dmg@lid.mitre.org (David Gursky) (10/02/89)
John McAfee of Interpath, National Bulletin Board Society, and Computer Virs (Virus, not Virs) Industry fame has written a book. Entitled _Computer Viruses, Worms, Data Diddles, Killer Programs, and Other Threats to Your System: What They Are, How They Work, and How to Defend Your PC, Mac, or Mainframe_, it is co-authored with Colin Haynes, and published by St. Martin's Press. I finished reading it today, and this is some preliminary thoughts I have on the book (this message would be more detailed, but I have to catch a plane to New Orleans tonight and I leave in thirty minutes). I do not like this book. I found it to be (at various points) contradictory, incomplete, and alarmist. Before the flame wars begin, let me emphasize that the whole book is not constantly contradictory, incomplete, and or alarmist, nor is any one section all three of those things. Some sections (most notably the first third of the book and the last chapter) are very alarmist. In the final chapter for instance, McAfee quotes some NBBS users about what type of viruses do they see "looming in the distance". One example cited is a modification to the electronic switches used by the phone company to reroute a call placed by caller n to the number dialed by called n-1. A second example would have the computers controlling the nation's traffic lights (the computers are made by one of three companies) all turn green in all directions on a given Friday. I leave it as an exercise to Virus-L readers to find where these are flawed, other than the obvious one that neither of these are viruses per se, but are examples of destructive measure viruses could be put to. In between the beginning and the end of the book, McAfee focuses on a technical discussion of viruses, and he does, alright. There are much better books (IMO) on the market about PC viruses (such as the Compute book) or viruses in general (Ralf Burger's _Computer Viruses, A High Tech Disease_), but if you are comfortable with McAfee's paradigm's, then his work is acceptable. If you are not comfortable with McAfee's paradigm, or if you are concerned with viruses in the Macintosh environment (or to a lesser degree, the mainframe environment), you will get awfully confused. The book has a very heavy PC bias, and (for example) trying to fit McAfee's generic description of viruses into the Macintosh paradigm does not work easily. I will be out of town for two weeks, and Virus-L will be on vacation by the time I get back. When I do get back into town, I will write a more comprehensive review for Virus-L. What it all comes down to is this. McAfee & Haynes' book is no great shakes; it simply is not well written. This is not to call John McAfee names or anything, but "he should not give up his day job". My advice is to buy a copy of the NIST paper (which is shorter, more concise, and has a greater proportion of useful information) and a good set of anti-virus tools for your computer. Viruscan is one of the best for the PC from what I understand, and a bargain at $15.