Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cwjcc!tut.cis.ohio-state.edu!bloom-beacon!athena.mit.edu!captkidd
From: captkidd@athena.mit.edu (Ivan Cavero Belaunde)
Newsgroups: comp.sys.apple
Subject: Re: Resource Forks?
Keywords: Resource Forks, Viruses, IIGS
Message-ID: <12865@bloom-beacon.MIT.EDU>
Date: 20 Jul 89 22:35:10 GMT
References: <6851@sdcsvax.UCSD.Edu>
Sender: daemon@bloom-beacon.MIT.EDU
Reply-To: captkidd@athena.mit.edu (Ivan Cavero Belaunde)
Organization: Massachusetts Institute of Technology
Lines: 24

In article <6851@sdcsvax.UCSD.Edu> jonah@amos.ling.ucsd.edu (Jonah Stich) writes:
>
>I wasalking to a friend, (a Mac owner) and the topic of resource forks came up.
>According to him, it is possible to put a virus into a resource fork, which can
>then aid it in spreading to other programs (I wasn't sure wether I bought that
>last bit). Anyways, is this a problem that us humble IIGS users may soon 
>encounter? I hope not....

Actually, resource forks should make virus spread harder, not easier.  While
one can hide a virus in a resource fork, the same can be done in a data fork.
The thing is, since all code resides in the resource fork, and modifications
to resources go through manager calls, it is possible to intercept these and
consequently have a very effective virus defense.  People familiar with the
Mac will know of the programs Vaccine and GateKeeper, which work in this way
by monitoring resource manager calls.  Thus, it should be an improvement in
the virus situation.

-Ivan

	"American Love.  Like coke in green glass bottles ... they don't
		make it anymore."
			-Rorschach in _Watchmen_

Internet: captkidd@athena.mit.edu