Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!bu-cs!purdue!decwrl!sun!imagen!atari!portal!cup.portal.com!dan-hankins From: dan-hankins@cup.portal.com Newsgroups: comp.sys.amiga Subject: Re: The ultimate fix!!! Message-ID: <9997@cup.portal.com> Date: 13 Oct 88 00:28:31 GMT References: <8810092209.AA09182@cory.Berkeley.EDU> <2791@sugar.uu.net> Organization: The Portal System (TM) Lines: 39 XPortal-User-Id: 1.1001.5361 In article <2791@sugar.uu.net> karl@sugar.uu.net (Karl Lehenbauer) writes: >Do you disagree that Unix systems are better protected than totally >unprotected systems like the Amiga and the PC Not to answer for Matt, but yes, I think I disagree. It is not memory and file protection that protects Unix from viruses. As far as I can tell, there is only one real protection Unix has against viral attack. Unix runs on such a large number of incompatible architectures that people do not share executables. Instead they share source and do recompiles. Source sharing isn't perfect (it is possible to write a virus that will infect via a combination of source code and executables), but it's much better than sharing executable code. It doesn't protect against viral spread on a single machine (I would imagine that a lot less source sharing goes on on a single machine where the architecture is obviously compatible), but it does severely limit the spread of viruses over the net. >are you saying that Unix is somehow wide open such that running >mischevious code from any signon means the system's hosed (and if so, >how?), that people shouldn't even bother with countermeasures, or what? Maybe Matt's saying that, but I'm not. I do believe that there are measures which can be taken to severely limit the spread and destructiveness of viruses. However, these methods involve entirely new operating systems. For existing systems, the best that can be done is to have someone whose job it is to hunt down these suckers and come up with antidotes on a one-per-virus-class basis. This may not even be possible for some classes (for instance self-mutating viruses). I believe that the real answer to viruses (not total but very good) is to implement an object-oriented operating system in which objects are treated like users on a multiuser system. Implement 'need-to-know' and 'secret clearance' type restrictions on the objects in the system. Dan Hankins