JFORD@UA1VM.BITNET (James Ford) (11/08/90)
Got some comments/questions that maybe some of you can help with.
Ross: Do the antiviral sites that carry FSP need to send a registration/
distribution form in? I wouldn't think so, but decided to get it
straight from you. Also, what is the latest version out?
General: I have a file called VIKIT404.ZIP, which seems to be some sort
of antiviral software. However, the docs are in Italian. Does
anyone know the file and/or care to translate the docs? I do not
want to place it on MIBSRV until I know something more about it.
Interested? Email me direct.
Stoned has made its way to Tuscaloosa Alabama. It has been found
on two floppies and 4 hard drives (that I know of).
- ----------
Life is what goes by while you are watching television.
- ----------
James Ford - JFORD@UA1VM.BITNET, JFORD@MIBSRV.MIB.ENG.UA.EDU
THE University of Alabama (in Tuscaloosa, Alabama USA)padgett%tccslr.dnet@uvs1.orl.mmc.com (Padgett Peterson) (01/03/91)
Note: Thanks to flakey routing have missed posts 194-203. Apolgise
for not responding to comments in the interim. Happy Christmas.
>From: jmolini@nasamail.nasa.gov (James E. Molini)
>From what I have seen over the years, anyone who ever loaded a key
>into a piece of crypto gear has called themselves a Computer Security
>Expert at one time or another...
>So what does it take to be competitive in this field? It takes at
>least a bachelor's degree in Computer Science and a strong background
>generally in security.
Am reminded of the quip attributed to Mozart about what it took to
write an opera. When given an answer that would require the better
part of thiry years, the inquirer said "But Herr Mozart, you wrote
your first opera at sixteen." to which the composer replied, "Ah yes,
but I did not have to ask."
Having cut many a KG-13/KY-26 card & possessing an ME degree (from
GMI), this would place me in the first category, however, I did not
ask anyone (besides, who could you ask in 1966 ?) & feel there is a
point that needs to be made. At present, there are really two
different computer security fields: the first which Mr. Molini appears
to address is the traditional multi-user mainframe which has access
control as its primary requirement and provides insulation between
users and applications. In most cases the user has neither concern nor
care where WordPerfect resides, the system managers take care of this.
PCs are another story altogether.
Here there is no access control or partitioning other than a pseudo
one. The user and any application called can do anything it/he/she
wants. There is no RACF or CA/Top Secret and no user/kernel
separation. Since mainframe manufacturers make the innards of the O/S
a secret from the general public, often just a good knowlege of the
package in use is all that is necessary. (Though RACF is the only
security system I know of that will tell you where its holes are and
not trigger a violation for asking.)
To de-virus a PC (not just using CLEAN), the technician must
understand the iapx80X86 machine code at hex and assembly language,
operation of the BIOS, and the steps of loading a PC. Obviously the
writers of JOSHI had some coaching on this as the first level mistakes
are not made. These are entirely different skills than are generally
needed on a mainframe. I know of few places outside of defense
contractors where computer architecturists are still being utilized
(and to anyone who has ever been stuck with making a
Mil-Std-1750A/Jovial system work, my condolences but you probably have
the right skills.)
The biggest difference even with a unix environment is that in the PC
(and the MAC) environment things happen at such a low level that
little information is available (other than in fifty or sixty feet of
books at BookStop) and few bother to read it (did my bibliogaphy of a
few issues ago get posted ?)
Just for an example, many readers of Virus-L use VAXes (my favorite
PC) but how many know CHME, CHMK, & CHMS ? Its just not necessary
unlike REPNZ MOVSW or LODSB/STOSB that should throw up warning flags
to an observer in a PC.
The point is that these are just not skills that are taught anywhere
that I know of (possibly, I'll be pleasently surprised as when several
people reported that Logic is still taught in a few institutions)
>I have to read Virus-L at home because I
>have a "real" computer security job to go to every morning. I am not
>alone in this respect. Most companies don't realize the amount of
>"phantom dollars" they are spending on viruses today. When they do,
>we'll see a much more effective response to this problem.
Exactly ! Perhaps the problem is that management expects miracles
because we keep delivering them. In any event, I expect that nothing
much will happen until the lawyers get into the act with some massive
"negligence" suits from either stockholders of attacked companies or
customers who suffer loss. The the Snake-Oil salesmen will really
decend upon us.
Enough,
Padgett
These opinions are free and worth what you paid for them.