Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!usc!zaphod.mps.ohio-state.edu!ncar!midway!magrathea!francis
From: francis@magrathea.uchicago.edu (Francis Stracke)
Newsgroups: comp.sys.mac.misc
Subject: Re: computer security
Message-ID: <1990Nov23.054029.2419@midway.uchicago.edu>
Date: 23 Nov 90 05:40:29 GMT
References: <1990Nov21.190134.19749@uncecs.edu> <36149@cup.portal.com> <9779@jarthur.Claremont.EDU>
Sender: news@midway.uchicago.edu (News Administrator)
Distribution: na
Organization: Mathematics Department, University of Chicago
Lines: 20

Look, everybody seems to be assuming that the worst that
could happen as a result of keeping the software would be
legal problems.  This is simply not so! If it's all public
domain stuff, taken off the Net, then there is little or
no guarantee that the programs themselves are not dangerous!
Does Sumex scan posted software for viruses before making it
available? Okay, probably--but what about a brand-new virus?
The posted application could be a Trojan Horse.  Or the program
could have something seriously wrong with it.  Or the author
may have had some sort of a grudge against somebody, and
written a check to do damage to that person in particular, so
that Sumex wouldn't find anything wrong, but the victim (&
those who resembled the victim--possibly an *enormous*
group) would be hurt, and badly.  On private machines, we
take our own chances with this sort of thing; but it's
unreasonable to ask the employer to accept that risk.
| Francis Stracke		| My opinions are my own.  I don't steal them.|
| Department of Mathematics	|=============================================|
| University of Chicago		| Non sequiturs make me eat lampshades	      |
| francis@zaphod.uchicago.edu	|   				       	      |