Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!wuarchive!zaphod.mps.ohio-state.edu!unix.cis.pitt.edu!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: RADAI@HUJIVMS.BITNET (Y. Radai)
Newsgroups: comp.virus
Subject: Re: Into the 1990s
Message-ID: <0005.9105231331.AA02851@ubu.cert.sei.cmu.edu>
Date: 22 May 91 10:12:00 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 38
Approved: krvw@sei.cmu.edu


  Among Ross Greenberg's points in his reply last week to Padgett
Peterson was the following:

>You mentioned a few products and their methods, so its obvious that
>this integrity checking *IS* being done (FLU_SHOT+ has had integrity
>checking on program run for about three years, I guess).  Now, is this
>integrity checking being done *properly*?  Interesting question and
>one that only the marketplace can answer by what they select for their
>purchase (or freeware usage).

  Sorry, but I just can't pass over that without comment.
  Whether integrity checking or any other software function is being
done properly is not a question which can be settled by asking the
marketplace.  If it were, we could completely dispense with all the
quality comparisons that are continually being made in the literature
and simply quote sales figures.  Because of many other factors such as
marketing skill, luck, etc., the correlation coefficient between pro-
duct quality and volume of sales, in computer software as in other
products, may be closer to 0 than to 1, even if we consider only pro-
ducts in the same price range.  (Some cynics claim that this coeffi-
cient is negative.  I'm not sure that they're far off.)
  (No offense meant, Ross, but I'm sure it won't come as a surprise to
you if I mention that in my opinion, a good example of poor product
quality despite presumably good sales figures is the integrity-check-
ing feature of FLU_SHOT+.  But since I've discussed FSP enough in the
past, I won't repeat my arguments unless someone asks.)

>Resident integrity checking, and access control, is a worthy goal of
>any of the anti-virus products. However, remember that it can and
>*will* be circumvented the first time somebody boots off a floppy.

  That does not have to be true; details in a couple of weeks.

                                     Y. Radai
                                     Hebrew Univ. of Jerusalem, Israel
                                     RADAI@HUJIVMS.BITNET
                                     RADAI@VMS.HUJI.AC.IL