ms@pogo.ai.mit.edu (Morgan Schweers) (03/01/91)
Introductory Note: The opinions stated here are mine, as a programmer
working in the field of anti-viral software. They
do not in any case represent the opinions of McAfee
Associates.
Greetings,
In regards to the bugs reported in SCAN V74 and 74B, they have been
repaired since, and the new version (V75) is available. The programmer
responsible has since been flayed. :-)
I recieved an interesting spate of mail from folks who purported to be
aware of some secret conspiracy to create a high-memory virus. Frankly,
I find it unfortunate that there are some people out there who know WHO
virus writers are, and are unwilling to expose them. It shows a certain
irresponsibility and a degree of acceptance of what is being done.
It bothers me, as a programmer, when a person sends me a virus
and STATE that it will never show up in the public domain. Further,
when *ONE* person is the link to a virus writer (or writers) it is
even more irksome to know that they are under no obligation to expose
the authors of this code.
It has been suggested to me by one nameless individual that they are,
'only interested in new and unusual techniques of viruses.' The major
problem is that this person has been the *SOLE DISTRIBUTOR* of a
virus which he claimed used an unusual technique. He is possibly
soon to be the sole distributor of another. This appears to be an
encouragement of these virus writers. It also appears to be an ego
boost for the individual in particular, since they seem to wish the anti-
viral workers to waste time on these viruses.
Frankly, research viruses in general are a Bad Thing, IMHO. What
need do we have for supposed researchers writing viruses and
distributing them all over? The virus authors are annoying enough on
their own without contributions from the AV community.
One of the major problems that I see is this: the anti-viral
community treats as commonplace and acceptable the writing of
'research viruses.' Perhaps it's merely the silence of the people
which leads me to believe this. Perhaps all the other AV people
believe that they are Bad Things also. Speak up. I'd like to hear
your opinions. Respond if you do or don't think that RV's should be
condoned. Tell me why. I'll concatenate it all and put it all up to the
moderator, if he's interested. (If he's not, I'm sure he'll tell me.
I'd like to know anyway.)
I'd like to hear opinions (and I'm sure I will, this *IS* Usenet
after all... ;-) ) on this issue.
On a more serious note, th Swedish virus has been eliminated and
subsumed into the Stoned Virus general description. (It is sufficiently
similar to not warrant a different name.)
Further, the following viruses are new to V75:
Cancer (.COM), V-299 (.COM), Phantom (.COM), V-555 (.COM/.EXE), Lazy (.COM)
and Yap. The bigger-than-512 byte partition table problem, and the false
alarms have been dealt with.
-- Morgan
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| I don't *KNOW* what my employers opinions are, so I can't |
| possibly reflect them here. -- ms@albert.ai.mit.edu |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+