geoff@pmafire.UUCP (Geoff Allen) (11/28/89)
I recently obtained both Vaccine and Gatekeeper and was wondering if
folks on the net could expound on the relative merits of each.
Gatekeeper seems to be the more thorough of the two, but does require
setting up all the permissions. Also, it seems that Gatkeeper allows
you to choose between halting all suspicious activity and simply
notifying the user. What I'd like to have is something that would let
me allow or prevent actions as I see fit. (Especially in the early
stages when I'm trying to get Gatekeeper configured.) Is this possible?
I haven't looked into Vaccine too much yet, so I don't know as much
about it.
I have the impression that there is no point in putting both in my
System Folder. Is this correct? Would having both in my System Folder
cause any problems?
Thanks for any and all advice.
--
Geoff Allen \ WINCO doesn't believe in Macs,
{uunet|bigtex}!pmafire!geoff \ so of course these are my views.
ucdavis!egg-id!pmafire!geoff \chrisj@ut-emx.UUCP (Chris Johnson) (11/29/89)
In article <870@pmafire.UUCP> geoff@pmafire.UUCP (Geoff Allen) writes: >I recently obtained both Vaccine and Gatekeeper and was wondering if >folks on the net could expound on the relative merits of each. > >Gatekeeper seems to be the more thorough of the two, but does require >setting up all the permissions. Yes, Gatekeeper is more thorough in a number of important respects. It's also true that Gatekeeper used to require you to setup its privilege list, but I stress the phrase "used to" - with the release of version 1.1.1, Gatekeeper finally started shipping preconfigured with about 40 of the most commonly required privileges (most users, of course, need only a handful of those 40). >Also, it seems that Gatkeeper allows >you to choose between halting all suspicious activity and simply >notifying the user. What I'd like to have is something that would let >me allow or prevent actions as I see fit. (Especially in the early >stages when I'm trying to get Gatekeeper configured.) Is this possible? "Is it possible?" Hmm... My current answer is "no" because I haven't been able to work out a safe and reliable method of displaying alerts at *any* phase in the operation of the Macintosh. Paul Coza's answer would, I imagine, be "yes" because he, somehow, managed to implement something very similar in SAM. Needless to say, Paul hasn't been anxious to tell me how he did it. :-) :-) :-) For what it's worth, I'd love to provide the sort of alerts you suggest, but I won't do it until I find a thoroughly safe and reliable method of doing so. Sadly, I don't see such a method on the horizon. Still, distributing Gatekeeper preconfigured has dramatically decreased the troubles with the early stages of installation. In fact, in most cases, those troubles have been eliminated. >I haven't looked into Vaccine too much yet, so I don't know as much >about it. On the subject of Vaccine - I recommend Gatekeeper. I've seen too many situations in which Vaccine asked all the right questions to users who (quite understandably) had no earthly idea what the answers were. Result: the viruses did very well - the users, in stark contrast, did rather poorly. Beyond that, even if *you* can always be certain which operations are virus related and which aren't - it's hard to be certain that everyone who ever uses your machine (passing co-workers, friends, family, etc.) will always know and provide the right answers to Vaccine's Grant/Deny questions. One wrong answer and you've got a problem. Also, as mentioned above, Gatekeeper's actual *protections* are considerably more extensive than Vaccine's. >I have the impression that there is no point in putting both in my >System Folder. Is this correct? Would having both in my System Folder >cause any problems? If you use Gatekeeper there's no point in using Vaccine and vice-versa. Having both in your System Folder won't actually cause your system to crash, but Vaccine will effectively undermine Gatekeeper's transparency of operation. >Thanks for any and all advice. > >-- >Geoff Allen \ WINCO doesn't believe in Macs, >{uunet|bigtex}!pmafire!geoff \ so of course these are my views. >ucdavis!egg-id!pmafire!geoff \ My pleasure. By the way, you can find Gatekeeper 1.1.1 at sumex and simtel, and, if all else fails, I can always email it to you. Cheers, ----Chris (Johnson) ----Author of Gatekeeper ----chrisj@emx.utexas.edu
baumgart@esquire.dpw.com (Steve Baumgarten) (11/29/89)
In article <21506@ut-emx.UUCP>, chrisj@ut-emx (Chris Johnson) writes: >On the subject of Vaccine - I recommend Gatekeeper. I've seen too many >situations in which Vaccine asked all the right questions to users who >(quite understandably) had no earthly idea what the answers were. >Result: the viruses did very well - the users, in stark contrast, did rather >poorly. > >Beyond that, even if *you* can always be certain which operations are virus >related and which aren't - it's hard to be certain that everyone who ever >uses your machine (passing co-workers, friends, family, etc.) will always know >and provide the right answers to Vaccine's Grant/Deny questions. One wrong >answer and you've got a problem. I have to agree with Chris. Even though I think of myself as very well informed about viruses on the Mac and fairly technically adept, a friend just came by the other day to use my printer. She brought with her a copy of WriteNow which was, as it happens, infected with one of the nVir strains. When it started up, I got GateKeeper's alert box, but I was distracted and running a little late, so I just acknowledged it and continued, not even bothering to read it. If there had been a Grant/Deny choice, I probably would have pressed Grant. I guess I'm so used to Microsoft programs doing all sorts of nasty things (I use Word) that I just figured that WriteNow was trying to do something similar. So GateKeeper saved me both from the nVir infection and from myself in this case. I've seen ads for some of the commercial anti-virus products, but I've never seen the need for them with GateKeeper. It's a great little utility. -- Steve Baumgarten | "New York... when civilization falls apart, Davis Polk & Wardwell | remember, we were way ahead of you." baumgart@esquire.dpw.com | cmcl2!esquire!baumgart | - David Letterman