Path: utzoo!utgpu!jarvis.csri.toronto.edu!clyde.concordia.ca!uunet!samsung!usc!apple!rutgers!netnews.upenn.edu!vax1.cc.lehigh.edu!sei.cmu.edu!krvw
From: Nagle@cup.portal.com
Newsgroups: comp.virus
Subject: Re: Virus Trends
Message-ID: <0013.9001021304.AA00688@ge.sei.cmu.edu>
Date: 26 Dec 89 03:45:47 GMT
Sender: Virus Discussion List <VIRUS-L@IBM1.CC.Lehigh.EDU>
Lines: 33
Approved: krvw@sei.cmu.edu


     Back in the 1970s, when I was working on secure operating systems,
I never dreamed that the day would come when there would be twenty five
million computers in the world running without memory protection.

     And it's going to get worse.  New and interesting programmatic objects
are coming into being.  Attacks need not be through object programs.
Already, there have been attacks via mail, and via text files editable by
GNU EMACS.  But this is just the beginning.

     - PostScript is a programming language.  Trojan horses could be
       embedded in PostScript files.  While attacking a printer isn't
       all that productive, Display PostScript offers more tempting
       targets.

     - A FAX message is a bitstream interpreted by an interpreter at
       the receving end.  Could it be induced to do something interesting
       through the use of illegal bit patterns?  Group III is probably too
       simple to be attacked, but group IV?  Imagine a message which
       causes a FAX machine to send an extra copy of transmitted documents
       to another location.

     - Network transmittable C++ objects are being developed.  Security
       doesn't seem to be mentioned.  This has promise.

     - Multi-media electronic mail offers new avenues of attack.

The basic problem is that the transmission of programmatic objects is
on the increase, and anything interpreted at the receiving end is
potentially a means of attack.  I predict that this will grow to a
moderately serious problem in the 1990s.

					John Nagle