How can I explain what a computer virus is to people who are not familiar with computers and programming?

I have to teach a group of non-CS students what computer viruses are. The course material contains only definitions and some details about what those viruses do. But those things are known to everyone who knows what a computer is.

I want to touch upon, in a non-technical way, the programming or technical side of a virus. The solution can be writing a program which non-programmers can understand or comparing what a computer virus does to a real world situation. Any thoughts, suggestions or examples for how can I go about it? Humorous answers are acceptable too.

virus

nixnotwin

Posted 2011-08-10T17:20:36.660

Reputation: 461

Two questions you might also want to look at for more reference material: How does a CPU know what the commands mean? and Can some software physically damage hardware?

– Breakthrough – 2011-08-10T17:34:40.240

5A Virus is only one form of Malware, are you intentionally asking about a virus or Malware in general?, which encompasses all the other terms like worm, trojan, etc. – Moab – 2011-08-10T17:37:28.017

1Some people might be scared they get infected ;-) – Tomas – 2011-08-10T18:08:17.780

@Tomas Telensky actually that reminds me of when I was younger, and my grandmother overheard my dad talking about computer viruses. She told him, "Don't let your son go on the computer, I don't want him to catch a virus and get sick!!!" – Breakthrough – 2011-08-10T18:17:43.587

1"Comparing what a computer virus does to a real world situtation" — Are computers not part of the real world anymore? – jwodder – 2011-08-10T20:15:18.040

1@Moab All non-technical people may not be knowing what a "malware" is but they are familiar with the phrase "computer virus". This is because of the popularity of the word "anti-virus". My question is about Malware in general. – nixnotwin – 2011-08-11T01:02:15.610

Answers

I think that the similitude with biological system (from which the word virus has been taken from) is good.

Like biological viruses causes the cells behavior to be subverted, computer viruses do the same with computer programs.

They also have other similar behavior:

both computer viruses and biological ones are self-replicant
both can't live without an host system
both are made by small pieces of information (DNA versus Binary Instructions)

Heisenbug

Posted 2011-08-10T17:20:36.660

Reputation: 645

8Actually biological analogy is terrible. It makes people blindly believe in antivirus software as they do trust their immune system and doctors, which is foolish. The analogy also breaks when one thinks about how computer viruses "infect" their targets. All computer viruses exploit some kind of trust misplaced by the user or a programmer, when the trusted program does something malicious. On the other hand, there is no clear notion of trust and malice in biological systems. – Rotsor – 2011-08-10T20:01:53.897

6@Rotsor: I'd say the notion of biological trust is defined by mere lack of defense. Malice is anything that would disrupt the host system. Anything against which you have no antigen is implicitly trusted. Besides, at the cell level, a virus injects DNA in the hope that it will be replicated, but the cell may have mechanisms for refusing DNA that isn't appropriately marked. The average immune system is only more secure than the average computer system because of millions of years of trial and error, and constant buildup of tolerances within the lifetime of an individual. – Jon Purdy – 2011-08-10T20:20:15.303

1..... Similitude?! – JoeCool – 2011-08-10T22:02:50.877

1@Rotsor -- with all respect, I think you are completely wrong. A computer virus is not a "metaphorical" virus. Computer viruses and biological viruses are two different kinds of viruses (arguably, the only two kinds so far), just as cars and submarines are two different kinds of vehicles: they have different strategies and technologies because they have different obstacles to overcome, but ultimately, they "solve" the same sorts of problems. – Malvolio – 2011-08-10T22:29:46.063

1OK, the analogy may not be as bad as it seemed at first, but still it does not help understanding what computer viruses are. It definitely did not help me. – Rotsor – 2011-08-10T22:57:50.520

1@0verbose/Doc: #2 is WRONG, biological ones can "live" without hosts, well whether viruses are actually alive or not is whole another subject we can discuss but there are many that can "survive" without a host. Also, computer viruses need "power" not just a host. Without powered/functional system, they are just bunch of binaries on an HDD. – Tumharyyaaden – 2011-08-10T22:59:31.550

3@Tumharyyaaden - and without a living organism as host, viruses are just a string of nucleic acid molecules wrapped in protein. – detly – 2011-08-11T00:24:42.250

1@Tumharyyaaden agree with detly. Without host, virus is not alive. – Rudy – 2011-08-11T05:41:22.700

The word "virus" helps. Most genetic material is beneficiary, but some is dangerous. Similarly, most computer software is written for the benefit of the user, but a computer virus is not.

Note that I am using the colloquial usage of the word "virus" to refer to all malware. When describing things yourself, be sure to use the term malware to refer to malicious software. A virus is only one type of malware.

Don't go explaining all the different types of malware but rather the effects that they can have:

They send spam from your computer
They attack other computers from your computer
They slow down your computer's performance and internet connection
They will parse your addressbook and send spam to your contacts
They will upload your personal files to malicious entities, including your banking information and credit card details

dotancohen

Posted 2011-08-10T17:20:36.660

Reputation: 9 798

Most computer programs are designed to help you.
They edit documents, calculate numbers, or play games.

Computer viruses are programs that are designed to harm you.
They steal credit card details, send spam, or show advertising.

For example, one common virus is designed to look like an anti-virus program. However, unlike real anti-virus programs, all of the viruses that it reports are fake; it simply tries to scare you into buying their fake program so that it can "fix" your computer.

SLaks

Posted 2011-08-10T17:20:36.660

Reputation: 7 596

maybe add, "They are often designed to spread and impact as many users as possible." – EricR – 2011-08-10T17:27:32.727

@Eric: Is that still true? I haven't seen a virus try to spread in a long time. – SLaks – 2011-08-10T17:29:54.020

@EricR, That would be a Worm and not a virus, the real term that should be used here is Malware, which encompasses all of the computer nasties in one group. – Moab – 2011-08-10T17:32:13.877

@SLaks, that was just the definition I've always used. It may be wrong but wikipedia agrees :) "A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer" wikipedia

– EricR – 2011-08-10T17:32:53.517

2Computer viruses aren't necessarily malicious - the term merely encompasses all code which reproduces to other computers. – Brian Gordon – 2011-08-10T17:34:27.193

@Moab, just going with what the OP said, you're right that the term Malware should've been used, especially given the audience of the OP's lecture – EricR – 2011-08-10T17:34:44.497

Describe the Trojan Horse the Trojans used as an example. It's disguised as something useful, but will kill you if you let it in.

Mention that Malware isn't considered a virus, but mostly a data thief or ad pusher that makes the thief money of them, even if they aren't aware of it

Canadian Luke

Posted 2011-08-10T17:20:36.660

Reputation: 22 162

4The Trojans did not use the Trojan Horse. The Greeks built it in order to invade the city of Troy. (Sorry for being nit-picky :P) – slhck – 2011-08-10T17:42:02.320

beware of geeks bearing gifts – Nate Koppenhaver – 2011-08-10T17:46:46.873

Since when was malware not considered as viruses? People don't willingly and knowingly install such software on their machines. – Breakthrough – 2011-08-10T17:57:07.183

@Breakthrough I never considered it a virus, but Wikipedia is proving me wrong – Canadian Luke – 2011-08-10T18:50:58.197

Well, unless you willingly and knowingly install malware onto your computer (and I don't know anyone that would), it would be considered a virus. – Breakthrough – 2011-08-10T18:55:29.390

@Breakthrough When you install software, it often gets included, and most install programs will tell you, either with an option to opt out (i.e. CCleaner) or just install it silently (i.e. Frostwire) – Canadian Luke – 2011-08-10T20:08:05.653

Everyone who uses a computer knows what computer viruses can do (like steal files or cause physical damage, especially because some viruses have already caused physical damage), but not many know how they do it. I think this is what you are getting at with your question. It also is worth mentioning that a computer has no awareness (yet, for those proponents of AI), it simply performs the instructions it is sent.

A virus itself performs malicious tasks on a user's computer (stealing/deleting personal data, corrupting system files, etc...), and since computers run code, the virus itself must exist as pure code. Viruses can exist as stand-alone programs (i.e. their sole purpose is malicious intent), they can pose as "good" programs, or they can infect other programs already on your machine. Viruses spread in all three of these ways, or on a network (I believe this is more correctly called a worm).

In the case of an "infected" program, the virus overwrites certain parts of the application with it's own code, or injects it's own code into the application (so it seems to be working). The computer will then start the application, and begin executing the instructions as normal. Once the virus code is hit, the malicious operation of the virus begins.

What the virus does next is up to the virus creator. It may simply be a proof-of-concept, and may sit in your memory dormant. It may corrupt various system files, send itself to your address book, or sit and wait for you to type in credit card numbers.

These malicious programs/code are called viruses due to their equivalency to the operation of their biological counterparts. Viruses spread and infect a host, much like malware.

One last thing you might want to mention, new viruses can literally "rewrite" themselves on-the-fly. They do this through various types of polymorphism, to disguise the actual code and make it difficult for anti-virus software to detect them. Newer anti-virus programs rely on heuristic analysis of programs, and determine what they are trying to do, and if they pose a threat to the system (or not).

Breakthrough

Posted 2011-08-10T17:20:36.660

Reputation: 32 927

Compare it to STD's, the gift that keeps on giving!

Moab

Posted 2011-08-10T17:20:36.660

Reputation: 54 203

Explaining the technical side of a virus to a non technical crowd is not an easy task. Not only because they might not understand it, but also because it will be hard to catch their attention if you dive into too many details.

Besides using a good real world analogy, I think that you should use a concrete example. Just grab a famous virus and tell them the story.

For example, the ILOVEYOU virus infected tens of millions of computers in 2000. The virus replaced every .jpg and .doc file with a copy of itself and used Microsoft Outlook to send infected emails to everyone in the address book.

enter image description here

This is a typical viral behavior which is easy to explain and understand.

nmat

Posted 2011-08-10T17:20:36.660

Reputation: 1 513

Well, there are multiple definitions of a "virus".
The most common one (and the one your students probably know) is basically a catch-all term for all malware, ex. "my computer has a virus!!!"

The correct definition of virus is a program that reproduces over a network, with human aid. It may infect certain files by appending malicious code, so that when the infected file is run, the virus is also run. When the virus is run, it runs code that spreads it to other computers, and also executes a payload. The payload is the part of the program that makes it malicious or not; some payloads are relatively benign, basically electronic graffiti (popping up dialog boxes with obscenities, for example), but others range from dropping other malware to stealing passwords and attempting fraud.

Viruses are commonly confused with worms, which do not require human aid to propagate.

Another kind of malware that a virus is confused with is called a 'Trojan Horse' (beware of geeks bearing gifts?) that pretends to be a useful program, such as a free antivirus software, but contains a payload.

I have to explain things like this all the time to my friends that are not exactly as technologically literate as some. What I do is ask them for their definition of virus, and then explain what the correct definition is.

(panicked n00b: THERE'S THIS NEW VIRUS THAT IS SPREADING UNCONTROLLABLY AND NO ONE CAN STOP IT!!! geek: no, that's a worm. Viruses can't spread on their own. [proceed into definition of malware in layman's terms])

Nate Koppenhaver

Posted 2011-08-10T17:20:36.660

Reputation: 3 523

i.e., Skynet is an worm, not a virus :) – kokbira – 2011-08-10T17:53:16.733

2-1 a)"The most common one{definition} (and the one your students probably know) is basically a catch-all term for all malware," <-- I don't believe that at all. Malware is the generic term, Virus is specific.Virus never means just any malware unless somebody doesn't know what they're talking about. b)"The correct definition of virus is a program that reproduces over a network" <-- Rubbish. Viruses went around before people had networks. With sneakerware network/ floppy disks. And if you're talking to non technical friends they'd be satisfied with being told to say malware not virus. – barlop – 2011-08-10T18:13:04.980

@barlop most people don't know what they're talking about, as regards to malware – Nate Koppenhaver – 2011-08-11T03:37:46.060

@Nate Koppenhaver And therefore what? People that don't know what they're talking about don't decide on definitions. But any non technical or very out of date technical person can be told simply, MALware is MALicious softWARE. and you're not responsible for any confusion that arises, so non technical people can think all sorts of things. – barlop – 2011-08-11T10:30:33.090

A virus is just one type of malware(malicious software), another type is a trojan horse, another is a worm.

A virus is a malicious program that makes copies of itself and hides itself in other programs., and if that's not malicious enough, sometimes they do more than that like delete everything on a certain date.

A trojan horse is malware that once it infects a computer, allows somebody else to connect to the infected computer remotely and control it and other bad things, could delete files or open and close your cd drive.

A worm is malware that sends copies of itself over a network, infecting computers that way.

barlop

Posted 2011-08-10T17:20:36.660

Reputation: 18 677

1It's probably fair to say that none or almost no viruses "delete everything on a certain date". Partly because they'd die without a working host computer, but mainly because that wouldn't make any money for the guys that write/commission them. – FumbleFingers – 2011-08-11T00:17:02.067

@FumbleFingers i've heard of some in the old days, like days of DOS and MSAV, doing that, i'd think all the ones that spread around didn't make money, I don't know what they did but maybe they were more like pranks in those days, or just to test the writer's ability. – barlop – 2011-08-11T10:27:38.380

@Fumblefingers, infact in the old days I think none of the ones that spread about made money. – barlop – 2011-08-11T10:34:51.727

I'm perfectly well aware of that, but it was a long time ago before OS's and anti-malware software were developed to meet the threat. Any snotty-nosed kid could write a virus back then for sheer bravado. You have to be pretty good to write successful malware today, so it's pretty much the exclusive preserve of well-resourced and organised criminals, who do these things for serious money, not for kicks. – FumbleFingers – 2011-08-11T16:31:58.523

@Fumblefingers can you give me some examples of viruses that make money? viruses nowadays are so rare – barlop – 2011-08-14T00:23:12.820

A common technique is for multiple copies to bring down a website by bombarding it with page view requests, etc. The bad guys often blackmail sites in return for deactivating the attack, Companies don't like to admit it, obviously, but it happens a lot I think. – FumbleFingers – 2011-08-15T01:06:43.547

@FumbleFingers The technique you speak of is called DOS or DDOS.. I suppose The requests might just be using an exploited OS rather than a malware program making the requests, though could be malware. And the multiple copies aren't necessarily done as a worm, though they could be, but what you're talking of is a worm not a virus – barlop – 2011-08-15T01:42:09.063

An apropos allegory to illustrate how malware works would the story of the Idiot Genie.

The Idiot Genie was an immensely powerful being, able to do any number of interesting and amazing things. It was, however, also incredibly stupid and could do nothing at all without precise instructions being given by its master. Sadly, the genie was so profoundly stupid that it never could figure out just who its master really was, and so it just blissfully carried out whatever instructions were given to it.

The Idiot Genie's master had used his abilities to create immense wealth and power and kept the genie under close guard day and night. One day, however, a letter arrived addressed to the genie. The security guard on duty was, alas, also a profound idiot (having to keep a list of people who were not allowed to talk to or give instructions to the genie in his pocket which he updated every few hours or so.) The return address on the letter wasn't on the list, so the Idiot Guard gave the Idiot Genie the letter.

The letter, it turns out, was an instruction to the genie that he should use his power to send all the money that had been accumulated by the genie's master to a Nigerian General's widow's sister's roommate's account and then to forget all about it. The Idiot Genie, being an idiot, followed these instructions to the letter.

The End.

Andrew Lambert

Posted 2011-08-10T17:20:36.660

Reputation: 7 136

What is the computer viruses ?

They are bad programs . Programs that not for helps just for harassment you . Like when you want write a letter and press R but the computer write for example P ( because viruses don't let it to w. or when you try to listen to a music but it make noise on it or any thing can harm you or your computer .

user165757

Posted 2011-08-10T17:20:36.660

Reputation: 111

In computer, we run programs like Microsoft Word, Paint, Internet Explorer, etc. They use computer's resources (CPU,RAM,etc.) to help us in doing something.

Computer Virus is also a program designed by someone. But it is designed to harm you or steal your information.

For a computer, there is no difference between a program or a virus. Computer will treat them same.

Say your computer has 100 units of potential. What a virus could do is:

It can use 90 units of those for doing some unneccesary task. This will slow down your computer for other useful program.
It can run in background and capture your keyboard input or your personal files, and send it to someone else over internet.

For the computer, It is just a program. In both cases, computer will treat the viruses as normal programs and provide it resources.

There are many kinds of virus categorized based on their goal and working.

An Antivirus is a program that is designed to identify programs by tracking their activity or by comparing them with previous virus database stored in the antivirus.

Shubham

Posted 2011-08-10T17:20:36.660

Reputation: 132