Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Back in the 90s mIRC would download files to the root directory of mIRC itself -- long before the concept of separating user data and code became the norm on Windows -- and if people had "auto accept file transfers" enabled people could send you a viral "script.ini" (as I recall it was called) to you and immediately overwrite your customisations. The end result would spread rapidly as the infected users would share it with others who join and left the channels they were in.


mIRC by default would not auto-accept .INI files, there was a blacklist on certain file types that would be rejected, with INIs as one of them.


> mIRC by default would not auto-accept .INI files, there was a blacklist on certain file types that would be rejected, with INIs as one of them.

Was that a reaction to the problem described in the GP? Especially in the 80s/90s, defensiveness like that was probably to solve an existing problem.


Exactly that, it was known as the ‘script.ini’ problem, the download directory was changed as well.

It would attempt to send to people as they joined a channel.

More info: http://www.irchelp.org/security/si.html


there was the funny magic string that would make half a channels modems disconnect too.


Ah, yes, I remember that. I think it was because the modems didn't differentiate between the various layers in the transport stream and took anything resembling low-level modem commands to be gospel.


This came in as a result of this. I specifically helped users fix this problem back in the day. Remember, this was the 90s.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: