Jeff_Spitulnik@um.cc.umich.edu (01/05/90)
I write this commentary on ethical issues concerning the dissemination of information about the existence of viruses and how to get rid of them as both an employee of the University of Michigan and as a concerned member of the UM community. The following scenario describes the events leading up to my questioning the ethicality of the procedures (or more appropriately, the lack of procedures) here. Finally, I ask for comments and suggestions (e.g. how informing the public is done at your institution) with hopes that the UM policy makers are listening. I recently joined the ranks of the many computer experts employed at the University of Michigan. About 1 month after I started working here, I became familiar enough with downloading Mac files from a public file to notice that there was a new version of Disinfectant. I downloaded it and noticed the report of the WDEF virus. I checked my personal disks as well as the school owned disks in my public lab --- all were infected with the WDEF virus. I sent an e-mail message to the online_help people (most of which are student "consultants"), asking them what was to be done. It was apparent from the response, that the virus had been here such a short time (a few days?) that no one was doing anything yet. I expected a public announcement of some sort informing users that they may be infected and that they run the risk of being infected when they use the UM public facilities. No announcement was made. Furthermore, as a specialist employed to preside over a public computing facility (most of the computers are Macs), I expected to be both informed that there was a new virus as well as instructed what to do about it I heard nothing. Two weeks after the WDEF virus hit UM, most users were still not aware of it. I sent an e-mail message to my most immediate contact in the Information Technology Division expressing my concerns. "Shouldn't the public be informed," I asked. I expected a response from him and hoped that he would forward the message on to the appropriate policy makers if he was not in the position to deal with it himself. I have not received a response to my message nor have I heard any public mention of the WDEF virus. Users continue to infect the disks in my lab and be infected by the disks in my lab and, as far as I know, other public facilities at the Universtiy of Michigan. The virus persists here. What should be done to rid UM of the WDEF virus or of any virus for that matter? How does the bureaucracy at your institution handle it? I question the ethicality of a laissez-faire attitude on viruses at any institution. Jeff Spitulnik
MCMAHON@GRIN1.BITNET (McMahon,Brian D) (01/09/90)
Jeff_Spitulnik@um.cc.umich.edu tells us of inaction at his institution upon discovery of a widespread WDEF infestation, and asks: > What should be done to rid UM of the WDEF virus or of any virus for >that matter? How does the bureaucracy at your institution handle it? >I question the ethicality of a laissez-faire attitude on viruses at >any institution. While I am unfamiliar with the bureaucracy at U. Mich., it certainly appears to me that Jeff has made a reasonable, good-faith effort to gain attention through the usual channels, and has been stone-walled. Rather than speculating as to why, the first priority should be to protect users from further damage. You need a campaign of public education, and you need it yesterday. I would suggest starting with the student consultants you mentioned in as online_help receivers. Give them the tools to detect, remove, and prevent WDEF (Disinfectant 1.5 with either GateKeeper Aid 1.0.1 or Eradicat'Em 1.0) and have them put the word out. If there is another staffer who is responsible for the students, it may be advisable to go through him first. Logon messages, signs in public Mac labs, and newsletter articles are other possible channels. Be sure to emphasize that there's no immediate cause for panic, only prudence. As for the ethical question ... In my personal opinion, KNOWINGLY allowing unsuspecting users to contract infections is EXTREMELY irresponsible. The question is, is the threat really "known" to the bureaucracy, or is this a case of "not my department?" If you have a co-ordinator of micro labs (or some such position), I might suggest a review of anti-viral procedures ... Brian McMahon <MCMAHON@GRIN1> Programmer Grinnell College Grinnell, Iowa 50112 (515) 269-4901 My own opinions, of course . . .
sfalken@mondo.engin.umich.edu (Steven Falkenburg) (01/11/90)
Jeff_Spitulnik@um.cc.umich.edu writes: [stuff deleted] >It was apparent from the response, >that the virus had been here such a short time (a few days?) that no >one was doing anything yet. I expected a public announcement of some >sort informing users that they may be infected and that they run the >risk of being infected when they use the UM public facilities. No >announcement was made. Furthermore, as a specialist employed to >preside over a public computing facility (most of the computers are >Macs), I expected to be both informed that there was a new virus as >well as instructed what to do about it I heard nothing. Two weeks >after the WDEF virus hit UM, most users were still not aware of it. I >would forward the message on to the appropriate policy makers if he >was not in the position to deal with it himself. I have not received >a response to my message nor have I heard any public mention of the >WDEF virus. Users continue to infect the disks in my lab and be >infected by the disks in my lab and, as far as I know, other public >facilities at the Universtiy of Michigan. The virus persists here. > What should be done to rid UM of the WDEF virus or of any virus for >that matter? How does the bureaucracy at your institution handle it? >I question the ethicality of a laissez-faire attitude on viruses at >any institution. > > Jeff Spitulnik As a Macintosh support person and programmer for the Computer Aided Engineering Network at the University of Michigan, I think I should try to clarify the response by U of M to the WDEF virus crisis. The University of Michigan has two major computer support organizations: the Computer Aided Engineering Network (CAEN) provides support for the Engineering students and faculty, while the U of M Computing Center (several organizations under the Information Technology Division) provide computing support to the rest of the University. As one of the first sites in the country to be hard-hit by the WDEF virus, we at CAEN acted immediately by searching out possible solutions to the virus. Virtually every CAEN lab mac was infected (about 160 hard disks). The virus was first disassembled by a member of Mac Support, and another employee tailored one of the virus removal patches (the one written by Juri Munkki (sp)) to meet our needs. This vaccine was then installed on all of the lab machines, and copies of Disinfectant 1.5 were put on the lab software servers. We then put notices in the labs and an article in our newsletter. All of this action occured within 1 week of our discovery of the WDEF virus, and we are now protected from it. I can't speak for the Computing Center's public facilities sites, as we are in a different unit of the university. We did give them a copy of our modified WDEF vaccine, but they chose not to use it, as far as I know. In other words, the entire University was not ignoring the problem, as the previous poster implies. We believe we now have the tools in place to deal with new viruses which will inevitably infect our Macintosh computers. Steven Falkenburg (sfalken@caen.engin.umich.edu) Computer Aided Engineering Network University of Michigan, Ann Arbor [Ed. This again raises an interesting point: how are other Universities and organizations equipped to respond to and/or prevent virus infections? Anyone from groups with policies in place for these things care to comment?]