jsm@vax1.UUCP (03/31/87)
The April issue of 'Computer Language' gives a rave review , by one Tim Parker, of a public-domain program called NOTROJ.COM. The program is alleged to be a protection against trojan horses; Parker says that "this superb little package should be used by anyone working with software for the first time ". The catch is that NOTROJ is well known in the BBS community as being ITSELF a trojan horse; it will perform a low-level format on ones hard disk if and only if the hard disk is over 50% full! This is detailed in Eric Newhouse's superb list of trojan horses, DIRTYDOZ (available on most BBS's; I'll try to get it uploaded here). I am very angry that a national publication has, through the incompetence of its staff, published information that will cause injury to the naive reader. I have written the editor about this, and suggest that all others concerned about the trojan problem do the same.
kfk9673@ritcv.UUCP (03/31/87)
In article <324@vax1.ccs.cornell.edu> jsm@vax1.ccs.cornell.edu (Jon Meltzer) writes: >The April issue of 'Computer Language' gives a rave review , by one Tim >Parker, of a public-domain program called NOTROJ.COM. The program is >alleged to be a protection against trojan horses; Parker says that >"this superb little package should be used by anyone working with software >for the first time ". > >The catch is that NOTROJ is well known in the BBS community as being ITSELF >a trojan horse; it will perform a low-level format on ones hard disk if and >only if the hard disk is over 50% full! > >This is detailed in Eric Newhouse's superb list of trojan horses, DIRTYDOZ >(available on most BBS's; I'll try to get it uploaded here). > >I am very angry that a national publication has, through the incompetence of >its staff, published information that will cause injury to the naive >reader. I have written the editor about this, and suggest that all others >concerned about the trojan problem do the same. I read an article in PC Week last summer and it mentioned that the people who created the SoftGuard protection scheme have created a trojan horse that would destroy a disk if the "trojan" was used to remove the SoftGuard protection from a program. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Kingston UUCP: ..!rochester!ritcv!kfk9673 BITNET: KFK9673@RITVAX (If your site doesn't recognize RITVAX, use RITVAXC instead)
wtm@neoucom.UUCP (04/02/87)
In article <324@vax1.ccs.cornell.edu>, jsm@vax1.ccs.cornell.edu (Jon Meltzer) writes: > The April issue of 'Computer Language' gives a rave review , by one Tim ^^^^^ ||||| > Parker, of a public-domain program called NOTROJ.COM. Perhaps, this way some sort of cruel April fools' joke on Tim Parker's part. It is difficult to believe that anyone that has even minimal knowledge of what a Trojan Horse program is has not heard of notroj's infamous reputation. The one person I know who had problems with notroj stopped it cold before it did its dirty work, as it began to complain about relatively inocuous items such as lotus 1-2-3 that had been on the disk for quite some time. --Bill Bill Mayhew Division of Basic Medical Sciences Northeastern Ohio Universities' College of Medicine Rootstown, OH 44272 USA phone: 216-325-2511 (wtm@neoucom.UUCP)
beser@mcs.UUCP (04/03/87)
In article <324@vax1.ccs.cornell.edu>, jsm@vax1.ccs.cornell.edu (Jon Meltzer) writes: > The April issue of 'Computer Language' gives a rave review , by one Tim > Parker, of a public-domain program called NOTROJ.COM. The program is > alleged to be a protection against trojan horses; Parker says that > "this superb little package should be used by anyone working with software > for the first time ". > > The catch is that NOTROJ is well known in the BBS community as being ITSELF > a trojan horse; it will perform a low-level format on ones hard disk if and > only if the hard disk is over 50% full! > Not only is this documented by the BBS community, It was written about in ACM's SIGSOFT (Journal of Software Engineering). They weren't sure if this software had some legitimate bugs, or was deliberatly destructive. I'm not a lawyer, but I think that if someone rushes out to obtain this delightful ditty on the basis of recomendations from a reputable national magazine, and NOTROJ does its thing, isn't the magazine liable for contributory neglegence? It's like the New England Journal of Medicine raving about Arsenic as a cure for the cold. I think that if this was the April Fool's article, it was very subtle and should be take as such. If not, the author is quite naive, and somewhat dangerous. That makes anything he says as suspect. =========================================================== Eric Beser seismo!aplcen!cp1!sarin!eric ebeser @ ada20 (arpanet) The opinions expressed are Mine...Mine!!...MINE!!!!! I will kill anyone who tells me different!
jsm@vax1.UUCP (04/12/87)
In article <10@mcs.UUCP> beser@mcs.UUCP (Eric Beser USENET) writes: >In article <324@vax1.ccs.cornell.edu>, jsm@vax1.ccs.cornell.edu (Jon Meltzer) >writes: > >> The April issue of 'Computer Language' gives a rave review , by one Tim >> Parker, of a public-domain program called NOTROJ.COM. The program is >> alleged to be a protection against trojan horses; Parker says that >> "this superb little package should be used by anyone working with software >> for the first time ". >> >> The catch is that NOTROJ is well known in the BBS community as being ITSELF >> a trojan horse ... >> >Not only is this documented by the BBS community, It was written about >in ACM's SIGSOFT (Journal of Software Engineering). They weren't sure >if this software had some legitimate bugs, or was deliberatly destructive. > >I'm not a lawyer, but I think that if someone rushes out to obtain this >delightful ditty on the basis of recomendations from a reputable >national magazine, and NOTROJ does its thing, isn't the magazine >liable for contributory neglegence? It's like the New England >Journal of Medicine raving about Arsenic as a cure for the cold. > If "Computer Language" wants to have any credibility henceforth, it must fire Parker and print a retraction.
rick@uwmacc.UUCP (04/15/87)
In article <338@vax1.ccs.cornell.edu> jsm@vax1.UUCP (Jon Meltzer) writes: >If "Computer Language" wants to have any credibility henceforth, it must >fire Parker and print a retraction. Indeed. I presume *you* walk on water, Mr. Meltzer, when writing. Could I hire you to do my next project? Surely an infallible engineer must be worth any amount of money. -- Rick Keir -- one floor up from the Oyster Tank -- UWisc - Madison {allegra, ihnp4, seismo}!uwvax!uwmacc!rick
geoff@desint.UUCP (Geoff Kuenning) (04/17/87)
In article <1389@uwmacc.UUCP> rick@unix.macc.wisc.edu.UUCP (Rick Keir) writes: > In article <338@vax1.ccs.cornell.edu> jsm@vax1.UUCP (Jon Meltzer) writes: > >If "Computer Language" wants to have any credibility henceforth, it must > >fire Parker and print a retraction. > > Indeed. I presume *you* walk on water, Mr. Meltzer, when writing. > Could I hire you to do my next project? Surely an infallible engineer > must be worth any amount of money. It doesn't take water-walking to test a program before you publish it. Even if Mr. Parker suffered a lapse, a well-run organization would have a system to compensate for such possibilities. There is NO EXCUSE for shipping (or publishing, in this case) untested software. -- Geoff Kuenning geoff@ITcorp.com {hplabs,ihnp4}!trwrb!desint!geoff