Dickson@his-phoenix-multics.arpa (Paul Dickson) (04/02/88)
I personally don't take the threat of the virus too seriously. I have
never been infected myself, although I know two developers who were
infected with disks from Commodore. At the last user group meeting
here in Phoenix, myself and those two developers were dicussing ways in
which the Amiga could become infected with a virus. We identified
three ways a virus can be spread. They are: through the boot block (as
nearly all viruses currently spread), hunk prefixing (the virus is
prepended to any executable code), and through a ROM write tag (basicly
allows replacing of ROM code, but there isn't much info out on how this
works).
The hunk prefixing isn't too difficult, the developer who told me about
it said it only took him four days to figure it out (he needed it to
apply patches to already distributed code). If a virus was created
using this method, it would be much more contagious, but would be much
more visible (the byte counts of your code would change).
I am a Sysop of an Amiga BBS. I try to keep track of everything that
is uploaded and who did the uploading. I validate only users who give
me valid info when they register (those who give Alaskan areacodes and
select Arizona for home state are deleted rather than being validated).
I'm also fortunate to be not running my machine on an Amiga. The Amiga
software can not affect the BBS machine.
Overall, I feel the message about the virus is more of a empty threat
than anything real. I'm not dismissing the possibility that there
might be an actually virus that is a variation of the boot block virus,
or a newer hunk prefixing virus, but the odds are very slim that the
virus is real. It's much easier to create more fear than to create a
"new" virus. It's probably best to deleted the message from your BBS,
than to stir up more fear of viruses. It's also a good idea keeping a
doc file online that discribes how the viruses work and how to fight
them.
-Paul Dickson
Sysops of Daemon's Den
(602)-841-0509 (PC Pursuitable)
ARPANET: Dickson%pco @ BCO-Multics.ARPA