Path: utzoo!mnetor!uunet!husc6!cmcl2!rutgers!ucla-cs!zen!ucbvax!decvax!decwrl!labrea!glacier!jbn From: jbn@glacier.STANFORD.EDU (John B. Nagle) Newsgroups: comp.sys.amiga Subject: Re: Virus programs Message-ID: <17272@glacier.STANFORD.EDU> Date: 2 Jan 88 19:29:12 GMT References: <2242@crash.cts.com> Organization: Stanford University Lines: 42 Summary: Protection against virus programs Clearly one of the major priorities is to protect original copies of software from corruption. In the 5.25" market, much software is distributed on disks that have no write-protect notch and thus cannot be overwritten on ordinary disk drives. (Production disk copiers, the big machines which feed disks from a hopper, will write on "write-protected" disks.) The 3.5" market needs to go in this direction. One could certainly get disks without write-permit sliders if you ordered a large enough quantity. This is "tamper-resistant packaging" for software. That's a first step. Software vendors must be very careful to avoid the distribution of contaminated disks. Any vendor that lets a product out with a virus in it will face litigation and major adverse publicity. Thorough and prolonged beta testing of new products will be necessary. This may slow down the product release cycle. Over the next few years, we may expect to see more virus programs. But in the future, they may be introduced with more deliberate intent and more precise targeting. Imagine, for example, a virus that does damage only to large spreadsheet data files, changing only a few bits here and there. Such a virus could pass invisibly through the hobbyist community and developers, who are generally not heavy spreadsheet users. It might find its way into various commercial products without being detected. Once inside a big company, it would eventually be noticed that the numbers in spreadsheets were sometimes wrong, but it could be some time before the cause was deduced. The end result might be a general conclusion that some software package or computer system was unreliable. Some group such as the Greens (the European environmental/antitechnology movement) might get into virus programs; they're already into minor sabotage. This has the potential to become a minor weapon of international terrorism. From the terrorist's point of view, the risks are low, the damage is to large institutions, and the amount of effort required to mount a defense is much larger than that required to mount an attack. In addition, such attacks will not produce the degree of public opposition and police activity that physical terrorism does. It's not clear how severe the problem will get. But it will probably get worse before it gets better. John Nagle