gaynor@bat.cis.ohio-state.edu (Vampire) (12/11/89)
I just wanted to do someting that I haven't seen anyone else do, and that is to say "Thank you" to John Norstad, author of Disinfectant, and to all the other people involved in the "good fight" against the WDEF virus - and all the other viruses that exist in the Macinstosh Community. I do consulting work for the university on a student basis, but being one of the few people in my department with access to the Internet, I get the news relatively quick, and am often the one who deals with distributing and acting on this news. I haven't read news since Thursday, and, logging on today, saw not only the discovery of the WDEF virus, but it's analysis and the counter-measures taken (in the form of Eradicator, Disinfectant 1.4, and the INIT written by the man in Finland<?>). Thanks alot, guys, for caring enough to do all this, and to do it as well as you do. A comment on WDEF: While I have yet to check all the HDs in the office (and at various campus sites), we have been "losing" icons for a number of programs/inits/cdevs stored in the system folder. The beginning of this behavior seems to coincide with the suspected "release date" of the WDEF virus - namely, mid October. John, or anyone else, do you have any idea if this is yet another one of WDEF's symptoms? Again, thank you. -=- | Jim Gaynor..."The Vampire Lestat" UseNet: gaynor@cis.ohio-state.edu | | The Ohio State University - Instructional and Research Computer Center | >> "Could I interest you, sir, in dominion over half the world?" << >> -Nigel Frobisher, Excalibur #15 <<
bskendig@phoenix.Princeton.EDU (Brian Kendig) (12/11/89)
In article <74866@tut.cis.ohio-state.edu> Vampire <gaynor@cis.ohio-state.edu> writes: > I just wanted to do someting that I haven't seen anyone else do, and >that is to say "Thank you" to John Norstad, author of Disinfectant, and to >all the other people involved in the "good fight" against the WDEF virus - and >all the other viruses that exist in the Macinstosh Community. Rah! Rah! Rah! Three cheers for them. Fine job, guys - the Macintosh world wouldn't be safe without you! Meanwhile, I have the proverbial egg in my face. I posted the original article that doubted the existence of the WDEF virus, and later was convinced by an overwhelming quantity of E-mail that the virus was indeed spreading. I noticed the posts about the string to add to VirusDetective to check for the new virus, so I made the necessary addition. (For those of you who didn't catch it: To make VirusDetective check for the WDEF virus add the string "Creator=ERIK & Resource WDEF & Any" to your searches file.) Well, just to test it, I ran the modified copy of VirusDetective on my hard drive. Of course I wouldn't find anything, because I hadn't used any outside disks in my system, and I always kept my own disks locked whenever I used them in other systems. In short, I practice 'safe hex'... I'm almost too embarrassed to admit what VirusDetective found. And I'm also at a loss to figure out *how* it happened. I meticulously take all sorts of precautions to see that this sort of thing won't be possible... it must have happened more than half a month ago! Somehow, the WDEF virus got into MY machine! << Brian >> -- | Brian S. Kendig ^ Macintosh | /\ _||_ | bskendig | | Computer Engineering |\ Thought | /__\ \ / | @phoenix.Princeton.EDU | | Princeton University | \ Police | || \/ | @PUCC.BITNET | | Systems Engineering, NASA Space Station Freedom / General Electric WP3 |
mck@beach.cis.ufl.edu (Mark Kilby) (12/13/89)
In article <74866@tut.cis.ohio-state.edu> Vampire <gaynor@cis.ohio-state.edu> writes: > > I just wanted to do someting that I haven't seen anyone else do, and >that is to say "Thank you" to John Norstad, author of Disinfectant, and to >all the other people involved in the "good fight" against the WDEF virus - and >all the other viruses that exist in the Macinstosh Community. ABSOLUTELY!!!! Many thanks to John and all the other Mac "Doctors" out there. I think we all know where we would be without them. Digression: If all these hack-heads who create these viruses want to prove just how brilliant they are, why not create a non-malicious application WHICH IS NOT A VIRUS, but could be bundled with shareware. This little companion application would permit the new user to try out shareware for either (a) a specific length of time (i.e. a month) or (b) a specific number of times (i.e. the user could run it 20 times or so). After this period, the COMPANION (that's what I'll call it for now) would ask for a key code that the user could obtain from the shareware author after paying that typically miniscule fee. If the code is not entered, the COMPANION would either (a) lock up the shareware application or (b) remove the application. Before I get flamed for daydreaming, I will claim that I have no idea how difficult or simple this may be to do. However, it is my idea and if someone does write a COMPANION-like application, I ask that it be shareware. That's my only claim to the idea. Disclaimer: "The opinions expressed are mine alone. The concepts have changed to protect the innoent." ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Mark C. Kilby mck@beach.cis.ufl.edu "See ... I'm an ideas man Chuck!" - Michael Keaton, Night Shift