Path: utzoo!attcan!uunet!super!udel!gatech!rutgers!bellcore!tness7!tness1!uhnix1!sugar!peter From: peter@sugar.uu.net (Peter da Silva) Newsgroups: comp.sys.amiga Subject: Re: The ultimate fix!!! Message-ID: <2774@sugar.uu.net> Date: 9 Oct 88 13:55:42 GMT References: <8810081911.AA17305@cory.Berkeley.EDU> Organization: Sugar Land Unix - Houston, TX Lines: 62 In article <8810081911.AA17305@cory.Berkeley.EDU>, dillon@CORY.BERKELEY.EDU (Matt Dillon) writes: > Excuse me, bullshit. I wish people would drop this "virus's can be > stopped" crap, it just isn't possible. The whole thing can be characterized > by a single statement: No, I'm not going to excuse you. This sort of language is inappropriate for this forum. I've flamed Matthew (weemba) Weiner for it before. Consider toasted royally just by the comparison. And I am *not* claiming that viruses can be stopped. I'm just claiming that a protected system can slow them down so far they can be easily controlled. Look at the example given to show how insecure UNIX is: a virus took 30 minutes to penetrate security. Compare that to the difficulty of infecting an MS-DOS system... a matter of milliseconds. It's like putting burglar bars on your windows, or an alarm system in your car. The burglar/virus author is after gain... monetary gain or notoriety. He can gain MUCH more pleasure from burning 10,000 PC owners than 50 academic UNIX systems. And he's much less likely to get caught. > "Convenience Vs. Security" > Understand the point? Yes, we understand the point. UNIX is in many ways a *lot* less convenient than AmigaDOS or Messydos. This is why it's more secure. I've deleted all your references, most of which seem to be specific to Berkeley UNIX. Outside the academic environment people generally don't let other people into their systems that easily. Individuals with UNIX systems don't trade binaries, they trade sources. Why? Well, suppose I have a Microport 286 system... a low-end machine. I *can't* use programs other people have running on their AT&T 7300s, their SysV/386, their Xenix 386 and Xenix 68000 systems. And I'm limiting myself too much if I just stick to other Microport people. No, I snarf a copy of the ray-tracer posted to comp.graphics from joe, and I compile it. Now, it may be a trojan horse. It may trash my system. But it's unlikely... it didn't trash Joe's. If it trashes mine, I'm going to have some words with Joe. And he knows it. And I know that it's not going to have any hard little binary nuggets tagged onto the head of its executables. No executables. You have to find some way to infect source. That's tricky. The only channel I can think of offhand would be a sharchive. And people use different sharchivers. And some people use cpio -c or tar. To be really sucessful you have to infect all of these channels... and you have to infect them in different instruction sets and a.out formats. Much easier for the virus vector to pay attention to the unprotected PC market. Let's look at this virus analogy for a minute. We live in a world of real viruses, any of which would kill us in days or hours if our cells didn't have some protective mechanisms. Yes, there are things like AIDS. But that doesn't mean we should all turn our immune systems off and give up. It's convenient to copy binary software. It's convenient to trade disks. It's convenient to run unprotected. But a little bit of security... from buggy software as well as viruses can keep your computer healthier longer. -- Peter da Silva `-_-' peter@sugar.uu.net Have you hugged U your wolf today?