Path: utzoo!utgpu!water!watmath!clyde!rutgers!im4u!ut-sally!bcm!svedberg!rick
From: rick@svedberg.bcm.tmc.edu (Richard H. Miller)
Newsgroups: comp.sys.amiga
Subject: Re: Guidelines for virus authors
Summary: Security & publicity
Message-ID: <1018@uni2.bcm.tmc.edu>
Date: 16 Feb 88 02:16:35 GMT
References: <8802072054.AA03747@jade.berkeley.edu> <8261@g.ms.uky.edu>
Sender: usenet@bcm.tmc.edu
Lines: 18

In article <8261@g.ms.uky.edu>, sean@ms.uky.edu (Sean Casey) writes:
> I have never ever known of a major security bug that lasted long after
> it's operation was widely publicized.  I guess that's where I am coming
> from.

This is true for many security holes. If it is publicized, you usually can take steps
to prevent it. However, if it exploits a design flaw in the system, take care
in the desemination of the flaw. A fundemental flaw may NOT be easily corrected
(it might require a major rewrite and/or redesign of the product in question)
and thus may not be solved quickly. If the knowledge of the flaw becomes widely
known, you now have an ongoing problem with no solution for many months. (or
years).


Richard H. Miller                 Email: rick@svedberg.bcm.tmc.edu
Head, System Support              Voice: (713)799-4511
Baylor College of Medicine        US Mail: One Baylor Plaza, 302H
                                           Houston, Texas 77030