Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!accuvax.nwu.edu!tank!eecae!netnews.upenn.edu!vax1.cc.lehigh.edu!sei.cmu.edu!krvw From: mcp@SEI.CMU.EDU (Mark Paulk) Newsgroups: comp.virus Subject: IEEE code of ethics and computer viruses Message-ID: <0007.y8907122227.AA01842@ge.sei.cmu.edu> Date: 12 Jul 89 18:38:26 GMT Sender: Virus Discussion List Lines: 70 Approved: krvw@sei.cmu.edu An article in the Computer Society News section of IEEE Computer, July, 1989, pp. 83-84, discusses a draft position paper on software vandalism, specifically computer viruses. I had some comments, which I mailed to the acting chair of the Committee on Public Policy: Ralph J. Preiss 12 Colburn Drive Poughkeepsie, NY 12603 I think the article, and possibly my comments, will be of interest to the VIRUS-L readers. Letter text follows: - - ------- I have just finished reading the article in the July 1989 issue of IEEE Computer on the code of ethics and computer viruses position paper. First, let me compliment your group on their statement. It seems so obvious what the correct ethical position with regard to these issues is, yet I have communicated with all too many "unethical" people where computer viruses and Trojan horses are concerned. I support having the IEEE take a very clear and explicit stand in these matters. I have a minor interest in these matters. Although not of direct professional interest, I just gave a presentation on "Computer Fauna: Viruses, Worms, and Trojan Horses" where I discussed the differences between these entities. I have some qualms about the definitions given in the sidebar. The second sentence in the definition of a "worm" is an overstatement. Although worm programs @i(may) overlay or erase other programs or data, in the original work with worm programs by J.F. Shoch and J.A. Hupp ("The 'Worm' Programs - Early Experience with a Distributed Computation," Communications of the ACM, Vol. 25, No. 3, March, 1982, pp. 172-180) the worm model is "a program or a computation that can move from machine to machine, harnessing resources as needed, and replicating itself when necessary" aka distributed computation, a program which spans machine boundaries. They quote the science fiction writer John Brunner: a worm adds to itself; a phage wipes out (Shockwave Rider). The same problem of assuming malicious behavior holds with viruses. In Cohen's work, he gives an example of a beneficient "compression" virus. Although I agree that for all practical purposes, there are no benign viruses, worm programs hold a great deal of promise as a distributed computing technology. The two different definitions of computer virus are also problematic. Computer virus-A seems to be an attempt to address programs such as the Christmas worm which propagate by the (inadvertent) action of humans. This is NOT a computer virus. Terms which have been used for this class of programs includes "rabbit" and "bacterium," although the emphasis tends to be on denial of service rather than the infection mechanism. I think the Trojan horse definition covers the class of program described adequately. Computer virus-B is a "reasonable" virus definition, although I have some slight qualms about the assumption of malicious instructions as mentioned earler. Good definitions for these classes of programs are rather nebulous at this time, and there are a number of candidates running around. Most notably Fred Cohen and Peter Freeman have supplied readily available definitions, although there are no rigorous ones yet. The discussions on the VIRUS-L (Comp.virus) group, moderated by Ken van Wyk, covers this ground now and again. I might suggest that you solicit some discussion from the group. I will take the liberty of cross-posting this missive to direct attention to the article. All in all, my compliments. Keep up the good work.