Path: utzoo!mnetor!uunet!husc6!bbn!uwmcsd1!ig!agate!ucbvax!hplabs!cae780!leadsv!laic!darin From: darin@laic.UUCP (Darin Johnson) Newsgroups: comp.sys.amiga Subject: Re: Guidelines for virus authors Message-ID: <153@laic.UUCP> Date: 9 Feb 88 23:03:31 GMT References: <8802072054.AA03747@jade.berkeley.edu> <8261@g.ms.uky.edu> <17301@glacier.STANFORD.EDU> Organization: Lockheed AI Center, Menlo Park Lines: 43 > OS/2 is already virus-resistant to some degree, being a protected-mode > operating system. When the Mac line gets memory-management > units (there's a socket in the Mac II) Apple intends to go to a protected > mode operating system (ref. interview with John Sculley, Computer Currents, > Dec. 87.). Why should running under protected mode help? A virus that gets read in from the boot block would presumably run in privileged mode. A protected mode would help against some trojan horses though, although someone clever can get around this easily. A protected mode would help defend the Amiga against user programs/errors but not against itself (or programs designed to defeat protected mode). > Sun machines are already reasonably tight, running under UNIX > in protected mode. DEC's VAXstations also have protection. In each > case, the protection isn't perfect, but the essential parts are there and > with some tightening up, each of these systems should be able to resist > virus programs effectively. > John Nagle UNIX machines are no less succeptible to trojan horses than any other system. Also, UNIX machines are not generally known as secure systems, although many vendors are trying to retro-fit better security. VMS is generally regarded as more secure than UNIX, yet I can think of quite a few ways to create a virus or trojan horse on VMS (recall the SPANnet virus that propogated over these "secure" machines). On occasion, I have broken in to Suns and microVaxes (in my system manager guise) and know that it is trivial for a casual user to do so (a little harder on VMS...). Also, the "Ken Thompson" virus may exist on a very large number of UNIX systems. The tightening up involved in order to make these systems secure would be to have the machine be in a restricted access area, have no network/modem connections, no outside software used, vendor software examined (source code required), etc. (assuming you trust the users :-) (I would consider my Amiga at home more secure than the machines at work) -- Darin Johnson (...ucbvax!sun!sunncal!leadsv!laic!darin) (...lll-lcc.arpa!leadsv!laic!darin) All aboard the DOOMED express!