Path: utzoo!mnetor!uunet!husc6!cmcl2!rutgers!sdcsvax!ucsdhub!hp-sdd!hplabs!sdcrdcf!ism780c!dougl From: dougl@ism780c.UUCP (Doug Leavitt) Newsgroups: comp.sys.amiga Subject: Re: New Virus;deadly Message-ID: <8439@ism780c.UUCP> Date: 2 Jan 88 02:47:41 GMT References: <17234@topaz.rutgers.edu> <1425@phoenix.Princeton.EDU> <914@louie.udel.EDU> Reply-To: dougl@ism780c.UUCP (Doug Leavitt) Distribution: na Organization: Interactive Systems Corp., Santa Monica CA Lines: 102 Keywords: killer virus on the loose In article <914@louie.udel.EDU> rminnich@udel.EDU (Ron Minnich) writes: Much stuff deleted... > How did you lose your backup disk? I am still unclear on the >whole sequence. And how can a company lose a whole product? This >seems kind of weird; did they only have one backup disk, and not >have a string of backup disks? If so they were being a little >careless anyway... I personnally haven't been hit by the virus yet (then again I no longer use ANY disk without either formatting or Vchecking it first). I did have the opportunity to talk to Jim Sach's personally about a month ago. It seems that he got hit by the bad virus program. As a result IF there EVER is a 20,000 League's Under the Sea Game, it won't be out for at least another YEAR or so. It seems that the virus program trashed his WORK disks AND ALL his BACKUPS! As I recall he was approximately a YEAR into the project when it was all lost. I don't know about everyone else, but if I just lost almost a full WORK YEAR'S effort down the tubes because of a destructive virus, I would be EXTREMELY PISSED! I think it is time for people to get together and actively start squelching this problem before it starts affecting the amiga as a computer. Lets think for a moment what we have here. The comp.sys.amiga group could be thought of as the largest amiga user group or gathering in the country. I'm also sure that many of the people on the usenet are also members of local amiga groups (I'm a member of 2 personally). Secondly most if not all of the amiga owners reading this group are or have become very knowledgable on the amiga because of the information passed through comp.sys.amiga. There are a number of things I have learned with the help of other on the net, it seems time for me and any others interested in protecting their investments before it gets out of hand. Here are some things I have thought of to start cleaning up this mess: 1) GET PEOPLE INFORMED. Next time anyone goes to a user group meeting make sure there is a virus update announcement. Many of the people in my user groups already have heard about the first virus. I personally plan to start warning people in my user groups about the new virus's destructive capabilities. When a new and updated Vcheck comes out (FROM Commodore, lets not accept substitutes) get it distributed to user group BBS's and other sources as fast as possible. Also tell people that it exists. 2) LETS START TRACKING IT. The best way to squelch this problem is to start finding the source(s). I'm sure if we could name names, and show proof, Commodore could and would prosecute. Let's start doing so. Here's some of the things that I think can be done: a) start Vchecking everything. b) if you find a contaminated disk check it's source for a contaminated copy. c) if the source has a contaminated copy, have that person check his/her source and pass you back any information that he finds out. d) start reporting sources to Commodore and the rest of the Usenet. How about putting the words VIRUS TRAILS or maybe YAVT (Yet Another Virus Trail) in the subject line and keywords of the header. 3) STARVE THE SOURCES. Information transfer goes two ways. normally if I get info/programs from a source I usually send things along (It's usually some form of 2 way street). If a source is found, let's stop accepting or sending info in that direction. It can get pretty lonely if no one will sell or give you programs/pictures/etc. for your amiga. Also what fun is it if you can't sell/give/show any of your creations to someone else. I think this is an appropriate penalty for someone writing virus programs. (They tried making your machine worthless, this seems like an appropriate punishment befitting the crime.) If you were a member of a user group in Switzerland that just found out that you'll never get another fish disk because one of your cohorts was responsible for vandalizing thousands of other users disks, do you think the sources will be part of the general amiga community for long? I don't. 4) LET'S WORK WITH COMMODORE! CATS is always helping us, lets help them control the problem as much as possible. If you have an infected disk or you think you have found a new infestation, send it to CATS. This will be the only way we can keep ahead of the virus writers it to help Commodore investigate a new strain. I've sent a number of disks all over the country. It only costs $.56 plus $.20 or $.30 for a padded envelope. This shouldn't cripple anybodys checking account. From my archives thats: Bill Koester c/o CBM 1200 Wilson Drive West Chester, PA 19388 5) BECOME JUST A LITTLE BIT PARANOID. Being paranoid isn't necessarily good, but remembering to vcheck any foreign disks should help to control the problem and start in tracking down the sources. Lets see how much power and how many bright minds the Usenet can bring together to solve this problem. As always any additional suggestions, comments etc... are welcome, and in this case I think they are necessary. Doug Leavitt Interactive Systems Corp. dougl@ism780c.isc.com { sdcrdcf, uunet, oliveb } !ism780c!dougl