55srwlgs@sacemnet.af.mil (Frank Starr) (09/25/89)
Sabotaged Program Reactions - An Editorial Review
by Frank Starr
The continuing threat of virus and Trojan Horse programs - which
I prefer to call sabotaged programs, has begun to spark some reaction
from the upper levels of the Department of Defense. Concurrent with
the discovery of the so-called "Columbus Day Time Bomb", previously
known as the Datacrime Virus, has come a series of directives which
may serve to eliminate the use of all forms of shareware by D.O.D.
personnel on D.O.D. microcomputers.
Air Force users first received word of the Columbus virus from a
message published by the USAF Office of Special Investigation,
republished and mass mailed through MILNET/DDN, the D.O.D. e-mail
system. Two suspected sources have been listed - a European extremist
group in the spiritual sway of Bader Meinhoff, and a Norwegian group
displeased with celebrations honoring Columbus, while ignoring Norse
discoveries preceeding those of European explorers.
Later communiques identified the virus as the Datacrime variety,
capable of trashing the FAT area of a hard drive. From the first
message to all others received to date, a prevailing directive has
been to cease using all software downloaded from private bulletin
boards. Various interpretations have gone so far as to conclude that
only vendor supplied software should be used, to the absolute
exclusion of everything else, whether shareware available for purchase
after an initial test period, or freeware for which no fee or donation
is ever asked.
All of this confusion promises to cause a lot of D.O.D. micro
users to cut themselves off from anything except commercial software,
purchased through government contracting channels. This in spite of
the fact that there have even been reports about commercial software
occasionally being sabotaged by temporary employees (as reported in an
issue of Government Computer news about a year ago. Sorry, specific
issue forgotten). There are a number of micro bulletin boards in
D.O.D., some of which offer shareware software for evaluation to
potential customers. Some of the SYSOPs of these systems forsee a call
to close down operations, based on reactions to sabotaged software
threats, and rough drafts of official regulations to control software
on D.O.D. micros (see the September/October C2MUG bulletin, page 5).
Although there are some advisories for users to back up all
software on D.O.D. micros, more attention seems to be going towards
the elimination of all non-contract software on D.O.D. micros. Since
sabotaged programs are more often reported in connection with
softwaree downloaded from public RBBS systems, this game plan can be
understood, if not readily supported. However, with micro user
education still a lower priority object in many areas, and software
backup not a widespread practice, it seems that, especially with
funding cuts a now and future reality, more attention would better be
given to how to defend against sabotaged programs, and perhaps the
avoidance of all forms of shareware could be reevaluated.
Frank StarrWANCHO@WSMR-SIMTEL20.ARMY.MIL (Frank J. Wancho) (09/25/89)
Frank,
I just read and reread your editorial. I fear that possibly many
people will misread it, overlooking certain key words and phrases,
such as "may" in "may serve to eliminate," "various interpretations,"
"foresee," "seems" in "more attention seems to be," etc.
The actual point of your editorial, with which I agree, is in your
last sentence, which should have been a paragraph by itself (starting
with the word, "However," and broken into several sentences:
Micro user education is still a low priority activity in many
areas, and software backup not a widespread practice. With
funding cuts a now and future reality, more attention should be
given to defending against sabotaged programs. Then, perhaps, the
trend toward avoiding all forms of shareware could be reevaluated.
- --Frank