p1@arkham.wimsey.bc.ca (Rob Slade) (05/07/91)
Monday, May 6, 1991
Open letter to:
Editor, The Sun
Vancouver, BC
V6H 3G2
Dear Sir:
It is with considerable dismay that I read your reprint of the
Canadian Press article on computer viral programs ("A Plague on the
Government", High Tech, Wednesday, May 1st, 1991.) Although it is
somewhat encouraging to see that the growing problem is receiving some
coverage, I find it disheartening that the media is still mixing up
information from various data security problems and failing to
accurately inform the public.
The first problem is that of suggesting the problem is limited to the
government. While government computers are being hit (and my own
experience in government offices indicates that the figures published
are at least an order fo magnitude too low), private companies and
individuals are suffering as well. Certus International, a company
specialising in antiviral and disk recovery programs, recently
published a study in which 26% of responding corporations admitted to
having been hit with a computer viral "infection" in January of 1991
alone. The study also indicates that the problem is growing at a rate
of 160% per quarter. This suggests that by the end of this year,
almost all large companies can expect to be hit with at least one
infection every month.
The second problem is the sandwiching of paragraphs describing
attempts by outsiders to access government mainframe computers between
descriptions of the actions of microcomputer viral attacks. The
structure of the article implies a relation between the "crackers" who
are trying to break into computers through "public access" ports and
links through "wide area networks" and the action of computer viral
programs, most of which are only intended to spread as widely as
possible through the microcomputer community. While the former are of
concern only to large corporations, government and military, the
latter can affect anyone who uses a microcomputer.
The third problem is the poor description of the viral programs
themselves. What is the meaning of the statement that the "Eddie"
("Dark Avenger" is somewhat of a misnomer, being the name of the
author, who has written a number of other viral programs) virus
"attacks a system's main storage area"? It is true that the virus
will, on occasion, overwrite random sectors on the hard disk of an
infected microcomputer, and possibly corrupt files. Or the statement
about the "so-called Stoned virus which destroys data." Why
"so-called"? The Stoned virus, which is currently far and away the
most common virus in North America, causes the least debate about its
name, and any destruction of data it causes is unintentional and
strictly limited to individual and special types of disks.
Comuter viral programs are certainly not the end of computers, as some
have reported, but they definitely do exist. Viral programs present
some risk to microcomputer users of all backgrounds, particularly when
so few among the general population are well enough informed to take
appropriate precautions. The problem of "viral illiteracy" is a
matter of computer "public health". In the same way that healthy
people are at greater risk when the general population is full of
diseased "carriers", the average or even well-informed computer user
stands a greater chance of being infected if most computer users
around the individual may be infected and not know it.
Unfortunately, even the computer trade media is poorly informed on
this issue. Lat year Computing Canada reported a story about a
sophisticated extortion attempt that made use of a "trojan horse"
program which pretended to be an AIDS information program while
actually setting your system up to be "encrypted" in such a way that
you would have to call upon the author's services. While there was
never any indication that the program would reporduce itself in any
way, it was reported as a virus, thus supporting the general myth that
any type of computer problem is a virus.
Because correct information is so rare, myths about viral programs
abound. One is that viral programs only come from "pirate" software,
another that those who use only "commercial" software are safe.
(Unfortunately, we have all to many examples of retailers, and even
commercial software authors, distributing infected software.)
Electronic bulletin board systems are often seen as a source
(unlikely) and, astonishingly, many believe that the use of a modem
itself is a means of infection (technically impossible.)
I wish to commend you on extending coverage of this important topic,
but fervently hope that in future the information provided is more
accurate.
=============
Vancouver p1@arkham.wimsey.bc.ca | "If you do buy a
Institute for Robert_Slade@mtsg.sfu.ca | computer, don't
Research into (SUZY) INtegrity | turn it on."
User Canada V7K 2G6 | Richards' 2nd Law
Security | of Data Security