71435.1777@CompuServe.COM (Bob Bosen) (12/06/90)
In volume 191, Fridrik Skulason says: >The problem with CLEAN (as well as my own, and all other disinfection >programs) is that all the above viruses may corrupt the file they >infect, making disinfection impossible... ...Worse still, occasionally >.... this corruption cannot be detected by the disinfection software. >Therefore, it is safer not to disinfect, but to replace with >originals, when you are dealing with a Jerusalem-family virus. The >disinfection works in 99% of cases, restoring the program almost to >its original state, although the checksum in the header is usually >wrong afterwards. Although I agree with all of the above, I would like to try to illuminate this issue from a different perspective. Two additional, serious problems arise from choosing a "disinfection" approach instead of restoring from backups: 1- It tends to encourage poor computing practice by advancing the misperception that diligent and orderly backup and restoral procedures are not necessary. 2- It damages the accountability of the software vendor. If the software has a bug that causes problems for the user, the vendor will be able to dodge responsibility and place the burden of proof on the user if he can demonstrate that the software was modified by the disinfection process. A simple checksum test will reveal modification and place the presumption of blame on the user. Restoration from known good backups always works. It is consistent with good computing practice. And it does not complicate the issue of responsibility. Bob Bosen Enigma Logic Inc. 2151 Salvio Street Concord, California 94520 USA tel: (415) 827-5707 FAX: (415) 827-2593 Internet: 71435.1777@COMPUSERVE.COM