a864@mindlink.UUCP (Jono Moore) (10/25/90)
> own@castle.ed.ac.uk writes: > > Msg-ID: <6868@castle.ed.ac.uk> > Posted: 26 Oct 90 13:42:27 GMT > > Org. : Edinburgh School of Agriculture > Person: O Morgan > > Sorry if this question has already been treated ad nauseum... > I'd like to know peoples opinions about how 'hygienic' it is to > download files from c.b.i.p. (and Ftp sites such as Simtel & chyde.fi). > This is mainly due to colleagues feeeling uneasy at the ammount > of external programs I am downloading for evaluation, and I would like > to know if there is justification for quaranteening my machine. > > My feeling is that since these programs are tested and moderated, then > any virus/trojans will have manifested itself before being posted, > (unless it's a delayed action one, using a mechanism that is not catered > for by the antiviral programs?). > Also, for shareware, since the developper has to identify himself in > order to receive subscriptions, it would seem illogical to include > programs with harmful side effects - then again you never know. My view is that you are responsible for checking whatever comes onto your computer... I check the software that comes on to my system, no matter what the source was. -- USENET: a864@mindlink.UUCP | "I've got compassion running BITNET: usernk1z@sfu | out of my nose, pal. I'm the INTERNET: Jono_Moore@cc.sfu.ca | sultan of sentiment." DATA: (604)983-3546 MSDOS only | --Albert Rosenfield (Twin Peaks)
own@castle.ed.ac.uk (O Morgan) (10/26/90)
Sorry if this question has already been treated ad nauseum... I'd like to know peoples opinions about how 'hygienic' it is to download files from c.b.i.p. (and Ftp sites such as Simtel & chyde.fi). This is mainly due to colleagues feeeling uneasy at the ammount of external programs I am downloading for evaluation, and I would like to know if there is justification for quaranteening my machine. My feeling is that since these programs are tested and moderated, then any virus/trojans will have manifested itself before being posted, (unless it's a delayed action one, using a mechanism that is not catered for by the antiviral programs?). Also, for shareware, since the developper has to identify himself in order to receive subscriptions, it would seem illogical to include programs with harmful side effects - then again you never know. Has there been any instances of epidemics spreading via c.b.i.p. or FTP sites? -- ---------------------------------------------------------------------------- Olly Morgan **** Tel: (+44 31) 662 4395 **** E.Mail: O.Morgan@ed.ac.uk Scottish Agricultural College. Edinburgh EH9 2HH, Scotland ----------------------------------------------------------------------------
ts@uwasa.fi (Timo Salmi) (10/27/90)
In article <6868@castle.ed.ac.uk> own@castle.ed.ac.uk (O Morgan) writes: > I'd like to know peoples opinions about how 'hygienic' it is to > download files from c.b.i.p. (and Ftp sites such as Simtel & chyde.fi). I'll give some information on this from a moderator's point of view. The official stand is the following directly from one of our file lists: No liability is accepted for the consequences of using, or the inability to use, any of these files. No absolute guarantees are given that these programs are clean from nasties, although none have been in evidence. Please duly observe shareware rules wherever indicated. > This is mainly due to colleagues feeeling uneasy at the ammount > of external programs I am downloading for evaluation, and I would like > to know if there is justification for quaranteening my machine. There are no absolute guarantees _whatever_ your sources are. There have even been cases of contaminated commercial products. So your colleagues' safety will never be a 100 per cent whether you keep on downloading or not. At worst you can even catch a virus if you buy a new machine (this has been known to happen). On the other hand, the scare should not be exaggerated. But there is NO damage done if you separate your machine from the rest and having two or three good virus testers. I have one small additional trick up in my sleeve. Put my dtetimal.exe in your autoexec.bat. If dtetimal gets contaminated, it will loudly inform you of the fact. Dtetimal is part of my /pc/ts/tsutil30.arc package at uwasa.fi archives. Also use /pc/pd2/chksum.zip to always check at least your io.sys, msdos.sys, and command.com at boot time. You have a better chance of being alerted if you use these measures. > My feeling is that since these programs are tested and moderated, then > any virus/trojans will have manifested itself before being posted, > (unless it's a delayed action one, using a mechanism that is not catered > for by the antiviral programs?). Not quite. Your picture is a too complacent. We try to test (both the programs per se and their cleanness), but not each and every program is tested individually without fail. > Also, for shareware, since the developper has to identify himself in > order to receive subscriptions, it would seem illogical to include > programs with harmful side effects - then again you never know. This is a slightly different subject. Here we should talk separately of viruses, trojans, and unintentional harmful programming errors, but that would go better under the moderated comp.virus newsgroup. P.S. Damn, I think I'm catching a virus in the original sense of the word. ..... Sneeze! Where the heck are my tissues? :-( ................................................................... Prof. Timo Salmi (Moderating at anon. ftp site 128.214.12.3) School of Business Studies, University of Vaasa, SF-65101, Finland Internet: ts@chyde.uwasa.fi Funet: gado::salmi Bitnet: salmi@finfun
otto@tukki.jyu.fi (Otto J. Makela) (10/27/90)
In article <1990Oct26.193015.1141@uwasa.fi> ts@uwasa.fi (Timo Salmi) writes:
[...]
P.S. Damn, I think I'm catching a virus in the original sense of the
word. ..... Sneeze! Where the heck are my tissues? :-(
You probably left them at the organ bank...
;->
--
/* * * Otto J. Makela <otto@jyu.fi> * * * * * * * * * * * * * * * * * * */
/* Phone: +358 41 613 847, BBS: +358 41 211 562 (CCITT, Bell 24/12/300) */
/* Mail: Kauppakatu 1 B 18, SF-40100 Jyvaskyla, Finland, EUROPE */
/* * * Computers Rule 01001111 01001011 * * * * * * * * * * * * * * * * */
frisk@rhi.hi.is (Fridrik Skulason) (10/30/90)
In article <1990Oct26.193015.1141@uwasa.fi> ts@uwasa.fi (Timo Salmi) writes: >Put my dtetimal.exe in your >autoexec.bat. If dtetimal gets contaminated, it will loudly inform >you of the fact. Dtetimal is part of my /pc/ts/tsutil30.arc package >at uwasa.fi archives. Sorry...It will not work in all cases...not with some of the latest "stealth" type viruses, that is. In that case the program will appear unchanged, if the virus is active when it is executed. -frisk -- Fridrik Skulason University of Iceland | Technical Editor of the Virus Bulletin (UK) | Reserved for future expansion E-Mail: frisk@rhi.hi.is Fax: 354-1-28801 |