Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!rutgers!netnews.upenn.edu!vax1.cc.lehigh.edu!sei.cmu.edu!krvw
From: tech@EASBY.DURHAM.AC.UK (Technician)
Newsgroups: comp.virus
Subject: Re: Security and Internet Worms (Source Code)
Message-ID: <0003.9002011922.AA24486@ge.sei.cmu.edu>
Date: 31 Jan 90 10:10:20 GMT
Sender: Virus Discussion List <VIRUS-L@IBM1.CC.Lehigh.EDU>
Lines: 22
Approved: krvw@sei.cmu.edu

Having read the following:
>Yes, I believe that viral source code ought to be distributed and
>studied-but under controlled conditions.  The universities offer the
>best hope of such a controlled setting.

I for one would not reccomend this site (and I strongly suspect the
majority of other campus type sites) as a recipient or study site for
virus/worm/Trojan, or what ever comes next, sources.

Security tends to be very lax, as neither the time, money or inclination
is available to change this.

I would suggest a limited number of 'bonded sites' who do take
security seriously (which may well include many Universities)
act as co-ordinators, with the possiblilty of farming out
single problems to trusted users at less secure sites.

/ All opinions expressed here are mine and mine alone, licences
  are available for those who wish to use them.                 /

Jim Cottrell, Software Technician,
Computer Science, University of Dumham.