return To index

Interview With Second Part To Hell
----------------------------------
by alcopaul/brigada ocho
june 11, 2011


Second Part To Hell is a famous Austrian virus programmer. He was first interviewed by Brigada Ocho in 
2002 (His old inteview is in Brigada Ocho E-zine #1) and almost 9 years later, Brigada Ocho decides to do a 
follow up interview...

He can be reached at spth@priest.com or http://www.spth.de.vu.

Enjoy!



###############
## Hey, SPTH. Tell us a little bit about yourself, for the readers who don't know you

OK - hey! Thanks - alcopaul - for asking me to answere a few questions :)
I was born 1987 in Austria and I write computer viruses for fun and
intellectual challange since 2002. I sign my *artworks* as
"Second Part To Hell".





###############
## It's been 9 years since I last interviewed you. Do you still remember the moment when you were answering
## the first interview questions? How was it?

It's so long ago :) But yes, I can remember that I was happy as hell - i
printed out your questions and read them over and over again. My english was
quite bad at that time (yes, worse than now) - didnt really get everything
that you wrote haha




###############
## You mentioned in your first interview that your (ex)girlfriend gave you the handle Second Part To Hell. 
## Now, looking back, how do you feel about it? Did you ever think of changing your handle at one time?

I always liked that name alot - its individual ;) Never thought about
changing it.

However - in analogon to Nicolas Bourbaki (the pseudonym of a mathematician
collective), together with a few other programmers we sometimes release
stuff using the handle "hh86". In order to attract more attention, we've
defined that pseudonym to be female. ;)

Thats the same concept as "roy g biv" - three or four people behind one
pseudonym. Maybe this is an improved concept to a "virus writing group".



###############
## How long have you been programming?

I started coding when I was 12 - somebody showed QBasic to me and a friend,
and it was so cool. I can remember making my first GOTOs, making my first
LOOPs :D I was so fascinated of commanding the computer to do something. We
made "advanced" programs with the commands LINE, CIRCLE and BEEP... It was
amazing :))



###############
## What has changed in your hometown for the past 9 years? Did the design and arrangement of your room change too? 
## How about the computers that you're using, did you upgrade?

I moved to vienna, so yes, much has changed :)



###############
## What programming languages did you learn since you started? What's your favorite? How do you rate each?

I tried several languages - scripts, HLLs, lowlevel languages.

With Assembler, one can be maximum creative, does not have restrictions as
you may have with HLLs, thats why I enjoy coding in that language.
Disadvantage: Slow progress and you have to think about lowlevel stuff such
as variables and memory by yourself, that leads do a bigger bug-density I
think.

C++ is my favorite language for coding bigger projects or if you need
something quickly.

My favorit language is - of course - my own artificial evolutional
metalanguage for x86 systems ;) It's main advantage is the high robustness
under mutations, the basic concept came from Artificial Evolution Research
projects such as Tierra and Avida by Tom Ray & Christoph Adami, respectivly.
Well - just try it out haha!




###############
## How did your highschool go? Was it fun? How did you balance school and virus writing?

Sure it was fun, but I was not good at school as I was bored alot. I prefered
doing some coding/research on computerviruses while the lessons, rather then
listen to the teachers.
I balanced it such that I did nearly nothing for school for 11 months of
the year, and then spent one months intensively for learning for the subjects
that I missed :D Worked out quite well ;)



###############
## Where do you study now? What's your major?

I'm studying physics in vienna. Thats fun, but i'm nearly finished with it.
Right now i'm doing my master thesis on some quantum theory experiments.




###############
## I saw in your homepage that you did nothing vx-related in the years 2006-2008. Do you mind sharing  the things that 
## you did during that years?

Yes, in the end of 2006 I started to study. It was not so trivial at the
beginning, so I've already had an intellectual challange...
Well - and I had no good ideas for viruses :)



###############
## What are the most memorable viruses that you've coded for the past 9 years? How important are them to you?

OK, I'll take a few of my favorits:

- JS.Cassandra (written in 2003):
It had 5 different polymorphic engines and was very optimized. Probably my
best script virus back then :)


- MenuetOS.Oxymoron and MenuetOS.Tristesse (written in 2004):
With that viruses I've learned assembler, so that was very important for me.
Infectors for the assembler-written hobby-OS MenuetOS. Tristesse infected
MenuetOS files and MS-DOS .COM files, so somehow a cross-plattform virus :)


- SPTH-OS 2.0 (written in 2005):
The first bootsector virus for CD-ROMs. It had its own FAT32 filesystem
driver. It scanned the Harddisk, searched for bootable ISO files, and
infected these ISOs.


- ArchiveTiger (written in 2006):
Two layers of encryption: The first layer had the decryptor for the 2nd
layer splitted into 100s of <10byte files (connected by dozents of very
small .bat files). The second layer had the viruscode saved in 100s of
files with 0bytes - the code was saved in the filename :))))


- Evoris (written in 2010):
Takes use of an artificial evolution concept. Is written in its own
evolutionary metalanguage to achieve maximum robustness under mutations.
Has alot of parallels to natural biosynthesis.


- Mimic (written in 2010):
Used totally different mutation technique: Analysed small parts of its code
in a blackbox-test where it got the code's behaviour. Then created random
code and check if the behaviour match with the viruscode behaviour. If so,
the original code will be replaced by the new random code.
That one was hell to debug because randomness can be a real bitch sometime.


- Matlab.MicrophoneFever (written in 2011):
Taking useage of complex mathematical functions provided by MatLab to
create different representations of itself. Also useage of tau-obfuscation 
via multi-branching. For sure the most complex script virus I've ever
written.




###############
## How do you generate ideas that you can apply to your viruses? Any inspirations?

I have written a short text about that some years ago (Surrealism in
viruswriting - http://vxheavens.com/lib/vsp08.html). That time I tried to get
new ideas via the same way as surrealistic artists did in the 1920s (dreams,
non-sleeping, alcohol and drugs). Worked very fine, but thats more fun when
you are younger ;)

I read alot about techniques and methods in science (physics, chemistry,
biology) and mathematics; and try to find ways using that methods in
other/foreign fields - such as computer viruses. This works sometimes.

Reading other people's researches also helps alot to get new insights.

As I write this lines, I realize that the only way to get real *new* ideas
is to use surrealistic techniques...



###############
## How did you handle the fame and the media attention that came with Clive Thompson's New York Times article 
## about VXers and the VX underground which included your story and picture?

Hah, yes that was fun. Was very nice that - when Clive visited me - I met
Arzy (Lord Arz) too, another austrian virus writer (was member of Line Zer0,
but that was long time ago), and we all had alot of beer on NYTM's bill ;)

About two years ago I went throu the city and suddenly saw a poster saying
something like "Big exhibition by Ryan McGinley" (that was the photographer
for the article) - was a great feeling ;)



###############
## What do you think about the possibility of an Ready Rangers Liberation Front revival?

No.



###############
## Do you miss rRlf? I read the tales of your meetings. Sounds fun. Do you ever think that you will still be able
## to do the same things even though rRlf is gone?

I'm incredible happy that I was member of rRlf. These people were just great;
not just good and creative coders, but also bright minded with a clear
attitude. I met philet0ast3r and DiA several times and it was always awesome!
Especially with philet0ast3r I still have contact (he visited me last year,
and we still were able to drink Korn80 :)) - he also influenced quite alot my
interest and view on politics in general, and i'm very thankful for that ;)

I dont miss it because I have these incredible awesome memories ;)




###############
## I consider you as the most improved VXer in the scene ever, from coding interesting batch viruses to coding
## win32asm viruses with complex concepts. How long did you learn win32asm? When did you fully grasp the language?
## Can you give me tips on how to learn it successfully?

Somebody told me about MenuetOS, which is an OS written in assembler, and
joked about writing a virus for it. Well - i accepted the challange and a few
months later I finished it. There I understood for the first time what that
language is about.
I also have small book (in german) about assembler, that explained me more
about the theory behind it.

So my advice: Search a project that needs assembler, and tell yourself to
finish that project, whatever happens :-) And buy and read a book about
assembler - that should explain things that you dont get while coding.

I'm sure I didnt fully grap the language yet - it still surprises me from
time to time ;)




###############
## How do you view other programming languages after you learned assembly language?

Not sure if there is a difference - maybe one realizes more that the computer
is really build out of bits and bytes and logical operations. Probably this
influences how you create your algorithms.




###############
## Did you ever imagine in the past that your creations be featured in magazines? Thoughts about Peter Ferrie's 
## analysis of your creation Evoris?

Yes, thats cool. I liked it alot that he used the biological designations
that I used in my article - this gives the real feeling. And its cool that he
learned my meta-language and tried to optimize it into the extreme. I'm sure
he has spent many many hours of researching (just see the _div replacement
code, which has 1750 lines, or _mul, which has 450 lines).

So, now there are two people who know my language - anybody wants to join? ;)



###############
## What can we expect from you? Any new codes or techniques that you want us to preview?

When I find something that is new and worth to code, you will eventually see
it. There are some things in my mind which I want to look at closer.

One concrete thing is a good grammar for code-replacements in metamorphism
- that needs much more research, which I will eventually do when I'm bored ;)

Also have some thoughts from other research fields, and I'll try to apply
them to computer viruses/artificial life.




###############
## Have your hobbies changed for the past 9 years? What do you do now in your freetime aside from coding?

I love to play table soccer; drink some glasses of whiskey with friends
occationally. I'm interested in many fields of science and mathematics, enjoy
to read books by Richard Dawkins. Reading the newspaper, follow local and
global politics and try to understand what is going on in the world :)



###############
## Do you use mind altering substances? Tell us anecdotes while you were under their influence!

I dont use such stuff.




###############
## What do you think about Twitter, Facebook, Youtube and other social media?

I use Twitter sometimes to get fast news. Youtube for playlists and I'm not
useing facebook or similar stuff.




###############
## What's your opinion about Antivirus companies' concentration on profiling Trojans on their websites?

I dont care about AVs in general, they have their business and try to do
their job.

The only thing I hate are AVs that detect the plaintext html file of my
homepage as computer virus, thats incredible stupid+lazy (note that
stupidness+lazyness is an amazingly strong combination).



###############
## How do you rate the virus scene now? Any suggestions of how to improve it?

Just have contact to a few other virus writers [that seems to be the right
place: hello goes to hh86, herm1t, roy g biv].

No idea how to improve it -
maybe be nice to newcomers and show them interesting directions and be
interested in their creations?! At least that worked for me long time ago.



###############
## Do you think that virus writing will die?

Three new fields for computer viruses have developed last few years:
1) commercial virus writers
2) academic computer virology researchers
3) computer viruses as cyber weapon (Stuxnet, and other projects by
   militaries around the world)

These are three reasons why virus writing will not die soon.

I'm not sure where is the place for virus writers as they existed in the
1990s and 2000s. I guess they are quite connected to point 2 (academic
research). Just see how many scientific papers work with MetaPHOR, NGVCK,
ZPerm, Mistfall,... And for instance Qozah has introduced a whole new
research field with his text "Polymorphism and grammars" in 1999.



###############
## What's your opinion about Osama Bin Laden being dead? Do you think it will just escalate to more terror?

Good that he cannot cause any further harm. But I'm sad that there are still
so many leaders and potentates around the world who dont care about humanity.



###############
## How long will you do virus writing?

Whenever I have some good idea and some time, I will try to bring it to
reality :)