Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!samsung!xylogics!world!madd
From: madd@world.std.com (jim frost)
Newsgroups: comp.os.os2
Subject: Re: Security concerns for OS/2?
Message-ID: <1990Mar20.040501.823@world.std.com>
Date: 20 Mar 90 04:05:01 GMT
References: <5341@ccncsu.ColoState.EDU> <53617@microsoft.UUCP>
Organization: Saber Software
Lines: 32

alistair@microsoft.UUCP (Alistair BANKS) writes:
>More technically, without giving listening virus creators any ideas, os/2
>uses the same basic boot mechanism as dos and so is susceptable: BUT,
>when it has loaded its device drivers and switched to protect mode, no
>clock activated or other interrupt activated code gets a look in.

It's harder to write a virus for a protected-mode operating system,
but not much, especially since OS/2 wasn't designed with any security
in mind.  Even if it weren't fairly easy to infect a running OS/2, a
would-be virus can still modify the on-disk version of the operating
system and become active at the next boot.

>OS/2 does have neat and reliable multi-tasking, so a rogue
>virus process can do its work in the background, but os/2 has a real
>process model which the virus would have to be using, and a real
>process list command for you to see that virus at work - this would, of
>course be for an os/2 virus. Seeing it should allow you to track it down
>and kill it, but remember it may have an assumed pseudonym!

If the virus has taken over the operating system, it's a trivial task
for it to lie about what's running, no?

I agree that it's more difficult to write such a beast than it is
under a monitor such as MS-DOS but it's substantially less difficult
than it is under an OS with security (such as UNIX, VMS, etc), and
there have been viruses on many of those.

Food for thought,

jim frost
saber software
jimf@saber.com