Path: utzoo!utgpu!water!watmath!clyde!rutgers!husc6!bbn!oberon!pollux.usc.edu!papa
From: papa@pollux.usc.edu (Marco Papa)
Newsgroups: comp.sys.amiga
Subject: Re: Viruses are here to stay (long)
Message-ID: <5998@oberon.USC.EDU>
Date: 4 Jan 88 06:12:44 GMT
References: <5996@oberon.USC.EDU> <1847@s.cc.purdue.edu>
Sender: nobody@oberon.USC.EDU
Reply-To: papa@pollux.usc.edu (Marco Papa)
Organization: Felsina Software, Los Angeles, CA
Lines: 46

In article <1847@s.cc.purdue.edu> rsk@s.cc.purdue.edu.UUCP (Frozen Wombat) writes:
>In article <5996@oberon.USC.EDU> papa@pollux.usc.edu () writes:
>>I installed a variety of viruses as part of a graduate course on computer
>>security at USC over 4 years ago.

> I am surprised, however, that routine coursework involved breaking
>the security of individual users' accounts.  Our SOP for dealing with
>such individuals is to revoke their account and refer them to the Dean of
>Students; if evidence exists that they used their access to a user's account
>to read private files, then they're probably in violation of the Federal
>Privacy Act.

I believe that this is also the case at USC, too.  These were all
"supervised" break-ins. The professor was present when the thing happened, and
the then chairman of the CS dept approved it.  No files were even looked at,
and the owners of the accounts were promptly notified.  It was basically a
controlled experiment.

>>IBM's VNET worldwide network was put to a halt for almost two
>>weeks just before Christmas, when a "virus Christmas card" was sent out over 
>>it. The virus would spread by remailing itself to everybody in your VNET 
>>mailing lists, generating "billions and billions" of messages.  I believe the 
>>net totally crashed at least twice and more at various locations.

>>  The perpetrator was never found, and worse of all there seem to be no quick 
>>answer/change that will avoid this in the near future.
>
>This is an extremely inaccurate account of the incident, its repercussions,
>and its resolution.  (For instance, the perpetrator was found.)  See recent
>articles in comp.risks for a number of articles providing a correct account
>of the incident.

Sorry but I stand by my quote.  These are some other ones from comp.risks:

...massive network shutdown -- Ross Patterson, Rutgers University

... virtually paralized IBMs internal network --

The perpetrator was indeed found. Sorry but I read comp.sys.amiga BEFORE
comp.risks :-) Too much news backlog after a week's vacation.  The virus
came from EARN node in Germany and then spread to other networks (BITNET
and VNET).  The guy who did it was a student.

Boy are we getting a bad name in Europe for viruses :-)

-- Marco