was that routine you like to write to flash? nop / nop / im 1 / di / out (c),b / ret ?
[15:40:48] <+BrandonW> Yes.

Offline AngelFish

  • Is this my custom title?
  • Administrator
  • LV12 Extreme Poster (Next: 5000)
  • ************
  • Posts: 3242
  • Rating: +270/-27
  • I'm a Fishbot
    • View Profile
Re: CalcShield 2010 (Blast AntiVirus Version 5.0) - Beta Testers Needed
« Reply #59 on: October 06, 2010, 05:55:11 pm »
Quote
b_call Unlock Flash  (but, wouldnt this occur any time you move something to archive???)
writing to certificate

How quickly could it react to those? If you're scanning and running the program simultaneously, you could probably get a command or two in before CalcShield shut down the virus. That's enough to potentially mess with the MD5 hash on the certificate. If you're scanning the instructions for malicious Hex and THEN running the code, you're going to have very slow code. Graphing is already pretty slow on the 83/84+ series and it'd be even slower with another software layer in it.
∂²Ψ    -(2m(V(x)-E)Ψ
---  = -------------
∂x²        ℏ²Ψ