Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!cs.utexas.edu!husc6!hscfvax!popvax!mohamed
From: mohamed@popvax.harvard.edu (Mohamed Ellozy)
Newsgroups: comp.unix.wizards
Subject: Re: Implications of recent virus (Trojan Horse) attack
Message-ID: <270@popvax.harvard.edu>
Date: 15 Nov 88 20:46:46 GMT
References: <17519@adm.BRL.MIL> <8890@smoke.BRL.MIL>
Reply-To: mohamed@popvax.UUCP (R06400@Mohamed Ellozy)
Organization: Health Sciences Computing Facility, Harvard University
Lines: 23

In article <8890@smoke.BRL.MIL> gwyn@brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>) writes:
>
>People are focusing on the wrong problem.  The Internet virus also
>attacked through a hole unrelated to gets(), and I know of at least
                                              ^^^^^^^^^^^^^^^^^^^^^^
>three other such holes.  The general problem is lack of sufficient
 ^^^^^^^^^^^^^^^^^^^^^^

This is what irritates the living daylights out of so many of us.
He "knows" of at least three other such holes.  He is thus more
learned, perhaps even wiser, than we are.

	BUT WHAT THE HELL ARE YOU DOING TO GET THEM CLOSED???

Wizards who "know" about problems and pride themselves about it, but
do nothing, are little better than those who mailiciously exploit them.

This wormy episode will only prove useful if it leads to a serious effort
to eradicate existing holes.  I suspect that vendors will now be very
sensitive (for a short period of time) to reports of security problems.
Not too sure, though.  What have various vendors done for sites which
run anonymous ftp?  Expecting customers to learn of problems from the
net is not acceptable user support.