IA88@PACE.BITNET (IA88000) (02/22/90)
Last night someone upload scanv58.zip to my bbs which contained a different version of validate by another author. The program clearly states the author's name and the documentation clearly indicates it was not written by McAfee and Associates. I carefully unzipped the files and checked them all for virus and/or trojan infections. THERE WERE NO VIRUS REPORTED! Just to be safe, I used SOURCER to check VALIDATE and there were NO suspicious or dangerous routines in the program. It does exactly what it claims to do, that is it opens a file, reads the file a block at a time, and generates four CRC's for the file. I ran it and it runs fine. Absolutely no problem whatsoever!In fact it seems to be slightly faster than McAfee's validate.com and it generates four CRC's instead of two.In the documentation the author claims to use proprietary forumlas for generating the CRC's. Today, I get a message in VALERT about this program. According to Mr. McAfee, it is bogus and supposedly damaging systems. Nothing could be further from the truth! The VALIDATE.EXE does one thing which it is obvious Mr. McAfee does not like. That is (in my opinion) that it leaves his version of validate in the dust. Mr. McAfee negelected to mention that in the documentation it appears there is a question as to who owns the rights to the name VALIDATE. I called HOMEBASE and downloaded the real scanv58 and with the exception of the different validate.doc and validate.com found the other files to be exactly IDENTICAL. This being the case it seems to me that Mr. McAfee is complaining over nothing. The version of SCAN is correct and is not damaged or changed in any way. It seems to me that the author just deleted Mr. McAfee's version of validate and included his own in the archive file. It appears no changes were made to SCAN and as such I don't see what McAfee is complaining about, unless he is attempting to claim a copyright on the contents and/or makeup of the scanv58 archive file? The only thing bogus about this whole matter is the fact that McAfee sent out a VALERT notice about it. Especially since he claims that validate was uploaded to HOMEBASE several days ago and he had plenty of time (so it appears) to make comments before this. In my opinion the author of validate has done the community a favor by replacing the program in the archive file with one that appears to do a better job. As far as the program names are concerned, so what? I checked over five different copies of McAfees validate and none of them mention that he has a trademark on the name validate. The validate.exe does have a trademark notice, and as such that should be the one and only program to use the name validate. If mcafee can provide absolute proof that validate.exe damages systems as he claimed in valert, let him do so by producing the source code to prove his claim. As I mentioned earlier SOURCER was used to disassemble the validate.exe and there is no evidence of any code which could damage a system. In fact the only code which accesses the disk opens the file for READ and then closes it at the end of the program. The only memory accesses appear to be a large numeric array set up to read the file into and the code which reads the array and generates the CRC's. There is nothing dangerous in this program whatsoever (in my opinion). I also read the documentation and the alleged author's name is clearly there, as well as complete information on the validate.exe program. It appears to be a shareware program and clearly states this when you run the program. Due to the differences in the disassembly between the two versions of validate, they are obviously written in two different languages. IN other words VALIDATE.EXE appears to be a totally different program from validate.com. It does not appear to be a hack of mcafee's version it appears to be a totally different program. As such I for one will continue to use the new version of validate, and thank the author for supplying it in a rather unorthodox manner. I also feel that Mr. McAfee was in my opinion wrong in using valert to knock a another's product without justification. VALERT is ONLY supposed to be used (as I read the instructions) to notify the community of a trojan or a virus. Nothing, repeat nothing in the scanv58 archive file I received meets that criteria! His scan program was not modified or changed in any way, shape or form! If every author launched a valert notice every time an archive file had files added or deleted all we would ever read would be valert notices. ************************** DISCLAIMER *************************** The opinions expressed herein are my own. I speak for myself and I do not represent any other person, company or educational institution. ************************** DISCLAIMER ***************************