Friday, 21 August 2009

W32/Induc-A are you worried?

Over the last few days there have been a flurry of posts about this virus. I’m not going to repeat what it is or what it does, as I’m sure any self respecting Delphi developer has read the same posts that I have.

Are Embarcadero worried about this development? If not, they should be! (To be fair, they are aware of it, and thinking about it)

It’s all well and good telling us that

  1. It only affects Delphi 4-7, so get the latest version!
  2. It is a rather benign virus, and doesn’t cause any harm, so don’t worry unduly.

Unfortunately the cat is out of the bag, and you can’t put it back. I think (and somebody correct me if I’m wrong), there is nothing in the current version of Delphi that prevents this being replicated for later versions. My guess is the virus writer is one of those who hasn’t upgraded, and it’s only a matter of time before someone replicates this for Delphi 2009. Secondly, who knows what the next virus might do? This maybe just a warning, the next one may cause untold havoc.

How long before clients start asking what tool we use for our development, and refusing to buy applications written in Delphi. I need to be able to tell clients that this cannot happen with the tool we currently use. Is that even possible?

4 comments:

Craig said...

I think (and somebody correct me if I’m wrong), there is nothing in the current version of Delphi that prevents this being replicated for later versions.

In the current version, IDE packages are code signed. I'm not sure how/if that extends to DCUs. My guess is that it doesn't now, but could in the future. It would be possible to guarantee that the DCU binary was the same as what Embarcadero produced. That's an improvement, but not perfect.

Kyle A. Miller said...

If the client is worried about using a product infected by a virus, I would advise them to stop using Windows. It has many viruses, some way more harmful than Delphi's.

Babnik said...

Agreed Kyle, but hysteria and fear know no bounds, and this could easily be blown out of all proportions

GSA said...

GSA has developed a freeware tool that could remove the Win32/Induc.A virus completely from executables and let you start them again without your anti virus complaining about it.

http://www.gsa-online.de/eng/delphi_induc_cleaner.html