alexc@psu-cs.UUCP (Alex M. Chan.) (02/15/88)
Hello,
Since that there is a few VIRUS programs being posted on the net
and they all would do damages to you work. I would suggested that in the
futher if anyone wanted to post any programs on the net, only post the
the SOURCE code and all the necessary infomation to compile the programs.
Instead of just execuatables. If those programers who do not want to
give out source codes, just leave the US-mailing addresses and people could
send in disks for the source or ... ( you could charge a small fee for your
code, if that is the way you wanted.. ). This way, VIRUS PROGRAMS could
be detected before it would done the damage. ( You are in control of
compiling the code, and you should have a good understanding of the code before you try to compile and run teh program. I hope that those people who have
been proven guilty of posting VIRUS PROGRAMS be banned from using the net.
( the jobs of the group mod. and sys admin of the according systems.. )
Thank you for your attension...
Sincerely,
Alex M. Chan.
-------------------------------------------------------------------------------
RETURN PATH = alexc@psu-cs.uucp ( Alex M. Chan )
Receiving a million dollars tax free will make you feel better than
being flat broke and having a stomach ache.
-- Dolph Sharp, "I'm O.K., You're Not So Hot"
-------------------------------------------------------------------------------msmith@topaz.rutgers.edu (Mark Robert Smith) (02/16/88)
I'm afraid I have to disagree. Many users need these utilities, and
do not have the appropriate compilers. Posting ONLY sources would
reduce drastically the number of users who download the programs.
Mark
--
Mark Smith (alias Smitty) "Be careful when looking into the distance,
RPO 1604, CN 5063 that you do not miss what is right under your nose."
New Brunswick, NJ 08903 {backbone}!rutgers!topaz.rutgers.edu!msmith
msmith@topaz.rutgers.edu msmith%topaz.rutgers.edu@CUNYVM.BITNETdavidsen@steinmetz.steinmetz.UUCP (William E. Davidsen Jr) (02/17/88)
In article <495@psu-cs.UUCP> alexc@psu-cs.UUCP (Alex M. Chan.) writes: >Hello, > > Since that there is a few VIRUS programs being posted on the net >and they all would do damages to you work. I would suggested that in the >futher if anyone wanted to post any programs on the net, only post the >the SOURCE code and all the necessary infomation to compile the programs. You are missing two points. Programs are written using at least three C compilers, two versions of Pascal, and assembler, not to mention things written on Xenix and cross compiled using tools not available in DOS. A user could spend thousands of dollars buying the compilers, and hundreds of hours reading the source code. Second, many of the readers of this group are not hackers in all languages, and wouldn't know what int's did what. If a comment said "turn on the speaker," they wouldn't realize that it was a disk controller interrupt. Not *all* trojans are written with comments which say "no trash the hard disk." Finally, I think I could write a program which would take *hours* of time to locate the trojan, even in source. Give me the executables, please. I would like the mailing address of the author, but realize that unless you have a bunch of time you can't write and ship disks for nothing. It becomes a question of "when is it cheaper to take a chance than to spend a lot of time protecting myself," it's in the field of risk analysis. Buy commercial software if you wish. -- bill davidsen (wedu@ge-crd.arpa) {uunet | philabs | seismo}!steinmetz!crdos1!davidsen "Stupidity, like virtue, is its own reward" -me
berger@clio.las.uiuc.edu (02/17/88)
We could similarly prevent product tampering by requiring that people
purchase their processed food directly from the distributor. But a
lot of people would go hungry. And it wouldn't really solve the
problem.
Mike Berger
Department of Statistics
Science, Technology, and Society
University of Illinois
berger@clio.las.uiuc.edu
{ihnp4 | convex | pur-ee}!uiucuxc!clio!bergermvolo@ecsvax.UUCP (Michael R. Volow) (02/18/88)
In article <495@psu-cs.UUCP>, alexc@psu-cs.UUCP (Alex M. Chan.) writes: > Hello, > > Since that there is a few VIRUS programs being posted on the net > and they all would do damages to you work. I would suggested that in the > futher if anyone wanted to post any programs on the net, only post the > the SOURCE code and all the necessary infomation to compile the programs. > Instead of just execuatables. If those programers who do not want to > This would not help us non-programmers or non-compilers owners in our access to good, already-compiled software. How about trying to find out where the viruses are coming from? No one responded to my previous posting, asking or speculating about their origin. Come on, those of you deep in the programming world ought to have some idea!! You can post hundreds of repetitive mess- ages about paying or not paying for shareware. How about a little group epidemiology investigating the origin of virus programs. They are as destructive to shareware as a few non-paying users. Michael Volow, M.D. Dept of Psychiatry, Durham VA Medical Center, Durham, N.C. 27705 919 286 0411 mvolo@ecsvax.UUCP
kleonard@PRC.Unisys.COM (Ken Leonard --> kleonard@gvlv2@prc.unisys.com) (02/20/88)
In article <4626@ecsvax.UUCP> mvolo@ecsvax.UUCP (Michael R. Volow) writes: >In article <495@psu-cs.UUCP>, alexc@psu-cs.UUCP (Alex M. Chan.) writes: >>...future if anyone wanted to post any programs on the net, only post the >>SOURCE code and all the necessary infomation to compile the programs. >This would not help us non-programmers or non-compilers owners in... >How about trying to find out where the viruses are coming from? No... >...ought to have some idea!! You can post hundreds of repetitive mess- >ages about paying or not paying for shareware. How about a little >group epidemiology investigating the origin of virus programs. They >are as destructive to shareware as a few non-paying users. >Michael Volow, M.D. Dear Dr. Volow; It seems to me that you hugely UNDERSTATE the case. The simple (not necessarily simply derived, but simple in statement of conclusion) is that covert (i.e. not fully disclosed to every recipient) distribution of ANY "virus" or "worm" or "gotcha" in ANY program having an ostensible useful (including purely recreational) purpose is BOTH a criminal offense and a cause for compensatory and punitive civil action. The underlying principle, well supported by precedent, in the Common Law and in the code of (at least) every State of the U.S., and in the U.S. Code (in matters of Interstate Commerce) is that: If you give to me, for consideration or none, anything which will, unbeknownst to me, cause me harm or discomfort, then you are both a criminal and an offender against the civil order. No, dear Nit-Pickers, the derivation of this conclusion is not trivial, and is not supportable by simplistic analogy to "giving poisoned candy to a baby." So come on, fellow hackers, let us get off our ego trips long enough to stop defecating in our own nest. If anyone knows the origin of any such dreck, let her or him say so, and say where and who that origin is. If we don't help to clean up these messes, we will, most deservedly, eventually catch a massive backlash. How would we like to see BITNET, CSNET, and all of the other wonders of open net-land closed and locked against us? Regardz, [Engineering: The Art of Science] Ken Leonard --- --- This represents neither my employer's opinion nor my own: It's just something I overheard in a low-class bar down by the docks.
mvolo@ecsvax.UUCP (Michael R. Volow) (02/20/88)
In article <5538@burdvax.PRC.Unisys.COM>, kleonard@PRC.Unisys.COM (Ken Leonard --> kleonard@gvlv2@prc.unisys.com) writes: > In article <4626@ecsvax.UUCP> mvolo@ecsvax.UUCP (Michael R. Volow) writes: > The simple (not necessarily simply derived, but simple in statement of > conclusion) is that covert (i.e. not fully disclosed to every recipient) > distribution of ANY "virus" or "worm" or "gotcha" in ANY program having > an ostensible useful (including purely recreational) purpose is BOTH a criminal > offense and a cause for compensatory and punitive civil action. > > So come on, fellow hackers, let us get off our ego trips long enough to stop > defecating in our own nest. If anyone knows the origin of any such dreck, > let her or him say so, and say where and who that origin is. If we don't > help to clean up these messes, we will, most deservedly, eventually catch > a massive backlash. How would we like to see BITNET, CSNET, and all of > the other wonders of open net-land closed and locked against us? Sorry if you took what I meant lightheartedly -- I didn't. I meant it seriously. There seemed to be so little comment about the origin of virus programs, I was afraid that there was a consipiracy of silence about their origin. I'm all for finding out their origin, and I hope that everyone on the net would co-operate with any helpful in- formation. f o r i n e w s Michael Volow, M.D. Dept of Psychiatry, Durham VA Medical Center, Durham, N.C. 27705 919 286 0411 mvolo@ecsvax.UUCP