WHMurray@DOCKMASTER.ARPA (01/03/90)
In referring to my comments on Gene's theorems, Brian Piersel asks: >What about infected programs uploaded to a BBS? If someone else downloads >that program and uses it, their system will be infected with the same >virus. In this case, the media has _not_ moved, which would indicate >that programs are also a vector for viruses. The operative words in my comment were "current vector." While there always has been a potential for viruses to spread via BBSs, and while one should be careful when using programs from such sources, that is not what is happening NOW (examples to the contrary notwithstanding). In one sense programs are always the vector. However, it is the sharing behavior that creates the exposure. From a behavioral point of view, it is the media that is being moved around. While the motive is to move data, often but not always programs, the particular data to be shared is incidental to the process of contamination. If the only spread that we had to be concerned about was that which resulted from the deliberate intent to share a particular infected program, we would be in good shape. While all of the media hype refers to BBSs, they have not been a significant vector. Much of the hype also talks about contamination of vendor shipments. While there have been a few notable cases, this has not been the major source of spread. Even where shrink-wrapped media has been infected, it was usually after shipment and involved distributors re-wrapping media that had been returned after use in an infected machine. It is important that we know what is really happening, as opposed to hype, speculation, and potential. William Hugh Murray, Fellow, Information System Security, Ernst & Young 2000 National City Center Cleveland, Ohio 44114 21 Locust Avenue, Suite 2D, New Canaan, Connecticut 06840