Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!tut.cis.ohio-state.edu!att!linac!midway!magrathea!francis From: francis@magrathea.uchicago.edu (Francis Stracke) Newsgroups: comp.sys.mac.misc Subject: Re: computer security Message-ID: <1990Nov25.224403.2384@midway.uchicago.edu> Date: 25 Nov 90 22:44:03 GMT References: <9779@jarthur.Claremont.EDU> <1990Nov23.054029.2419@midway.uchicago.edu> <1990Nov25.102627.17830@world.std.com> Sender: news@midway.uchicago.edu (News Administrator) Distribution: na Organization: Mathematics Department, University of Chicago Lines: 62 In article <1990Nov25.102627.17830@world.std.com> boris@world.std.com (Boris Levitin) writes: [inclusion of my entire post] >If you are going to be that paranoid, have you considered the possibility of First of all, it's not *my* paranoia--I take my chances--it's the paranoia of people whose job it is to take care of their company's machines. >perfectly legitimate, legally-purchased and corporate-approved application >(a real possibility)? Yes, I have. In the case of a purchased app, it's either something that was illegitimately infected or a Trojan horse; in the one case, Disinfectant can probably spot it; in the latter, the seller can be held liable. The key point here is that the managers can check the software they install. They don't want to let their employees be responsible, since it's their own jobs on the line. Come on. Viruses and Trojan horses are an unfortunate >reality, Yes, they are; and an extremely serious one. They would be an ideal tool if a corporate rivalry turned dirty: deadly and untraceable. and users - both corporate and individual - have a variety of means >at their disposal to combat these phenomena[... long list of stuff we all know ] NONE of these things is perfect! An INIT installed before all the protection schemes could patch SetTrapAddress to prevent them from being able to install the patches they depend on to detect viruses. In fact, it could then go on to seek out and corrupt all virus-fighting software on the disk! Moreover, I can think of at least one extremely simple way to infect a file while the vaccines are in effect (NO, I'm not going to advertise it :-), so I'm sure somebody who really wanted to write a virus could come up with some good way. > It would be >understandable and justifiable if a corporate Systems department forced its >users to practice safe computing. Safe computing includes being careful about what you install! Arbitrarily deleting from people's systems >anything not on the "approved" list, however, just embitters them needlessly >and stifles any attempt to make more use of the computer, as well as >creative, exploratory and self-reliant tendencies (which, as you might recall, >are what has made this country great). This much I agree with. (Except that I think you should be careful about your tenses in that last clause. Most people these days have the self-reliance of tapeworms.) It's a tradeoff, which means a priority decision has to be made. For individuals, it's fine for us to make the decision on our own; nobody but us is affected. HOWEVER, the managers that killed this software definitely had the right, even the duty, to make that decision. Their job was to supervise the computers of their company, which included assuring security. Security always involves a measure of paranoia. Remember: there are two types of paranoia: total and insufficient! | Francis Stracke | My opinions are my own. I don't steal them.| | Department of Mathematics |=============================================| | University of Chicago | Until you stalk and overrun, | | francis@zaphod.uchicago.edu | you can't devour anyone. -- Hobbes |