Jump to content

Talk:Trojan horse (computing)/Archive 1

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
Archive 1

Improvements

At present, this article is conceptually confusing (and confused). It gives as Trojan examples things which are more properly viruses, defines Trojans as not propagating but gives examples of malware doing so, etc. Needs work. And some conceptual clarity. ww 16:22, 7 May 2004 (UTC)

I tried to improve on it; comments or suggestions for further improvement are welcome. Sietse 19:47, 16 Sep 2004 (UTC)

Some Trojans do not infect other programs and are usually easily deleted, but others are much more dangerous. The MyDoom epidemic in early 2004 was spread by using Trojan-horse attachments in email with a terse message saying that the attachment could not be delivered, making users curious to open it and see what it was. (MyDoom is technically a worm, since it spreads itself to other computers by sending infected email attachments, but it depends on users double-clicking on the attachments to actually infect their computers—a Trojan-like property.)

I have removed this paragraph. In my opinion, it is confusing to illustrate the idea of a trojan horse with an example of another type of malware, i.c. a virus. I think the other examples in the article suffice for explaining what a trojan horse is. Sietse 19:47, 16 Sep 2004 (UTC)


An early Trojan horse was the 1975 ANIMAL program, a game to identify an animal but which also spread itself to other users on UNIVAC Exec computers[1].

I removed this paragraph too. In the modern sense of the word, a Trojan is a harmful program. ANIMAL and PERVADE were harmless however. Additionally, the combination of ANIMAL and PERVADE was able to spread itself, which trojan horse programs cannot do. Sietse 19:47, 16 Sep 2004 (UTC)

Well-known trojan horses section

Most of the software mentioned are Greek armies that can inside some Trojan horse be sent into cities (computers) that are to be infiltrated. So they are not Trojan horses. They can only become Trojan horses, if they are combined with Horse software and distributed as such. So can every other piece of software. Even, if some of them have been used as armies inside such computer infiltrating horses, there are still big mistakes in the list I think. I have never heard of a single computer that would have had Back Orifice 2000 installed by a Trojan horse. Could you please point me a references to such cases? --Easyas12c 19:58, 4 April 2006 (UTC)

Any of those programs can be sent with a deceptive name, and has been done many times. Once run they require no additional input so no additional program is required to install them. --RainR 20:39, 4 April 2006 (UTC)

The discussion of Trojan horse here ignores the history it cites. "Trojan horse" was first used to describe programs that were not what they seemed -- whether they were "replacements" for legitimate programs or programs that included unadvertised/hidden (and possibly malicious) functions -- in the early 1970s. Second, it has never been a requirement that a virus install itself: That assertion is simply ridiculous on its face - look at the original works on computer viruses (Fred Cohen's dissertation and early articles). Just what is meant by "operate automonously," anyway? Third, triggers are not peculiar to trojans: Subroutines in Fred Cohens's original viruses were named "trigger-pulled," and he discussed using date and time as a trigger to "do-damage." He even specifically addressed whether a virus source program needed to be a Trojan horse. Third, Trojan horse, virus and worm are not mutually exclusive terms, which this article implies, yet refutes with its own examples. --70.171.196.171 09:24, 30 June 2006 (UTC)

Added a method of deletion. Might need better editing but the information is correct.Warrush 23:18, 24 January 2007 (UTC)

Bias against MS

"Email: If you use Microsoft Outlook, you're vulnerable to many of the same problems that Internet Explorer has, even if you don't use IE directly. Email viruses will often send copies of themselves to people in the infected user's address book"

This is blatently written by someone who loves firefox and is very bias, true or not. This whole article isn't written in an encyclopedic manner, so I'll tag it. Neverender 899 17:30, 5 March 2007 (UTC)

I've removed this section. I noticed it myself as I read through the page and thought the exact same thing. Darryl L James 01:28, 5 April 2007 (UTC)

It's nonsense

The references to Greek armies throughout do not fit into an encyclopedic format. They are out of place and are not required to understand the article, so they seem unnecessary. I know nothing about Wikipedia or encyclopedic format, or about Trojan horses (computing), but I did notice that these references came off as written by a person, where the format of an encyclopedia article is generally quite mechanical and doesn't include any sort of comments or off-topic references. What I am saying is that these references needn't be made more than once, which is in the initial definition of the article.209.247.22.36 04:08, 20 March 2007 (UTC)

I agree that it is nonsense, many of the definitions are plain wrong (evidently some people need to look up the differences between trojan horses, viruses, worms etc. For example a trojan does not need to be malicious, though the vast majority are) and some sections completely contradict others. —Preceding unsigned comment added by 81.107.18.16 (talk) 19:27, 25 September 2007 (UTC)

Broad edits with no discussion

I agree that this article is pretty jacked up, however the broad edits that have been attempted are even worse - making it sound like instructions on how to get rid of some virus on a Windows box.

This article should define what a Trojan Horse is. That's it! You don't have to re-hash malware or ancient history, just objectively describe the concept. 76.80.22.42 06:37, 25 April 2007 (UTC)

Cleanup

I did my best to clean up the distinction between a Trojan and virus. I also removed the following section, as open ports are more of a virus issue. Trojans propagate through user action, not through open ports. --bcrom, 8 June 2007

Computers running their own servers (HTTP, FTP, or SMTP, for example), allowing Windows file sharing, or running programs that provide filesharing capabilities such as Instant Messengers (AOL's AIM, MSN Messenger, etc.) may have vulnerabilities similar to those described above. These programs and services may open a network port giving attackers a means for interacting with these programs from anywhere on the Internet. Vulnerabilities allowing unauthorized remote entry are regularly found in such programs, so they should be avoided or properly secured.

A firewall may be used to limit access to open ports. Firewalls are widely used in practice, and they help to mitigate the problem of remote trojan insertion via open ports, but they are not a totally impenetrable solution, either.

Some modern trojans that come through important looking messages, containing executable files that look similar to system files, for example "Svchost32.exe", resembling 'Svchost.exe'.

Road Apple

I cleaned up the road apple section slightly and made a wikilink to temporary internet files. I also got rid of the second mention to the ancient Greeks. I felt that the first mention did the job of explaining the name of the malware. The second reference was not necessary and seemed awkward. Lenore Schwartz 00:58, 19 August 2007 (UTC)

The article no longer mentions the term road apple. what happened? --Sonjaaa (talk) 21:44, 10 March 2010 (UTC)

Time bombs and logic bombs

I removed the "Time bombs and logic bombs" section because its premise is completely untrue.

'"Time bombs" and "logic bombs" are types of Trojan horses.'

See logic bomb. This made the other, statement in the section irrelevant:

'"Time bombs" activate on particular dates and/or times. "Logic bombs" activate on certain conditions met by the computer.'

One-dimensional Tangent (Talk) 21:09, 29 September 2007 (UTC)

Nonsense

Deleted much nonsense about Ken Thompson's classic backdoor being a trojan and other such conceptual mistakes. The whole thing still needs thorough cleanup and clarifications, but I have not the time. —Preceding unsigned comment added by 217.156.83.1 (talk) 10:31, 9 November 2007 (UTC)

Vandalism

Under section "Example" it states " trojan is also a type of condom," this should be removed —Preceding unsigned comment added by 20.132.68.134 (talk) 19:48, 6 December 2007 (UTC)

http://en.wikipedia.org/wiki/Trojan_horse_%28computing%29#Methods_of_deletion The whole section is vandalized! —Preceding unsigned comment added by 217.224.175.49 (talk) 21:12, 21 February 2008 (UTC)

Perspective of Malicious Intent

Non-malicious Trojan Horse programs are used for managing and forensics.

This statement depends on the author's point of view. Of course the actions of these trojans are also malicious, as most others. It just depends whether you're the forensic detective or the victim. -- J7n (talk) 08:42, 26 May 2008 (UTC)

Etymology

WTF is this? Etymology would be "oh tro- means this and -jan means that." Origin of the term would be a better headline. Theman98 (talk) 21:52, 28 May 2008 (UTC)

"How Trojans Work"

Diff [2]

I've scrapped this section. The article, as it stands, is using the common definition that a trojan horse is malware that is meant to appear to have a desirable function but contains some sort of nasty payload. The section that I have removed seems to rely on an old and never completely accepted definition that "trojan horse == remote access malware", which is inconsistent with the rest of the article.

Not to mention that the section was completely unsourced. 24.76.161.28 (talk) 07:43, 13 November 2008 (UTC)

Capitalization

I'm not sure if either of "trojan horse" or "trojan" are supposed to be capitalized but this article has "trojan horse", "Trojan horse" and "Trojan Horse". Also, "trojan" is never capitalized. As far as I can tell, the capitalization is random and likely due to sloppiness. IMO, all lower case is most appropriate but there seems to be no consistent agreement throughout. CERT has an article and Symantec has another that have similar problems.

With this in mind, I think any capitalization that is consistent would be an improvement. Also, if "Trojan Horse" is chosen to be the capitalization, the article will need renaming.

Oh, the Trojan Horse of the Trojan War is definitely capitalized as it is a proper name of a specific wooden horse. I believe that this has no bearing on the computing term.

Neil Smithline (talk) 21:51, 17 December 2008 (UTC)

I firmly believe it should all be sentence case only. I deal with this at work daily; "Trojan" is a condom brand, "trojan" is a virus. --64.4.68.234 (talk) 22:26, 3 June 2013 (UTC)

Definition

The definition is absurd. What malware of any sort does NOT present itself as performing a desirable function ? Who ever saw a malware called "IWillDamageYourComputer - RunMeNow.exe" ?

The original and intuitive definition of Trojan Horse was coined by someone who'd actually read and understood the original story, and noticed that the horse would obviously have been too small to contain enough soldiers to conquer the city, and that the whole purpose of the horse was for those few soldiers to emerge in the dead of night and OPEN THE GATE so that the rest of the army could enter. 'Back Orifice' might be the best known example, and in its day was universally defined as a Trojan Horse malware because it 'opened the gate' (listened on a port) to a remote controller.

Somehow these malwares have been redefined as "backdoors" and this current madness substituted. ColPeters 13:23, 25 December 2008 (UTC)

There isn't anything in the definition of malware that requires that the user be tricked or even aware. Also see my post at the bottom of the page for my thoughts on the backdoor aspect. 152.78.71.136 (talk) 18:56, 21 January 2009 (UTC)

Let's decide on the fundamental definition..

I agree with the user above ("How Trojans Work") in that this article contradicts itself on the basic characteristics of a trojan. I would like to offer a discussion before any significant edits are made.

Basically, it's unclear whether or not a trojan must include a backdoor as part of its payload. I would argue that the backdoor element would be one possible payload out of the many suggested, and malware which had an effect other than planting a backdoor or vulnerability (e.g. deleting files) would still be a trojan if it did so by misleading the user (appearing to have a desirable function).

As such, I suggest that the opening definition be clarified to at least make it clear that the backdoor element is not mandatory.

Anyone disagree? 152.78.71.136 (talk) 16:56, 21 January 2009 (UTC)

How do you remove trojans?

This article does not explain it well enough. How do you remove trojans? —Preceding unsigned comment added by 68.209.140.102 (talk) 13:59, 25 February 2009 (UTC)

This is a Wikipedia article - it's supposed to explain what a trojan is, how it works, etc; it's not a guide on how to remove them. The same should go for all other malware articles. 152.78.71.65 (talk) 18:42, 18 May 2009 (UTC)

I almost decided to not dignify this thread by adding to it. But I'm so weak. 1) There are plenty of other sites (perhaps equally vulnerable to deliberately misleading posts) on how to remove trojans. 2) Even if this article included exhaustive instructions for how to remove every known trojan, the next trojan (ie the one you just installed on YOUR computer) would probably require new and different steps. —Preceding unsigned comment added by 63.237.195.226 (talk) 23:46, 9 December 2009 (UTC)

Advertising

The parts of the paragraph titled "Rogue Infiltrants" sounded like an advertisement, so I made some minor changes to that. I also removed a link someone had added. The link was for a specific anti-virus program at: www.anti-virus-trojan-worm.com.

dandog77 - 3:23 PM, 26 February 2009 CST —Preceding undated comment added 21:25, 26 February 2009 (UTC).

Complete Overhaul

I've rewritten most of this article over the past few days.
I feel it makes a lot more sense now.
I simplified the opening paragraph and changed the example to something historical.
The section on removal is a lot more accurate than what was there previously.
I have also added a general reference.
--Rihdiugam (talk) 20:53, 10 June 2009 (UTC)

Another complete overhaul

I have essentially rewritten this article, removing some sections that seem out of place in an encyclopedic article (e.g. "Example") and rearranging several sections. --Michaelkourlas (talk) 16:31, 14 November 2009 (UTC)

Meaning of the abbreviated term "Trojans"

I recently added new information concerning the accepted abbreviation of "Trojan Horses", which is "Trojans", and provided Wikipedia references to support the information. It appears that at least two individuals do not accept that the addition is relevant. This paragraph is an attempt to better describe the reason for the addition, and the relevancy of the information it provides.

As previously described in the main article itself, the abbreviated form "Trojan" is synonymous with the full form "Trojan Horse", which is properly derived from a "surprise weapon" used in mythology against the people of Troy. However, those people are historically referred to as "Trojans". The addition draws attention to the double meaning in the word "Trojans", the first being the weapon used against the people of Troy, and the second being the people themselves against whom that weapon was used. Please note, there is no attempt in the addition to repudiate the current use of the word Trojan to describe malware. The addition merely draws attention to the double meaning of the term, and helps the reader overcome a common misconception about the term "Trojan". That misconception is that the Trojans were responsible for the Trojan Horse, when in fact (or at least in the mythology from which the term is derived) they were its victim.

The complaint being made against the addition is that it reflects a personal point of view. I hope that the paragraph above presents the case in an impersonal way, describing in detail the intent to provide relevant and interesting material to those researching the terms "Trojan" and "Trojan Horse", and who are trying to understand the derivation, usage, and historical meaning of those terms. To imply that the addition is mere personal opinion is to deny the importance of etymology. While there may well be those who feel that the history of a term's usage is unimportant, there is ample precedent for including etymology in Wikipedia articles, including other portions of the Trojan Horse article. Perhaps an argument could be made that either better words could be used to provide the information in my addition, or that the words could be better placed elsewhere in the article. If you wish to make this argument, please do so, or better yet, make the improvement yourself in the spirit of Wikipedia, so that all may benefit.

Finally, if the addition still appears to some readers to be merely a personal opinion or reflection, please make the case for that here. I recently undid the first person's deletion of the new information, and commented that the discussion page (this page) should be used to discuss the removal of new information. However, a second person chose to ignore this request and instead deleted the new information. That person did, however, also request that discussion be initiated here in the Talk page. So, here is the beginning of the discussion we both desire. I look forward to all considered responses, especially those that do not simply make assertions, but justify them so that all interested parties may better understand. Undo/redo/undo/redo simply wastes people's time. Let's have the discussion here, not in the history logs. —Preceding unsigned comment added by Danfreedman (talkcontribs) 14:44, 4 December 2009 (UTC)

First, the irony in a name is not really covered by etymology. Etymology is the study of the history of words -- where they originate from, why they exist. This is why Troy and the real Trojan Horse is mentioned at the beginning of the article, because they are pertinent to etymology and the use of the word "trojan" to describe the trojan horse virus. However, saying that the use of the word "trojan" is odd and ironic considering its true purpose is no longer based in cold, hard fact (you never actually added a reference) and the actual history of the word, but in opinion instead.
Typically, opinions are not included in encyclopedia articles. Occasionally, they are included to express the viewpoint of one side of a debate (i.e. Group X believes Y because of Z, while group A believes B because of C. This has lead to several major disputes..., etc.). However, most of the time, opinions are not included in an encyclopedia article.
Even if the irony bit was sourced, it's not really that pertinent to the article in the first place, because it's a personal opinion. I've never seen an article explain why the meaning of a word was ironic. It is really up to the reader to make personal opinions on whether or not something is ironic, and it is not the role of the encyclopedia to explain why something is ironic. Encyclopedias deal in facts and opinions if they are, well, facts (viewpoints on debates by important groups that are well sourced, etc.).
Finally, you never technically requested a discussion on the talk page on the edit reverting the information (see here), so please do not insinuate that I ignored your request, as there was none.
I hope we can resolve this dispute without an edit war or any other troubles. --Michael Kourlastalk 23:47, 4 December 2009 (UTC)
My input is that this information does not belong in the article if there are no reliable sources that discuss it. This looks like the synthesis of what is already known. If there is a source, this information may be compatible in a section discussing the history of how the Trojan horse (the non-self-replicating malware) received its name. But that all depends on why the subject was given such a name. Cunard (talk) 00:41, 5 December 2009 (UTC)
I believe the first point we must seek agreement on is whether the reader benefits from any discussion at all of the abbreviated form, other than its existence. Second, we must discuss whether that discussion should include an explanation that "Trojan" as an abbreviation for "Trojan Horse" is notable due to tying a name for malware to the people against whom "malware" was used in mythology. I'm at least hopeful that we can agree that it is an interesting point for discussion, and that the reader is served by having it brought to his attention. Third, we can discuss whether it is or isn't interesting or appropriate to refer to this as irony.
My position is that a) it is useful to discuss the abbreviated form even though the article primarily concerns the long form; b) it is useful to the reader to have it brought to his attention that the abbreviated form represents something of an inversion of the full form's original meaning; c) whether or not it is ironic, or referred to as ironic in the article is unimportant to me as long as we figure out a good way to alert the reader the essence of the following point. "While Trojan Horses were 'malware' in mythology and 'malware' in software, Trojans were 'victims of malware' in mythology but are still 'malware' in software." If we can collectively work on the most acceptable way to convey this point, I believe the reader will have been best served. I'm not in any way tied to a mention of irony, that's just the method I used to express the point, but I'm happy if we can come up with a better way to express it.
Thanks for your interest in this point, and for your well thought out discussion. We can quibble later about whether I requested discussion or not, or whether deletion of new information from an editor without discussion is appropriate. While I suspect we disagree on those points, they are not pertinent to serving the reader in this case.
I appreciate that we all actually care about the use of this term, and about the readers who use the article. Let's find the best way to serve the reader here. If your position is that the information has no relevance, perhaps we can discuss some more. If your position is that "irony" isn't appropriate, let's find a better way to include the information without reference to irony.
Appreciated.--Danfreedman (talk) 15:25, 5 December 2009 (UTC)
To tell you the truth, I don't really think that the information that "while Trojan Horses were 'malware' in mythology and 'malware' in software, Trojans were 'victims of malware' in mythology but are still 'malware' in software" is really relevant or pertinent to the article. I don't think it is necessary to bring to the reader's attention that point, because I don't really see how it is pertinent to trojan horses and their function, or even the history of the word or where it came from. It's not really describing the language the word came from, or why 'trojan' was chosen. Instead, it's pointing out why there are flaws in the word choice of 'trojan', which is really just a sort of disguised personal opinion. I guess what I'm trying to say is that we're not talking about why or how it was shortened to trojan, we're making a personal opinion that that name should not have been chosen because of its many flaws.
Maybe the information could be integrated differently in a way that sounds better. I don't know. But as it stands, I don't think it's relevant to this article.--Michael Kourlastalk 16:07, 5 December 2009 (UTC)

Disclaimer: I was asked by Michaelkourlas (talk · contribs) at my talk page to provide input.
Well, the problem is not whether the irony of the shortened name should be mentioned to the reader or not. Our decision about this section should be based on the principles that guide all our edits on Wikipedia, i.e. can this section be verified by reliable sources (that the Trojans were the victim of the Trojan Horse is easily verifiable but what about the irony part? Is there any source that discusses this irony?) and if so, is that fact is notable enough to warrant mentioning? Currently, the removing of the section is already advised by WP:SYN since it currently combines two reliably sourced facts (Trojans as the victims in mythology and Trojans as the "bad guys" in computing) into a new position ("which is ironic") without being supported by a reliable source. If a reliable source can be found that makes the same synthesis, we could maybe consider adding this as a footnote for the lead where "trojan" is used (e.g. something like "sometimes shortened to trojan"[1] => "The use of the short form is ironic/incorrect/etc. since the Trojans in mythology were the victims of the horse, not the perpetrators. See also source XXX, p. 11243 ..."). I don't think it ever warrants a whole sections for itself though. Regards SoWhy 20:08, 5 December 2009 (UTC)

This sounds reasonable to me. What do you think, Danfreedman? --Michael Kourlastalk 21:24, 5 December 2009 (UTC)
Actually, Michael, I think your suggestion that it become a footnote to the lead where "trojan" is used is a brilliant suggestion. Further, I agree that the part about it being "ironic" isn't really important to the reader -- it's a conclusion they can come to by themselves if they wish. Let's leave out a mention of irony. The important part to deepen the reader's knowledge of the term, as far as I'm concerned, is to draw his attention to the dichotomy of "Trojans" being "victims" in mythology while being "something that hurts victims" in current usage. I absolutely concede that this doesn't warrant its own section. It is a minor point, worthy of a footnote but not a section. It helps the reader to position his understanding of the abbreviation of the term "Trojan Horses", as used in computing, within a historical (or at least mythological) context.
I'm happy for either of us to attempt the change. Your recent "complete overhaul" is a work well done. --Danfreedman (talk) 13:54, 6 December 2009 (UTC)
Great! I'll add a note at the bottom of the page. Feel free to change what I write if you wish. --Michael Kourlastalk 15:42, 6 December 2009 (UTC)
Added footnote. Said that it was a misnomer because of all the things we've talked about. --Michael Kourlastalk 15:53, 6 December 2009 (UTC)
Michael -- It's perfect, much better as a footnote than a section. Thanks for improving the article. And now on to the next topic, whatever that might be. --Danfreedman (talk) 00:24, 7 December 2009 (UTC)

Distinction between trojan and virus

I keep running into people who think there is a meaningful distinction between trojan and virus. So I came here to see if wiki held the answer. I suppose it does: A trojan only replicates by user action and then installs itself (only) locally. Considering all the other varying attributes of malware (boot/network/email/scripts/drivers/services/payloads/backdoors/macros/etc), it is clear to me that the need to maintain the distinct term "trojan" is driven by the aesthetic pleasure derived (for some) in the analogy to the original Greek Trojan Horse. Whatever floats your boat. It would be much more sensible to keep track of methods of replication specifically for each variant of malware, rather than by celebrating this meaningless distinction. (In the age of scripts and macros everywhere you turn, deciding what constitutes "user action" is not a useful discussion.) 10 December 2009

The definition here in Wikipedia seems wrong in several respects. The original examples of Trojan Horse software were called that because people "let them in" their systems thinking they were something they wanted. They didn't have anything to do with allowing hacker or internet access; they were distributed on 3.5" floppies on PCs before there WAS an internet. They didn't and don't have to be downloaded; very few people were connected to much of anything in the early 80s. I think it would be good, in line with the above commenter, if we reserved the term for things that people purposely put on their machines thinking they are desirable, but that have a hidden harmful purpose.
Viruses in malware are called that because they come attached to other programs, and because they multiply and attach themselves to still more programs. I don't think the original definition necessarily included the ability to mutate itself, only to "hide" itself by attachment to something that didn't originally have it. This is the difference between this and a Trojan; the trojan is software that got put on the machine unknowingly while masquerading as something else; a virus can certainly come in that way, but can then go and attach itself to other software.
I think the whole area of malware -- which I regard as the general term for software that is bad news on your machine, however it got there and whatever it does -- on Wikipedia would benefit from some serious research and editing. The articles here appear to me to perpetuate some misconceptions about the subject. —Preceding unsigned comment added by 71.65.247.233 (talk) 02:45, 19 February 2010 (UTC)

Revision 331844264 was a double-edit error

Not quite sure how it happened, but as you can see, I first put the words in, then apparently took them out with another edit. Thanks HamburgerRadio for putting them back in again. They clearly need to be there. --Danfreedman (talk) 17:50, 16 December 2009 (UTC)

Real world terminology

This article is ludicrously distorted in its pedantic and eccentric use of the term "Trojan horse". In the real world, the term used is "trojan" (usually lower case), and this article should be rewritten (and renamed) to reflect virtually universal usage. As simple proof of this, there are more than 10 times as many pages with "trojan" and "malware" in them, compared to "trojan horse" and "malware", and in most of the later pages the term "trojan horse" is used in an explanation of the origin of the term "trojan". Wikipedia is for real people, not pedants who would like to pretend the world is as they would prefer. 82.1.148.7 (talk) 09:08, 12 January 2010 (UTC)

Assessment: Feb 16, 2009

This article is still well within the classification of C-Class. The following things need to be done in order to justify its promotion to B-Class:

  1. Grammar Needs to be checked. There are lots of issues here.
  2. Spelling. Same thing.
  3. There are too many bulleted lists, many of which are superfluous or unnecessary. These should be deleted or incorporated into prose.
  4. There are sections that are far too short. These need to be expanded significantly or integrated into the body of other sections.
  5. All bias or opinion should be removed. This is vitally important, as we are writing an encyclopedia, not a research project. This one is the hardest and may take the most time.

If you have any questions about my assessment or need help, please contact me either via my email [3] or my talk page. Thank you.--nblschool (talk) 17:35, 16 February 2010 (UTC)

The Trojan horse is not synonymous with hacking

A good example is Rogue security software: some might not bother looking at what you're doing on the computer, but they're sure interested in displaying pop-ups and tricking you into paying to remove what was just installed. You would still call that a Trojan horse because the software appears to remove malware on your computer that was already existing when all it might remove is the malware it installed itself.

Additionally, I don't think the original Trojan Horse was used to run a botnet in the city of Troy. All Trojan horse means is trick by appearing as something else, which you can see I made clear in the article's description and in the header of "Purpose and Operation". X-Fi6 (talk) 21:21, 1 July 2010 (UTC)

I think the recent changes to emphasize Adware goes too far. Trojan Horses predate Adware and Windows. Giving such prominence overwhelms historical information. --HamburgerRadio (talk) 19:55, 17 July 2010 (UTC)
Thanks for the suggestion, HamburgerRadio: the revisions since my change have made the article very neutral in your regard (adware-vs-hacking) and covering of both sides but stressing the much larger consequences of hacking. X-Fi6 (talk) 02:53, 6 October 2010 (UTC)

Ballsacks?

Forgive me I'm wrong, though is 'ballsacks' (which is listed the see also bit) actually computer related? I don't want to edit it out in case I'm wrong though it looks like someone has put it there as some kind of joke. — Preceding unsigned comment added by Jalfor (talkcontribs) 08:51, 13 September 2011 (UTC)

Trojan vs. RAT

What's the difference between a trojan and a RAT?

Today remote access is used not only as a way of abusing. Some of the usings of RATs are:

  • Classrom Management Software
  • Remote control on your own computer, like in TeamViewer, RDP (which allows you to control a computer without disturbing anyone who works on it physically, or to another person who's performing a remote connection)
  • Asking for help (like Windows Remote Assistance)
  • Online meetings (like Windows Meeting Space).

All of these were developed from the basic idea of the trojan horse.

BTW, why isn't there a section about the history of trojans?

Galzigler (talk) 19:23, 8 March 2012 (UTC)

Definition Improvements

I was planning on improving the definition of a Trojan horse for a Wikipedia Improvement project affiliated with NJIT.

The improvements I intend run relatively parallel with what a user posted under 'Improvements' from 2004, that the definition is rather ambiguous and undifferentiated from other Malware. I intend to differentiate the Trojan horse by commenting on its deceptive behavior in relation to cloaking itself as a benign program. I also intend to include a comment about the Trojan horses client-server architecture. I was going to add in the correct relation of the Trojan horse name to the Trojan War, but it appears that was done in-between my last visit. So my additions will compliment this new revision.

My statements will be based on two reputable sources, one being a text book that is used at over 125 colleges and universities. The other being a conference paper from the IEEE academic database. JayMyers-NJITWILL (talk) 00:24, 18 April 2012 (UTC)

Needs to say how you can delete trojan horses

I found this article confusing since it does not say how you can get rid of one if you are infected. It also only tells of common errors, for lack of a better word. There are bound to be some obscure errors that occur if you are infected.

I wonder is a "how to remove a trojan" section really fitting for here since all Trojans do different things and therefore are removed in different ways. Perhaps there could be a link to, say, the Symantec website where the information for each virus(etc) is posted, including removal instructions/tools. Darryl L James 01:31, 5 April 2006 (UTC)
I agree, a "how to remove" section seems out of place. Every infection is different, and generalizing the process could further confuse readers. —Preceding unsigned comment added by Jrg7891 (talkcontribs) 02:38, 6 November 2007 (UTC)
The article does not say if there are any remedies at all to trojans. All human health articles talk about treatments. Is throwing my computer out the only way to get rid of a trojan? Teach me, Wikis! ---Ransom (--67.91.216.67 (talk) 01:31, 17 February 2011 (UTC))

do Trojan slow down your pc? AKA do trojan take up all the RAM space? >x<ino 21:01, 4 November 2005 (UTC)

Trojans don't specifically fill up your RAM etc; it depends on how they are programmed. Darryl L James 01:31, 5 April 2007 (UTC)

at this point in time i am busy trying to fight off a trojan with my security software. please can you add some kind of link to a webpage that details howto better fight trojans?!? please! Jthekid15 (talk) 13:15, 25 January 2014 (UTC)

Vandalism?

There is no content in the section "How to defend against". (sorry if this is unwanted/not done well, first time editor.) — Preceding unsigned comment added by 69.27.71.214 (talk) 23:03, 25 January 2013 (UTC)

Any chance of writing this in English?

Look at the first sentence in the featured article on the front page today? Does it make sense to you? Do you understand what the article is about? Now, pretend that you're not tech-savvy and read this: "A Trojan horse, or Trojan, is a non-self-replicating type of malware which gains privileged access to the operating system while appearing to perform a desirable function but instead drops a malicious payload, often including a backdoor allowing unauthorized access to the target's computer." A what??? Come on! Please! I think I speak for the average reader in saying that when my anti-virus software tells me I may have a trojan I come to this article to find out what a trojan is. Instead, I'm effectively told to come back when I have a degree in computing and try to read it again. "Malware" is linked, but "self-replicating", "privileged access", "payload", "backdoor" etc. mean nothing to me. Is there anybody there with the skills to write that in a way that the average reader can understand? Scolaire (talk) 11:20, 4 August 2013 (UTC)

Somebody has finally done it. Thanks. Scolaire (talk) 18:44, 6 December 2013 (UTC)

Please add a section on trojan horse detection and removal

This has been discussed here before with the conclusion that this is an encyclopedic article that should only define qhat a trojan horse is. Ok, but I just had a look at http://en.wikipedia.org/wiki/Cyanide where the article not only explains what cyanide is but also how it can be detected and which antidotes exist.

I do not see a reason why a different standard should be used for computer science articels and see it a valid and interesting addition to the trojan horse article to add a section on trojan horse detection and removal. — Preceding unsigned comment added by 85.181.80.36 (talk) 18:35, 26 October 2013 (UTC)

I think this could be done right, but the problem is trojan horses operate in so many different ways an encyclopedic treatment (which is fundamentally distinct from a "how-to guide") wouldn't actually serve the purpose of helping people to remove trojans. So for e.g. Jthekid15 (talk · contribs)'s post above, the better venue to look for help would be the Wikipedia computing reference desk. As for other ideas, for Windows machines I've found Bleeping Computer to be quite helpful. --— Rhododendrites talk22:05, 25 January 2014 (UTC)

botnets

how do i know the computer i'm on isn't a trojan? (it probably is.)50.67.165.106 (talk) 20:12, 10 May 2015 (UTC)

Semi-protected edit request on 22 September 2015

  • printer Infection
  • printer firmware corruption

103.14.126.162 (talk) 14:14, 22 September 2015 (UTC)

 Not done. It is not clear what you want done. Please format the request in "Please change XX to YY." with reliable sources. Thank you. Inomyabcs (talk) 14:16, 22 September 2015 (UTC)

Hello fellow Wikipedians,

I have just added archive links to one external link on Trojan horse (computing). Please take a moment to review my edit. If necessary, add {{cbignore}} after the link to keep me from modifying it. Alternatively, you can add {{nobots|deny=InternetArchiveBot}} to keep me off the page altogether. I made the following changes:

When you have finished reviewing my changes, please set the checked parameter below to true to let others know.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 5 June 2024).

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers. —cyberbot IITalk to my owner:Online 04:23, 16 October 2015 (UTC)

Trojan downloader redirected here

I have redirected Trojan downloader to this article as it covers essentially the same topic and doesn't require a split at this time. --Lemongirl942 (talk) 13:30, 25 June 2016 (UTC)

"Hacking in"

It isn't useful to make "hacking in" a key part of the description. What is key is that they are malicious, and deceptive. In the next paragraph we say: "Although their payload can be anything, many modern forms act as a backdoor, contacting a controller which can then have unauthorized access to the affected computer" - surely this covers it? Snori (talk) 20:13, 3 August 2017 (UTC)

Trim

Rather than a big list of all the bad things a Trojan can do, I've given the general capabilities depending on the level of authorization. Oh, and I've trimmed 'horse' out - in practice these are now simply known as "Trojans". - Snori (talk) 08:26, 14 August 2017 (UTC)

Semi-protected edit request on 29 August 2017

124.253.0.52 (talk) 18:48, 29 August 2017 (UTC)

Name of the hacker is Nicoloi Ondrejko

Not done: it's not clear what changes you want to be made. Please mention the specific changes in a "change X to Y" format. — IVORK Discuss 21:44, 29 August 2017 (UTC)

Origin of the concept

Not sure about the 1974 claim - typed documentation for the chown call apparently from 1971 references the concept of Trojan Horses, which can be seen at the Bell Labs website ( in Dennis Ritchie's home folder by the looks of it ) at https://www.bell-labs.com/usr/dmr/www/pdfs/man21.pdf - Arewesureaboutthis (talk) 15:24, 13 February 2018 (UTC)

Excellant find! - Snori (talk) 15:36, 13 February 2018 (UTC)
Thanks. I can't edit the page as it's protected so hopefully someone else could add this info Arewesureaboutthis (talk) 20:06, 13 February 2018 (UTC)

"Microsoft" scam gimmicks on this page

Recently, I called up what was apparently "Microsoft" tech support who told me that I had many viruses and showed me an old revision of this page, stating that these types of viruses were "unable to be fixed by any anti-virus program". The account involved has since been banned due to vandalism, but the revision (and most likely others) are still in existence and are currently used to fool people to believe that they need to spend over thousands of money to get their computer fixed. Virtuous09 (talk) 21:34, 28 August 2018 (UTC)

Capitalization convention

Is it common in the literature to capitalize Trojan in this context? Normally the word "horse" is omitted. Is the remaining "Trojan" usually capital? -- Daviddwd (talk) 16:56, 26 March 2019 (UTC)

It varies, and reasonable arguments can be made for both approaches. The word is correctly capitalized when referring to the Trojans who the Greeks fought in the Trojan Way - or the Trojan horse that they built, So, because this is the same word, it would normally be still be capitalized - as per Wikipedia:Manual of Style.
The argument for *not* capitalizing is effectively threefold: (1) the general move to a more casual, less pedantic style; (2) that in this case "trojan" has become sort of genericized and so it's appropriate to lose the capital - (3) that it's what many writers and IT people find looks better (see [0] below)
As a bit of a guide to current usage, I did some rough googling:
  • BBC - generally "trojan"
  • NY Times: - "Trojan"
  • .gov sites: - 50/50, maybe favoring Trojan
  • .edu sites: - mixed but favoring Trojan
  • sans.org: - 50/50?
  • cert.org - mixed but favoring Trojan
  • microsoft.com - mixed but favoring Trojan
  • ibm.com - 'Trojan"
  • apnews.com - 50/50
I would suggest that we have small note in the article, effectively saying that while derived from "Trojan Horse", it's very common to write it as uncapitalized as "trojan", when not explaining the derivation - and that's the pattern that the article will follow. - Snori (talk) 05:13, 28 March 2020 (UTC)\
I've now done this, loosely based on the approach of Gram stain, where they grapple with a similar issue. - Snori (talk) 05:53, 29 March 2020 (UTC)
In case anybody is interested in how "trojan horse" is actually capitalized in practice, we can get an answer from Google ngrams. The "case-insensitive" option shows results for different variations of the case in a single inquiry.
When considering more recent occurrences (e.g. post-2000), "trojan horse" appears in lower-case only about 2% of the time; it appears as "Trojan horse" around 64% of the time, and as "Trojan Horse" around 33% of the time (obviously there is variation depending on exactly which time period you look at).
To get an idea of capitalization of "trojan" by itself, I suggest doing an inquiry on "trojans" (since there's no way to search on "trojan" without including "trojan horse", and "trojans horse" would be an unusual phrase). In this case, it appears as "Trojans" around 97% of the time and as "trojans" about 3% of the time. (Note that the ngram tool reports percentage of occurrences in their database, I am providing percentage relative to the number of occurrences which contain the search term without regard to capitalization). Fabrickator (talk) 18:23, 31 March 2020 (UTC)