Dickson@his-phoenix-multics.arpa (Paul Dickson) (04/02/88)
I personally don't take the threat of the virus too seriously. I have never been infected myself, although I know two developers who were infected with disks from Commodore. At the last user group meeting here in Phoenix, myself and those two developers were dicussing ways in which the Amiga could become infected with a virus. We identified three ways a virus can be spread. They are: through the boot block (as nearly all viruses currently spread), hunk prefixing (the virus is prepended to any executable code), and through a ROM write tag (basicly allows replacing of ROM code, but there isn't much info out on how this works). The hunk prefixing isn't too difficult, the developer who told me about it said it only took him four days to figure it out (he needed it to apply patches to already distributed code). If a virus was created using this method, it would be much more contagious, but would be much more visible (the byte counts of your code would change). I am a Sysop of an Amiga BBS. I try to keep track of everything that is uploaded and who did the uploading. I validate only users who give me valid info when they register (those who give Alaskan areacodes and select Arizona for home state are deleted rather than being validated). I'm also fortunate to be not running my machine on an Amiga. The Amiga software can not affect the BBS machine. Overall, I feel the message about the virus is more of a empty threat than anything real. I'm not dismissing the possibility that there might be an actually virus that is a variation of the boot block virus, or a newer hunk prefixing virus, but the odds are very slim that the virus is real. It's much easier to create more fear than to create a "new" virus. It's probably best to deleted the message from your BBS, than to stir up more fear of viruses. It's also a good idea keeping a doc file online that discribes how the viruses work and how to fight them. -Paul Dickson Sysops of Daemon's Den (602)-841-0509 (PC Pursuitable) ARPANET: Dickson%pco @ BCO-Multics.ARPA