ewiles@netxdev.DHL.COM (Edwin Wiles) (01/04/90)
WHMurray@DOCKMASTER.ARPA writes: > >1. The amount of damage to data and availability done by viruses to date >has been less than users do to themselves by error every day. Granted. However, self-inflicted damage is generally recognized much sooner, and is often much easier to repair. Perhaps more time consuming, but easier because the user generally needs no special tools that he does not already have . >6. The current vector for viruses is floppy disks and diskettes, not >programs. That is to say, it is the media, rather than the programs, >that are moving and being shared. This is not entirely so. There have already been cases where programs were used as Trojan Horses to initiate viral infections. Thus, the floppy is not the only vector. True, a floppy is most often used to pass the program, but that will not always be the case. Already, services like Compu$serve are used for exchange of programs. Fortunately, the sysops (at least of the amiga groups) test uploaded software before allowing general access to it. However, such testing cannot be perfect. Consider a viral vector designed not to infect anything at all until a certain date is reached, then the virus is 'quiet' until yet another date has passed. If the vector is passed only in binary form, the chances of discovering the virus before the vector has widely spread is quite small. Especially if the date that the vector starts infecting is more than 30 days in the future. Binary only distributions are quite common, especially with the advent of shareware. The catch is, the designer must make the item sufficiently usefull/interesting to get the user to download it, and then to keep using it until the infection start date has passed. If he is able to do that, it is highly likely that the designer would get greater pleasure out of praise for the inital tool! The greater danger is a designer who modifies the binary received from some other source. Modification taking less effort than ground-up design/code/test. This would even be prefered if you wished to destroy the reputation of the original tool designer! Gack! A whole new reason for paranoia! "Who?... Me?... WHAT opinions?!?" | Edwin Wiles Schedule: (n.) An ever changing nightmare. | NetExpress, Inc. ...!{hadron,sundc,pyrdc,uunet}!netxcom!ewiles | 1953 Gallows Rd. Suite 300 ewiles@iad-nxe.global-mis.DHL.COM | Vienna, VA 22182