|
Alert on a trojan
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
This file is being posted as received from our MINI system msg center
as follows : (Hal Posey, Sysop, Eagle's Nest, 614-875-1360)
From: [email protected] (M S Slomin)
Newsgroups: comp.sys.ibm.pc
Subject: Unbelievable Trojan -- BEWARE!!!
Keywords: Trojan
Message-ID: <[email protected]>
Date: 29 Sep 87 13:42:40 GMT
Distribution: usa
Organization: Bell Communications Research
Lines: 131
I received the following recently from a local BBS. The legal
conclusions in it seem a bit shaky. Nevertheless, it is
reproduced below in its entirety. It seemed worth publicizing.
-={ TROJAN PROGRAM ALERT }=-
The following has been posted on GEnie, "General Electric
Network for Information Exchange," Paragon, and the IBM
Roundtable BBS. It is a special alert notice! It seems that
SOFTGUARD may be distributing a TROJAN "unprotect" program to
erase disks and bolster their "shrinking" copy protection
business.
86Sep19 02:15pm from Andy Meyer
86Sep18 02:46pm from Ted Mozer @ Brick
**** DANGER !!!! Data Destroying Program !!!
The File called SUG.ARC (or SUG.COM) is purported to be an
unprotect for Softgard. It is, in reality, a real Worm of the
worst magnitude! This little Gem will ask you to put your
ORIGINAL Softgard protected disk in the drive, and then BAM!! it
displays this message:
"You have violated the license agreement under which you
received the software. All your data has been destroyed. This
destruction constitutes prima facia evidence of your criminal
violation. If you attempt to challenge Softguard Systems, Inc. or
the software vendor in court, you will be vigorously counter-sued
for infringement and theft of services; we believe that our case
will have more merit to it than yours. If you have any questions
con- cerning this matter, you are invited to contact our lawyers
at the following address:
Softguard Systems Incorporated [address and
telephone number given].
We'll be happy to explain to you the precarious legal
position you're in. We wish you good luck in restoring your
software from backups and we hope that in the future you'll act
more like an honest user and less like a thief.
Happy Computing."
... AND IT IS SERIOUS!!
It will look for drives A: & B: and, get this, a Drive C: or
better!! In other words, it will wipe out the FAT on your hard
disk too, just to "teach you a lesson". Attorneys are presently
looking into what can be done to stick this up the lower
abdominal region of the person or persons responsible for its
existence.
.. IF YOU HAVE IT, GET RID OF IT !!!
Interesting? Here's one from the the Atlanta PC User's Group
BBS, home of the Lone Victor:
Date: 09-03-86 (17:14) Number: 3265 To: LONE VICTOR
Refer#: NONE From: BILL MOSS Recv'd: YES Subj: SUG.ARC Sec'ty:
PUBLIC MESSAGE
Please take a look at SUG.ARC which purports to unprotect
Softguard, but destroys the diskette by erasing all files but not
the FAT. It appears to be in retaliation for your work. More than
ever we need your help with SOFTGUARD 3.00. The lecture that goes
along with SUG.ARC is too much!!!
Assuming that Sofguard really did create this file, I have
the following comments.
First, Softguard's battle (battle? you might prefer to call
it terrorism) against protection busters is almost moot, for most
major software publishers have dropped the idea of copy-
protection altogether. Perhaps this very fact has put Softguard's
management in a mood bad enough to lash out thus.
Second, Softguard's legal position seems quite shakey to me.
Last year Vault corporation announced a software protection
scheme that would, if it detected a fradulent effort to copy the
software, make "Vietnam look like a birthday party" (or some such
thing) by planting a worm that would slowly but surely destroy
the user's files. When Vault announced its worm-based copy-
protection scheme, many knowledgeable people expressed the
opinion that Vault was likely to be liable for damages if people
lost valuable data because of the scheme. What Softguard seems to
be doing is definitely more vicious. Add together a probably
unenforcible license agreement (to which Softguard isn't even a
party as far as the user is concerned) and clear evidence of a
vicious attempt to destroy the user's data, and you have a pretty
good case against SUG.ARC's creator. In fact, you could very
easily create a test case by (a) taking a legally-purchased copy
of Softguard-protected software; (b) unpacking it without ever
reading the "license agreement" in a state other than the handful
(such as Lousiana and Illinois) that attempt to make such
agreements enforcible; © having some valuable software on your
hard disk, (d) "accidentally" destroying any backup copy already
provided, and (e) trying to make a backup copy of the original
with the help of SUG.ARC. It would be interesting to see what
would happen if you then sued Softguard for damages. Interesting,
but not very surprising.
I think therefore that the Softguard folks (if SUG.ARC
did indeed originate from them) are relying on the individual not
having the financial resources to sue them or to withstand a long
legal battle if they sue him. It's therefore a strategy of
intimidation.
(As an aside: That such a strategy of intimidation could
be a viable one demonstrates a major flaw in this legal system.
Justice costs a lot, sometimes so much that one can't afford it.
There are several reasons for this, all avoidable, but none
appropriate for discussion in this RT or under this topic.)
How do users fight back?
Perhaps we won't have to. It may be enough that the
presence of this dangerous file be made widely known.
Possibly as a result of the public outcry that followed
its announcement of the worm scheme, Vault went into Chapter 11
bankruptcy -- poetic justice, I think. This left Softguard with a
near-monopoly on the software protection business in the IBM PC
world.
If the SUG.ARC file is indeed Softguard's creation, then
it seems to me they are following Vault down the Yellow Brick
Road (or is it the garden path?) -- and I look forward to more
poetic justice when the public outcry occurs again.
|
|
