Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!umich!gld From: gld@zippy.eecs.umich.edu (Greg L. Dykema) Newsgroups: comp.sys.mac Subject: Re: SCORES ordeal + new(?) SCORES info Message-ID: <1255@zippy.eecs.umich.edu> Date: 13 Oct 88 20:46:38 GMT References: <6685@ut-emx.UUCP> <10330059@eecs.nwu.edu> Organization: University of Michigan EECS Dept., Ann Arbor Lines: 42 In article <10330059@eecs.nwu.edu>, jln@eecs.nwu.edu (John Norstad) writes: > NO, NO, NO!!!! Please don't post disassemblies or sources for viruses!!! > > Those of us doing research on viruses must very carefully consider the > consequences of all our public actions. I feel that it's OK to tell > people what damage a virus does, how to detect it, and how to get rid of it. > This is being socially responsible, and provides a needed service. But it's > incredibly irresponsible to tell people how they work or how to write one! > > John Norstad > Academic Computing and Network Services > Northwestern University > > Bitnet: jln@nuacc > Internet: jln@nuacc.acns.nwu.edu This is one way of looking at the question of whether or not to publicize virus code and exact descriptions of virus operation. The other option is to release all the information anyone can find on viruses to everyone. The reasoning behind the former is that you hope to limit the number of people who have the desire and/or knowledge to write a virus--if someone didn't know what a virus is, they may not think of the possibility on their own, and without explicit examples, they may not know how to write one. The first "hope" is useless--many people know what a virus is and basically what it does. The second is not much good either--viruses are not hard to write and any decent programmer with the desire can write one. The only thing you avoid is handing someone "ready-made trouble" and perhaps giving someone the ability to distribute a virus if they did not have the necessary skills already. But we have lost something too. We have lost a free exchange of information, admittedly information that could help or hurt. But I believe that the "additional" damage releasing virus source code might do is not worth the loss of information, information necessary if one is to understand the possible threat of viruses (and specific viruses in the case of publishing specific source code) and to defend against them. What gives anyone the right to decide in whose hands this "priviledged information" will lie? In any event, I believe that the question of whether not to publish virus source code does NOT have a clear answer! Greg Dykema