Xref: utzoo comp.sys.atari.st:14765 comp.sys.apple:11194 comp.sys.mac:28705 comp.sys.ibm.pc:26309 Path: utzoo!utgpu!utstat!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!quanta.eng.ohio-state.edu!baloo.eng.ohio-state.edu!rob From: rob@baloo.eng.ohio-state.edu (Rob Carriere) Newsgroups: comp.sys.atari.st,comp.sys.apple,comp.sys.mac,comp.sys.ibm.pc Subject: Re: Virus 101: Chapter 3 Message-ID: <1757@quanta.eng.ohio-state.edu> Date: 19 Mar 89 03:58:38 GMT References: <4035@ttidca.TTI.COM> <11179@ut-emx.UUCP> <7494@boulder.Colorado.EDU> Sender: news@quanta.eng.ohio-state.edu Reply-To: rob@baloo.eng.ohio-state.edu (Rob Carriere) Organization: Ohio State Univ, College of Engineering Lines: 35 In article <7494@boulder.Colorado.EDU> fozzard@boulder.Colorado.EDU (Richard Fozzard) writes: >Should we censor [virus 101]? > >What does the net think? I have no idea what the net thinks, but here's my opinion. There are three groups to consider here: 1) The intended audience, people who want to be informed and have no desire to write viri themselves. Obviously no problem with this group. 2) The true hacker. They either already know this information, or they know where to find it. Again no problem, as these postings aren't helping them. 3) The casual would-be hacker who's just been inspired into trying. Group three seems to be a problem until you compare what has been said with what you will have to do to get a working virus. You will need a thorough knowledge of the machine, system calls and assembler to do all this, even with the ``blueprints'' at hand. The recreational programmer is simply not up to this, and again, people who already knew enough do not need these postings. The moment you look at the description of the bootsector, it is obvious that you can stick a virus there; on the other hand, if you have never looked at the bootsector, then somebody telling you it can be done isn't going help you very much, you'll still need to study all the relevant material. I *would* strongly object to spreading virus source code, because that *can* be used by low-level amateurs. SR