kdo@edsel (Ken Olum) (11/10/88)
In article <16722@agate.BERKELEY.EDU> greg@math.Berkeley.EDU (Greg) writes: >Here is some of what needs to be done: [to protect against future viruses] > > . . . > >3. Protect home directories. > >4. Eliminate unnecessary .rhosts files > The things that frigtens me most about this whole affair is that people will institute a lot of harmful and poorly-thought-out security measures. Unprotected directories and easy rlogin allow me to get my work done every day. Changing this would cause me a big loss of productivity. I'd rather spend my time in productive and pleasant work, even if that means I have to chase viruses and restore my system from backups now and then. It's like spending $100K a year on guards because otherwise you lose $10K a year in stolen equipment. Easy access to other machines and files isn't just a convenience that we can do without -- it's an important part of being able to do anything useful. I'm not against security. Somebody said that it was possible to have a security system that doesn't interfere with easy access to the things you need. If that's true, let's do it, but Unix certainly isn't like that now! Ken Olum P.S. Can someone tell me the difference between a worm and a virus, and why it is important to avoid the wrong term?
spaf@cs.purdue.edu (Gene Spafford) (11/10/88)
In article <1613@edsel> kdo@lucid.com writes: >P.S. Can someone tell me the difference between a worm and a virus, Here's my attempt at that: A worm is a program that can run by itself and can propagate a fully working version of itself to other machines. A virus is a piece of code that adds itself to other programs, including operating systems. It cannot run independently, but rather requires that its "host" program be run to activate it. As such, it has a clear analog to biologic viruses -- those viruses are not considered live, but they invade host cells and take them over, making them produce new viruses. As such, what was loosed on the Internet was clearly a worm. The concept of a "worm" program that spreads itself from machine to machine was first described by John Brunner in his classic science fiction novel "The Shockwave Rider," copyrighted in 1975. He called these programs "tapeworms" that lived in the innards of computers and spread themselves to other machines. In 1979-1981, researchers at Xerox PARC built and experimented with actual "worm" programs. They reported their experiences in a CACM article, "The Worm Programs -- Early Experience with a Distributed Computation." The authors were John F. Shoch and Jon A. Hupp, and it was published in the March 1982 issue (v. 25, #3, pp. 172-180). The first use of the word "virus" (to my knowledge) to describe something that infects a computer was in the science fiction short stories about the GOD machine written by David Gerrold. These stories were later combined and expanded to form the book "When Harlie Was One," copyrighted 1972. In that book, Gerrold described a bored artificial intelligence that was taught by an unethical scientist how to break into other computers and infect them with a program named VIRUS. This program would infiltrate the system software and bog the system down so much that it became unusable. The scientist then planned to sell a program named VACCINE that could cure virus and prevent it from becoming established. As an aside, it so happened that noise on a phone line caused VACCINE to become mutated so that VACCINE didn't work -- it's an entertaining book. The term "computer virus" was first used in a formal way by Fred Cohen of USC in his paper "Computer Viruses: Theory and Experiments" published in 1984 in the Proceedings of the 7th National Compter Security Conference, pp. 240-263. He defined the term to mean a security problem that attaches itself to other code and turns it into something that produces viruses. I hope these references help. I would suggest you read them if you have further questions. -- Gene Spafford NSF/Purdue/U of Florida Software Engineering Research Center, Dept. of Computer Sciences, Purdue University, W. Lafayette IN 47907-2004 Internet: spaf@cs.purdue.edu uucp: ...!{decwrl,gatech,ucbvax}!purdue!spaf