S10891KH@SEMASSU.BITNET (Thank you matchline) (04/09/90)
The following is an excerpt of a letter sent to John Norstadt, Author of disinfectant and may be of interest to anyone who uses gatekeeper ____________________________________________________________________ SMU, 9-APR-1990 John, I'm sending this to you because I think it may be of interest. I just downloaded gatekeeper 1.1.1 off the rice archives and was in the process of evaluating its performance against scores, nVir and WDEF. Immediately I found a problem. When starting up an application already infected with scores (on a floppy) gatekeeper announced 3 times that the virus was attempting to infect the application and its attempt was 'vetoed' Great so far. However, after that initial warnining I waited about 10 minutes and then checked on the process of the attempted infection. By that time, pyro had come on and nothing was any different BUT when I checked the system folder the notepad file and scrapbook files had the 'dogeared page' icon. I ran disinfectant 1.6 and guess what the system was infected as well as the desktop, clipboard and scrapbook. It seems that gatekeeper only partly protects from scores attacks. And worse yet disinfectant had to be run twice to completely remove all bits and pieces of scores. - Zav