Path: utzoo!attcan!uunet!husc6!ukma!cwjcc!hal!nic.MR.NET!stolaf!mike
From: mike@stolaf.UUCP (Mike Haertel)
Newsgroups: comp.unix.wizards
Subject: Re: Implications of recent virus (Trojan Horse) attack
Message-ID: <772@stolaf.UUCP>
Date: 12 Nov 88 20:37:31 GMT
References: <1698@cadre.dsl.PITTSBURGH.EDU> <2151@ficc.uu.net> <8845@smoke.BRL.MIL> <8562@rpp386.Dallas.TX.US>
Reply-To: mike@wheaties.ai.mit.edu
Distribution: na
Organization: St. Olaf College, Northfield, MN
Lines: 22

In article <8562@rpp386.Dallas.TX.US> jfh@rpp386.Dallas.TX.US (John F. Haugh II) writes:
>Do you *really* trust college students to write real software?  If so, you
>must have never attended a university similiar to the one I graduated from.

I am a college student.  Also the author of GNU grep, coauthor of GNU diff,
and working on GNU sort . . . all of my programs are faster and (I hope)
more robust than the Unix programs they replace.  I am glad to hear that
you don't trust me to write real software, and that you will not be
using my programs.

Do you really trust your vendor to write real software?  Most of them
won't distribute source, so you can't check for trojan horses et. al.
You can't fix bugs that arise, unless you are good at reading and
patching binaries.  Most of them have license agreements that prevent
you from doing this, if you are a person who keeps your word.

I have heard that the reason some vendors don't distribute source is
that they don't want their customers to see how badly written it is.

---
Mike Haertel
Really mike@stolaf.UUCP, but I read mail at mike@wheaties.ai.mit.edu.