XPUM04@prime-a.central-services.umist.ac.uk (Anthony Appleyard) (04/12/91)
In Virus-L vol4 #059 sharp@mizar.usc.edu (Malcolm Sharp) wrote:-
Subject: AF/91 - John Gantz "joke" in Infoworld
In the April 1, 1991 issue of Infoworld, John Gantz in his column "Tech
Street" warned of a virus called "AF/91" which he said was developed by the
NSA to be used against Iraqi defense computers. After describing the virus
and telling that it started spreading uncontrolled, he told that windowing
technology was "doomed." In the same issue, columnist Robert Cringely
discussed Windows 3.0 vulnerability to viruses saying it "has lots of holes
for custom viruses to slip through."
In the April 8 issue, Mr. Gantz's column begins with a note from the
Editors saying AF/91 was all an April Fools joke. I'm not laughing. I'm
searching for the adjectives to describe this irresponsible act. Anyone
else spend time investigating this virus from the 4/1 columns? I'm
*seriously* considering a class action suit for compensatory (small $) and
punitive (BIG $$$) damages. Interested in hearing from others.
........................................
In Virus-L vol4 #606 johnboyd@logdis1.oc.aflc.af.mil (John Boyd;CRENP)
Subject: Re: AF/91 - John Gantz joke in Infoworld
wrote to say "can't you take a joke?".
........................................
In reply to these, I say this. Jokes can only be allowed to go so far. Too
often people try to cap each other's jokes and go too far and cause much
unfunny nuisance. Ref what someone in my scubadiving club said after a bout
of trouble: "Practical jokes: they occur in the Army, and sooner or later
[they lead to] violence.". April Foolism, in the computer virus field as
elsewhere, like other hoaxes, waste time and attention; they cause
annoyance; much time can be wasted; people miss things and drive miles and
raise alerts. OK, if carefully read the hoax is clear. But busy people
haven't always got the time and attention to spare to study everything in
depth. Ref e.g. the amount of hoaxes that are believed despite including
the giveaway supposed name "Lirpa Loof". And serious matter does arise on
April 1st as on other days. On April 1st computer users have enough extra
to cope with having to beware of the various viruses and logic bombs etc
that silly other people set to 'go off' on April 1st. And serious messages
published on April 1st are sometimes taken as hoaxes. Enough nuisance. (One
common example is joke April 1st messages such as "Ring Mr.C.Lion" and
"Ring Mr.L.E.Fant" and "Ring Mr.G.Raff" etc, and the phone number given is
a zoo's. Not very funny for switchboard girls at zoos getting thousands of
junk phone calls every April 1st on top of their usual work, and zoos'
switchboards are blocked, unfunny nuisance unlimited.) Responsible editors
should exclude hoaxes on April 1st as on other days, and take the usual
action against the authors of any that get part them into reputable print.
........................................
PS. Was Robert Cringely's article about Windows 3.0 serious or a hoax?
........................................
{A.Appleyard} (email: APPLEYARD@UK.AC.UMIST), Fri, 12 Apr 91 09:02:12 BSTviki@crash.cts.com (Victoria Harkey) (04/17/91)
The problem with the joke is that I did run across a trojan horse that did activate on 4/1. If the system clock was reset to a date prior to 4/1, no music played when the infected files were accessed... however, any date =>4/1 caused numerous songs. It was not benign.. In trying to trap and eradicate the virus, it hit the File Allocation Table and wiped out all access to the drive. They were using DOS 4.01, and my software tools couldn't salvage the disk. I've devirused a number of systems and networks; this little sucker was not a joking matter. Victoria Harkey Certified NetWare Engineer
pjc@sirius.melb.bull.oz.au (Paul Carapetis) (04/18/91)
> Date: Fri, 12 Apr 91 09:46:16 +0100 > From: Anthony Appleyard <XPUM04@prime-a.central-services.umist.ac.uk> > > In reply to these, I say this. Jokes can only be allowed to go so far. Too > often people try to cap each other's jokes and go too far and cause much > unfunny nuisance. Ref what someone in my scubadiving club said after a bout I agree that there should be a limit to "jokes" but it seems to me that such articles are easily spotted if read in full and have their own merit in the form of some relief from the serious and morbid atmospheres in this industry with a small light-hearted beam of joviality! I don't know about you, but I don't belive anything written in journals, magazines, newspapers etc. without confirmation from a reliable source (none of the previous fit into this category, IMHO). To go off in a big flap over an obvious april fools joke is a sign that a holiday/vacation should be the next course of action. Have a laugh - you'd be surprised how good it can make you feel! Yours with a smile :-) Paul | Paul Carapetis, Software Advisor (Unix, DOS) | Phone: 61 3 4200944 | | Melbourne Development Centre | Fax: 61 3 4200445 | | Bull HN Information Systems Australia Pty Ltd |-------------------------| | Internet: pjc@melb.bull.oz.au | What's said here is my | | ACSnet : pjc@bull.oz | opinion (so I am told!) |
jkp@cs.HUT.FI (Jyrki Kuoppala) (04/18/91)
[ someone writes lots of babbling about lawsuits and such for an april fools joke ] If people lack knowledge about the things they're reading and in general take everything they read from newspapers as the Truth without checking it first with someone competent enough to know what's it all about, in my opinion they deserve all what they get. You're in much more trouble than some lost time if you blindly believe anything you happen to read in a publication. It seems to me that especially in the computer virus field the lack of knowledge about computer security in general is often exploited by various venturers. Sure, there's nothing inherently wrong with wasting your money spending it on various virus detection programs, populist books and such. Computer viruses in themselves are not a big problem. The big problem is persons with no knowledge of the risks involved and no proper training and/or usage policies using computer systems with nil (or worse, security-by-obscurity ones) operating system and application program access controls, with the programs often written by persons with equal lack of knowlegde. Add to that the lack of source code and then even if the users were competent enough they couldn't find or fix the holes and lacks of controls. //Jyrki
dank@stealth.usc.edu (Dan King) (04/20/91)
jkp@cs.HUT.FI (Jyrki Kuoppala) writes: |> [ someone writes lots of babbling about lawsuits and such for an april |> fools joke ] |> |> If people lack knowledge about the things they're reading and in |> general take everything they read from newspapers as the Truth without |> checking it first with someone competent enough to know what's it all |> about, in my opinion they deserve all what they get. I agree, this is perhaps the most important point that needs to be made here. If you read an article in a newspaper (even a normally reputable one) about a new bullet the military had invented that flew around corners and waited in dark alleys before striking its target, you might want to do a little followup before getting upset. More so if the article ran on April 1st. |> You're in much more trouble than some lost time if you blindly believe |> anything you happen to read in a publication. Exactly. |> It seems to me that especially in the computer virus field the lack of |> knowledge about computer security in general is often exploited by |> various venturers. Sure, there's nothing inherently wrong with |> wasting your money spending it on various virus detection programs, |> populist books and such. Now I began to question Mr (? I may be mistaken, my apologies if you are actually Ms) Kuoppala. |> Computer viruses in themselves are not a big problem. The big problem |> is persons with no knowledge of the risks involved and no proper |> training and/or usage policies using computer systems with nil (or |> worse, security-by-obscurity ones) operating system and application |> program access controls, with the programs often written by persons |> with equal lack of knowlegde. Add to that the lack of source code and |> then even if the users were competent enough they couldn't find or fix |> the holes and lacks of controls. Hold it. Wrong. Dead wrong. Computer viruses are a HUGE problem for anyone who is even remotely connected with the maintenance of a significant number of computers. Ask someone who's home system has just had its HD partition destroyed by a virus. Ask someone who is ready to go back to a typewriter because their new, spiffy Mac IIci crashes at application launches due to WDEF. Sure, if everyone was a super-hacker then viruses would have a much harder time spreading. Of course, viruses would probably be much better at hiding themselves. Proper "usage policies"? Pray tell, what are these? We could set up fascist-like user rooms where users can only submit batch jobs and never touch the computers, but we'd get less accomplished that way. Including source code with every program would help eliminate viruses, but forgive me if I only pay attention to realistic options. Likewise running only programs not written by "persons with an equal lack of knowledge". Whatever that means. Viruses are a problem. A big one. Are they're going to get worse. Come on, don't pick on the users. Attack, instead, the virus authors. If these people would write useful code instead of malignant code, then life would be grand. Time to get off my soapbox, I guess. |> //Jyrki dank
padgett%tccslr.dnet@uvs1.orl.mmc.com (A. Padgett Peterson) (04/23/91)
>From: dank@stealth.usc.edu (Dan King) >Viruses are a problem. A big one. Are they're going to get worse. >Come on, don't pick on the users. Attack, instead, the virus authors. The real problem is that MS-DOS, like the Mac OS, has NO integrity checking and that viruses are remarkably easy to write. It would be easy to legislate viruses out of existance except that it is difficult to arrest a virus. Laws are only effective as a remedy after the fact, most people are more concerned with not being infected in the firstc place. >From: keir@vms.macc.wisc.edu (Rick Keir, MACC) >You HAVE to be vigilant because there are many REAL viruses out there. This is the only effective procedure. If it places too heavy a burden on the users than it is up to technology to determine an acceptable solution. As in many areas of social intercourse, nothing is no longer acceptable. From one standpoint, we have been very lucky to have been stuck by so many inept and essentially benign viruses over the last few years. This has given up an effective learning period where ignorance was both the norm and curable. Today, things are quite different. The writers of viruses have been learning at the same time we have and Windows/DOS 5 provide more opportunities for intrusion (actually many of these "holes" have existed since DOS 3.0 in 1984, jut had not been exploited). To those who have been paying attention, it should be obvious that protection layered on to of DOS is no longer sufficient, integrity management must (and can easily) start at the BIOS level. The fact that so many current viruses do so (Stoned, Joshi, MusicBug, Empire, etc) should be evidence enough.
jkp@cs.HUT.FI (Jyrki Kuoppala) (04/23/91)
dank@stealth (Dan King) writes: >|> It seems to me that especially in the computer virus field the lack of >|> knowledge about computer security in general is often exploited by >|> various venturers. Sure, there's nothing inherently wrong with >|> wasting your money spending it on various virus detection programs, >|> populist books and such. > >Now I began to question Mr (? I may be mistaken, my apologies if you >are actually Ms) Kuoppala. Well, that's overgeneralizing things a lot, I admit. Just say Jyrki as the net habit seems to be, no need to Mr. (that's the correct one) me. >|> Computer viruses in themselves are not a big problem. The big problem >|> is persons with no knowledge of the risks involved and no proper >|> training and/or usage policies using computer systems with nil (or >|> worse, security-by-obscurity ones) operating system and application >|> program access controls, with the programs often written by persons >|> with equal lack of knowlegde. Add to that the lack of source code and >|> then even if the users were competent enough they couldn't find or fix >|> the holes and lacks of controls. > >Hold it. Wrong. Dead wrong. Computer viruses are a HUGE problem for >anyone who is even remotely connected with the maintenance of a >significant number of computers. Ask someone who's home system has >just had its HD partition destroyed by a virus. Ask someone who is >ready to go back to a typewriter because their new, spiffy Mac IIci >crashes at application launches due to WDEF. Yes, you are somewhat correct about the present situation - I was unclear in what I was trying to say, although I would still say that the problem would be a lot less serious if the users had habits of not booting from every other floppy and using floppies borrowed from a neighbour. What I really should have pointed out is that computer viruses wouldn't be a serious problem if the commonly-used operating systems had even some decent protection mechanisms provided by the operating system. By 'commonly-used OSs' I'm now referreing to MacOS (whatever that's really called) and MS-DOS. Viruses are not a serious problem on Unix or VMS or VM/something, because the OS provides at least some minimum access control mechanisms. >Proper "usage policies"? Pray tell, >what are these? We could set up fascist-like user rooms where users >can only submit batch jobs and never touch the computers, but we'd get >less accomplished that way. It helps not to boot from friends' floppies, only install programs to your computer from reliable sources like known vendors and free software distributors, distribute the installable programs in write-protected disks, scan the programs you install with some virus detector and some other simple precautions. If you do the above, viruses won't get to your system very often, and it doesn't seem to make life much more difficult. >Including source code with every program would help eliminate viruses, >but forgive me if I only pay attention to realistic options. Well, dunno, I have source source code to every program I run on my home system and every part of the system, even the ROM monitor and the PCB. Oh, not every part exactly, I don't have the source code to the chips (like the processor), there might be some trojans hidden there.. >Likewise >running only programs not written by "persons with an equal lack of >knowledge". Whatever that means. It means something like running an OS whose designers had enough common sense and expertise to put at least some most basic access control mechanisms in the OS. Same goes for applications. //Jyrki
padgett%tccslr.dnet@uvs1.orl.mmc.com (A. Padgett Peterson) (04/24/91)
>From: jkp@cs.HUT.FI (Jyrki Kuoppala) >What I really should have pointed out is that computer viruses wouldn't >be a serious problem if the commonly-used operating systems had even >some decent protection mechanisms provided by the operating system. Exactly. MS-DOS has zero integrity checking and access control. This includes the beta and release 5.00 versions. However, wishing for something different (like unix) is not going to help the bulk of the people. Controls can be added (after all, a PC is a fully functioning computer before DOS is loaded), but to do so while allowing the incredible installed base of MS-DOS applications to run (not to mention some of the odder BIUOSes) as users expect is somewhat more difficult. Until MicroSoft decides to ad at least minimal integrity checking to the OS, life will remain difficult (but not impossible). >I have source source code to every program I run on my >home system and every part of the system, even the ROM monitor and the >PCB. Really ? Where do you find room for it ? Just my 386 BIOS is nearly a meg and a half of ASCII (20,000+ lines) and is less than 64k of binaries. I shudder to think how big the 4+ Mb of WordStar 5.5 would be.
Era.Eriksson@f59.n220.z2.FIDONET.ORG (Era Eriksson) (04/25/91)
* Quoting dank@stealth.usc.edu (Dan King) to jkp@cs.HUT.FI (Jyrki Kuoppala): > Come on, don't pick on the users. Attack, instead, the virus authors. > If these people would write useful code instead of malignant code, > then life would be grand. I've been following this thread from the beginning, and I actually don't have anything to add. Just wish to point out that REAL programmers, APPLICATION programmers, have a huge responsibility for system security. Somebody mentioned MS Word as an example of a program which overwrites its own code occasionally. Your mistake, I say. Don't buy a word processor from the company which produced the insecure operating system we're talking about if you're concerned about viruses and security in general. ;-) LAN operators should be particularly picky about the programs they choose to offer the users. If a program can't behave, scratch it! There are going to be virus attacks on any LAN at one time or another, so be prepared. /* era */ era@f59.n220.z2.fidonet.org If you want to see a disclaimer, that can be arranged. - -- Era Eriksson - via FidoNet node 2:220/801 UUCP: ...!fuug!casino!59!Era.Eriksson INTERNET: Era.Eriksson@f59.n220.z2.FIDONET.ORG