Xref: utzoo comp.sys.apple:10110 comp.sys.atari.st:14119 comp.sys.ibm.pc:24875 comp.sys.mac:26887 comp.sys.amiga:29452 Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!sharkey!atanasoff!jwright From: jwright@atanasoff.cs.iastate.edu (Jim Wright) Newsgroups: comp.sys.apple,comp.sys.atari.st,comp.sys.ibm.pc,comp.sys.mac,comp.sys.amiga Subject: Re: Viruses, references and request for information Keywords: virus Message-ID: <811@atanasoff.cs.iastate.edu> Date: 17 Feb 89 19:10:27 GMT References: <409@odin.cs.hw.ac.uk> Reply-To: jwright@atanasoff.cs.iastate.edu (Jim Wright) Followup-To: comp.misc Organization: Iowa State U. Computer Science Department, Ames, IA Lines: 61 [ The original distribution for this message is inappropriate for ] [ conducting a discussion. Unfortunately comp.security, comp.virus, ] [ etc. do not exist. Comp.risks is moderated. The best I could ] [ find is comp.misc. Please direct replies there. (Is someplace ] [ better?) ] In article <409@odin.cs.hw.ac.uk> davidf@cs.hw.ac.uk (David.J.Ferbrache) writes: }Responses by email please, I will summarise any relevant information which }is not of a sensitive nature for posting to the machine group. ^^^^^^^^^^^^^^^^^^^^^^^^^ [...] }[...] although I appreciate the reticence shown }by infected parties to disseminate any details of virus operation, on the }basis that it could lead to development of further viruses. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ [...] }The technical report is part of a Doctoral research thesis in computer }security, and will be available in late May. Distribution of the technical ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ }report will be restricted to people who have a legitimate interest ^^^^^^^^^^^^^^^^^^^^^^^^^ }(ie systems managers, commercial concerns, research), as I expect to }review the techniques exploited by viruses in a fair degree of detail at }the BIOS/DOS interface level. [...] }------------------------------------------------------------------------------- }Dave Ferbrache Personal mail to: }Dept of computer science Internet }Heriot-Watt University Janet }79 Grassmarket UUCP ..!mcvax!hwcs!davidf }Edinburgh, Scotland Tel: (UK) 31-25-6465 ext 553 }------------------------------------------------------------------------------- Is no one else offended by this? The key to exterminating these bugs, worms, viruses, whatever, lies not in hiding the facts. The answer is knowledge. Even the US government has realized that secrecy is by no means equivalent to security. Witness the NBS's DES (National Bureau of Standards' Data Encryption Standard). The essence of its security lies not in the fact that the encoding scheme is some (hard-to-maintain) secret, but rather in the fact that a clever way has been found to take advantage of what is today a known computationally "difficult" problem. How can anyone expect to ever surmount these difficulties by hiding them? And this from an academic institution! I dread to think just how wide-spread this plague would be if everyone tried to hush it up. Regardless of how well-intentioned the author may be, I am appalled at his methods. If the computing community ever hopes to deal effectively with this problem, we must first understand it. Mr. Ferbrache, perhaps you have already been through this discussion within your own group. If so, could you tell us why you chose to make this project secretive? I don't consider "knowledge is dangerous" a suitable reason. -- Jim Wright jwright@atanasoff.cs.iastate.edu