You are welcome. We all were waiting for a total recall that sends us back to school directly into the last row of our classroom straight to – we call it in Austria – the “donkey’s desk”. I expect you to sit in the first row to sneak on us to the teachers. Apart from this you are right, simply concatenating English words ist not enough, but we are developers, we concatenate strings the whole day and this is the result, no English compiler no well defined grammar and we are done, typical problem of LR(x) languages in common;-). So I see we can be glad to work on windows, imagine, if we where UNIX guys, no vocals could be found here. – Don’t take this to seriously. And take care, maybe someone hides your glasses…

Mike

Having said that, could you take more time to check your spelling and grammar? Maybe a little less fancy expressions would help (instead of using ones that don’t fit). I’m not a native speaker either, and refrained from making comments before, but almost every post contains a couple of obvious mistakes (blog and newsgroup).

Other than that your posts are a nice read.

Nobody says having an up to date version will make you safe because that isn’t so.

An up to date version is no protection. I never claimed it was or should be, so save your rants for someone else.

How do you want to protect Delphi or any other development environment or compiler? Delphi should ship with everything hardcoded so nothing can be changed? Or may be you want CRC of the distributed code… this is, Delphi should checksum all its .pas everytime it compiles?? Come on! What about you need patch the original source for some custom requirement?… Ok lets try other things, what about some background process checking the installation integrity? Or a specific scanner testing “malware” activities in the code? Absurd ideas huh? And there are many more crazy ways, and all of them are useless, they can be beated easily and they will enforce the interest of kiddies in writing worms to do that (and they will just for fun!). Seriously, do not react like that, it will only get worse. Be smart, protect yourself by creating a safe building environment (different to the development machine, not connected to the internet, easy to backup and restore, etc etc etc, just like a VM) and do not execute nothing but the needed things there. Thats it, if you are responsible you will get the results you are looking for, but its up to you.

Really, the solution its at your side, not in the IDE/compiler. You need FULL ACCESS to the code (like an administrator to the system), so any program executing in your context will have full access, and if its a worm infecting that code it will, thats it.
Thats the price to have full access, so you are responsible for what you do… its just like real life heh

Probably nobody says this because there is no evidence so far that up-to-date versions are safe. I’ve found no information on what protection later versions of Delphi provide that would make them immune to this kind of attack. It seems like the virus writer was just using an older version.