Path: utzoo!attcan!uunet!ncrlnk!ncr-sd!hp-sdd!hplabs!ucbvax!UIAMVS.BITNET!AWCTTYPA From: AWCTTYPA@UIAMVS.BITNET ("David A. Lyons") Newsgroups: comp.sys.apple Subject: virus info should not be supressed Message-ID: <8903022303.aa13084@SMOKE.BRL.MIL> Date: 3 Mar 89 04:42:09 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 50 X-Unparsable-Date: Thursday 02 Mar 89 10:02 PM CT >Date: Sat, 25 Feb 89 16:16:08 PST >From: Carl Macdonald >Subject: Viruses > >I've noticed a lot of talk on the net lately about viruses and >concern over suppressing information about how they work. This is a >very l[e]gitamate concern, however, a virus program is one of the >easiest pieceses of software to write, and really doesn't involve >much sophistication. > >Carl MacDonald, programmer >Central Point Software Information about how viruses work should not be surpressed, period. There was an excellent piece about this in the RISKS Digest a few months ago, consisting mainly of a quote from a 19th-century (I think) document about whether information about locks (door locks, etc) should be surpressed. The answers are the same: people who want to pick locks or write viruses can get the information in any case, and most likely they have had it for a long time. On the other hand, the potential victims (people who could have their houses broken into or their data destroyed) need to know what risks are involved in trusting their locks or their computer software. Now, I don't advocate that source code for viruses be posted, but explanations of how viruses (in general and in particular) work _should_ be. The same goes for virus _detectors_. If users don't understand how viruses spread and how virus detectors attempt to stop them, how can we expect the general public to see viruses as anything but completely mysterious, random things to be paranoid about? Whenever the smallest thing goes wrong these days, people start yelling "Virus!" People needlessly waste time downloading programs to floppies when they might as well download to a hard drive (copying it to a floppy later and _running_ it with the hard drive turned off is all that's necessary if you don't trust a piece of software you've downloaded). > UUCP: crash!pnet01!pro-freedom!cdm > ProLine: cdm@pro-freedom > ARPANet: crash!pnet01!pro-freedom!cdm@nosc.mil >InterNet: cdm@pro-freedom.cts.com --David A. Lyons bitnet: awcttypa@uiamvs DAL Systems CompuServe: 72177,3233 P.O. Box 287 GEnie mail: D.LYONS2 North Liberty, IA 52317 AppleLinkPE: Dave Lyons