- Blast Calculator Security Suite
- 12 Apr 2018 05:13:40 pm
- Last edited by ACagliano on 12 Apr 2018 05:35:37 pm; edited 2 times in total
Cemetech File download: https://www.cemetech.net/programs/index.php?mode=file&id=1753
So I remember I started talking about this a while back, but didn't have the skill to pull it off. Well, I now officially have, at least in part. I was struck with this idea when CALCnet was implemented for the TI-83+/84+ line of calculators. Five to ten years ago, cell phones were devices that could only make phone calls, and now.. they can talk, text, use the web, and along with those new capabilities... vulnerability.
Assuming that calculators follow this trend, which CALCnet has already proven them capable of, I forsee a time when calculators might well become victim to the same (or different) types of exploits and vulnerabilities. Even in liu of that, you might also want some extra protection against pranksters putting actually-harmful "viruses" on your calculator.
This project is the answer to both possibilities. Blast Calculator Security Suite, shortened to BLASTCSS is a real malware detector and file integrity checker. Project Page is http://clrhome.org/blastav
1)) Unlike some of the other "virus scanners" in the archives of Cemetech, Omnimaga, and ticalc.org, BLAST actually scans for real malicious code, not just for names like "VIRUS", or not really scanning at all. It accomplishes this by utilizing a virus definitions file that is automatically updated weekly on the project page. More on that below.
2)) BLAST also implements a file integrity checker. You may optionally generate a file attributes database that scans every protected program and program on your device and records the (1) name, (2) type, (3) size, and (4) 24-bit checksum. This is done by choosing the Update Attributes File option from the main menu. You may then select the Verify Attributes option from the main menu to check your calculator for any program of the same name and type on your calculator. The size and checksum will then be displayed on screen, in red text if the attributes differ and green otherwise.
** When files this program uses become outdated (1 week for the attributes database, and 1 month for the virus definitions), a red warning symbol will be displayed to the left of the item that is outdated. The virus definitions and the attributes file are timestamped, and that timestamp is displayed on the bottom of the main menu whenever this program is used. **
3)) This program also has a silent and automatic feature... the ability to recover your system clock settings after a reset. EVERY time this program initializes, the system clock is read out. This time is then checked against the last clock save in the settings file for this program. If the system clock is later than the saved clock, your saved time is updated. If, however, the system clock registers an earlier year, evidence of a reset, the last clock save is written out to the system time.
Further plans for this program include:
1. Intercepting a user exiting the program edit menu, and silently updating the size/checksum, so as to reduce the number of false positives in the attributes check.
2. Intercepting a program being run and performing either an attributes check, a virus scan, or both beforehand.
3. Chaining these functions with existing hooks for Celtic, Doors, and any other future programs.
4. [pending networking implementation] a firewall to integrate with networking protocols implemented in the future.
The Virus Definitions
A separate segment to this project is the community-sourced virus definitions database. On the project page for this project at ClrHome, http://clrhome.org/blastav , there is a page dedicated to this. On that page, any calculator user knowledgeable about byte sequences that can harm the calculator may go to this page and submit: (1) the OPCODE that is dangerous, and (2) A description of what it does. Character limiting is not yet implemented, but until it is, please limit your OPCODE lengths to 100 characters and your descriptions to 256 characters. Bear in mind that the longer your description is, the larger the definitions file. Upon being verified and accepted, your addition will be built into the next definitions release. You may also download the most recent definitions file from this page. Definitions files are rebuilt weekly by an automated script.
** By the way, a dangerous opcode is not simply something that RAM clears or crashes. I'm referring to code that can do serious, permanent damage to your calculator. **
Now, time for a screenshot:
So I remember I started talking about this a while back, but didn't have the skill to pull it off. Well, I now officially have, at least in part. I was struck with this idea when CALCnet was implemented for the TI-83+/84+ line of calculators. Five to ten years ago, cell phones were devices that could only make phone calls, and now.. they can talk, text, use the web, and along with those new capabilities... vulnerability.
Assuming that calculators follow this trend, which CALCnet has already proven them capable of, I forsee a time when calculators might well become victim to the same (or different) types of exploits and vulnerabilities. Even in liu of that, you might also want some extra protection against pranksters putting actually-harmful "viruses" on your calculator.
This project is the answer to both possibilities. Blast Calculator Security Suite, shortened to BLASTCSS is a real malware detector and file integrity checker. Project Page is http://clrhome.org/blastav
1)) Unlike some of the other "virus scanners" in the archives of Cemetech, Omnimaga, and ticalc.org, BLAST actually scans for real malicious code, not just for names like "VIRUS", or not really scanning at all. It accomplishes this by utilizing a virus definitions file that is automatically updated weekly on the project page. More on that below.
2)) BLAST also implements a file integrity checker. You may optionally generate a file attributes database that scans every protected program and program on your device and records the (1) name, (2) type, (3) size, and (4) 24-bit checksum. This is done by choosing the Update Attributes File option from the main menu. You may then select the Verify Attributes option from the main menu to check your calculator for any program of the same name and type on your calculator. The size and checksum will then be displayed on screen, in red text if the attributes differ and green otherwise.
** When files this program uses become outdated (1 week for the attributes database, and 1 month for the virus definitions), a red warning symbol will be displayed to the left of the item that is outdated. The virus definitions and the attributes file are timestamped, and that timestamp is displayed on the bottom of the main menu whenever this program is used. **
3)) This program also has a silent and automatic feature... the ability to recover your system clock settings after a reset. EVERY time this program initializes, the system clock is read out. This time is then checked against the last clock save in the settings file for this program. If the system clock is later than the saved clock, your saved time is updated. If, however, the system clock registers an earlier year, evidence of a reset, the last clock save is written out to the system time.
Further plans for this program include:
1. Intercepting a user exiting the program edit menu, and silently updating the size/checksum, so as to reduce the number of false positives in the attributes check.
2. Intercepting a program being run and performing either an attributes check, a virus scan, or both beforehand.
3. Chaining these functions with existing hooks for Celtic, Doors, and any other future programs.
4. [pending networking implementation] a firewall to integrate with networking protocols implemented in the future.
The Virus Definitions
A separate segment to this project is the community-sourced virus definitions database. On the project page for this project at ClrHome, http://clrhome.org/blastav , there is a page dedicated to this. On that page, any calculator user knowledgeable about byte sequences that can harm the calculator may go to this page and submit: (1) the OPCODE that is dangerous, and (2) A description of what it does. Character limiting is not yet implemented, but until it is, please limit your OPCODE lengths to 100 characters and your descriptions to 256 characters. Bear in mind that the longer your description is, the larger the definitions file. Upon being verified and accepted, your addition will be built into the next definitions release. You may also download the most recent definitions file from this page. Definitions files are rebuilt weekly by an automated script.
** By the way, a dangerous opcode is not simply something that RAM clears or crashes. I'm referring to code that can do serious, permanent damage to your calculator. **
Now, time for a screenshot: