55srwlgs@sacemnet.af.mil (Frank Starr) (09/25/89)
Sabotaged Program Reactions - An Editorial Review by Frank Starr The continuing threat of virus and Trojan Horse programs - which I prefer to call sabotaged programs, has begun to spark some reaction from the upper levels of the Department of Defense. Concurrent with the discovery of the so-called "Columbus Day Time Bomb", previously known as the Datacrime Virus, has come a series of directives which may serve to eliminate the use of all forms of shareware by D.O.D. personnel on D.O.D. microcomputers. Air Force users first received word of the Columbus virus from a message published by the USAF Office of Special Investigation, republished and mass mailed through MILNET/DDN, the D.O.D. e-mail system. Two suspected sources have been listed - a European extremist group in the spiritual sway of Bader Meinhoff, and a Norwegian group displeased with celebrations honoring Columbus, while ignoring Norse discoveries preceeding those of European explorers. Later communiques identified the virus as the Datacrime variety, capable of trashing the FAT area of a hard drive. From the first message to all others received to date, a prevailing directive has been to cease using all software downloaded from private bulletin boards. Various interpretations have gone so far as to conclude that only vendor supplied software should be used, to the absolute exclusion of everything else, whether shareware available for purchase after an initial test period, or freeware for which no fee or donation is ever asked. All of this confusion promises to cause a lot of D.O.D. micro users to cut themselves off from anything except commercial software, purchased through government contracting channels. This in spite of the fact that there have even been reports about commercial software occasionally being sabotaged by temporary employees (as reported in an issue of Government Computer news about a year ago. Sorry, specific issue forgotten). There are a number of micro bulletin boards in D.O.D., some of which offer shareware software for evaluation to potential customers. Some of the SYSOPs of these systems forsee a call to close down operations, based on reactions to sabotaged software threats, and rough drafts of official regulations to control software on D.O.D. micros (see the September/October C2MUG bulletin, page 5). Although there are some advisories for users to back up all software on D.O.D. micros, more attention seems to be going towards the elimination of all non-contract software on D.O.D. micros. Since sabotaged programs are more often reported in connection with softwaree downloaded from public RBBS systems, this game plan can be understood, if not readily supported. However, with micro user education still a lower priority object in many areas, and software backup not a widespread practice, it seems that, especially with funding cuts a now and future reality, more attention would better be given to how to defend against sabotaged programs, and perhaps the avoidance of all forms of shareware could be reevaluated. Frank Starr
WANCHO@WSMR-SIMTEL20.ARMY.MIL (Frank J. Wancho) (09/25/89)
Frank, I just read and reread your editorial. I fear that possibly many people will misread it, overlooking certain key words and phrases, such as "may" in "may serve to eliminate," "various interpretations," "foresee," "seems" in "more attention seems to be," etc. The actual point of your editorial, with which I agree, is in your last sentence, which should have been a paragraph by itself (starting with the word, "However," and broken into several sentences: Micro user education is still a low priority activity in many areas, and software backup not a widespread practice. With funding cuts a now and future reality, more attention should be given to defending against sabotaged programs. Then, perhaps, the trend toward avoiding all forms of shareware could be reevaluated. - --Frank