Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!sol.ctr.columbia.edu!lll-winken!iggy.GW.Vitalink.COM!widener!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: padgett%tccslr.dnet@mmc.com (A. Padgett Peterson) Newsgroups: comp.virus Subject: re: The Shape of the World (PC) Message-ID: <0010.9105101443.AA06343@ubu.cert.sei.cmu.edu> Date: 9 May 91 16:36:41 GMT Sender: Virus Discussion List Lines: 53 Approved: krvw@sei.cmu.edu >From: "David.M.Chess" >1) Most viruses in the collections of anti-virus worker have, as far as > anyone knows, never been found on an end-user system. True, most of the 500+ viruses are too stupid or blatent to spread very far on their own. Like any emerging industry (did you know that in the early 1900's there were over 2000 mamufacturers of Automobiles in the US ?), there are a large number of attempts before an effective "product" is found. However, what we are seeing now are refinements of the "best" of the first generation products, the dead ends are obvious to anyone who seriously reviews the literature. >2) That is, it's very rare for a virus from the "collectors only" category > to move into the "in the wild" category. Probably true for now, but only demonstrates the poor "quality" of most viruses. - ------------------------------ Date: Thu, 9 May 91 12:36:41 -0400 From: padgett%tccslr.dnet@mmc.com (A. Padgett Peterson) Subject: re: Virii (sic) in Factory Software >From: "William Walker C60223 x4570" >In both of these instances, the manufacturers took full responsibility >and made efforts to remedy the situation, once they were informed of >the problem. Am glad to find that some manufacturers (Aldus, Bitcom) take their responsibilities seriously. I'm still bothered that infected disks were sent out in the first place, however up through 1989 such ignorance was excusable. In 1991 IT IS NOT. >Also, how do you know they're NOT checking the disks? Suppose they're using >VIRUSCAN V74, which won't find Azusa. Or worse, suppose they're using Norton >Antivirus. Then they are worse than negligent, they are stupid ! (personal opinion). A manufacturer should know what every byte on their distribution disks should be and use this for comparison, not generic commercial signature checkers that contain disclaimers that only known viruses will be detected. ANY change from what is supposed to be on the disks should be detected. One would expect any effective statistical QA procedure to include this. I can see coming shortly, large users requiring from manufacturers/distributers certification that their distributions are free from any malicious software. Govenmental organizations will probably be first. Warmly, Padgett