|
|
 |
|
|
|
register |
bbs |
search |
rss |
faq |
about
|
|
|
meet up |
add to del.icio.us |
digg it
|
|
|
|
Virus- L Digest, Vol 1, Issue 53
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
From: Kenneth R. van Wyk (The Moderator) <[email protected]>
Errors-To: [email protected]
To: [email protected]
BCC: [email protected]
Subject: VIRUS-L Digest V1 #53
Reply-to: [email protected]
--text follows this line--
VIRUS-L Digest Tuesday, 20 Dec 1988 Volume 1 : Issue 53
Today's Topics:
Viruses in Commercial Software; Write-Tabs
Thwarting the Brain... (PC)
Cold boot vs. warm boot... (PC)
Virus file and the nets
---------------------------------------------------------------------------
Date: Mon, 19 Dec 88 18:19:42 EST
From: Steve <[email protected]>
Subject: Viruses in Commercial Software; Write-Tabs
In regard to Homer Smith's letter about his risks from unintentional
virus contamination of the commercial disks he produces:
1) Disks containing only source code are *not* absolutely safe, but
they would be much safer, in my opinion, if carefully examined. There
is nothing to prevent a virus or some such thing from writing hidden
files or storing things in "bad" sectors where the average person
doing a DIR wouldn't see them. Furthermore, a virus could write the
essential part of itself onto the boot sector (like brain does) and
wait for someone to boot their system with the disk in place, at which
time it could become active.
2) I would recommend that you periodically examine your disks for
known viruses (like looking at the boot sector with Norton utilities
or the like) and running detection programs for known viruses. It
should not be necessary to examine every single disk --- only a small
representative sample, assuming that potential viruses will always
infect a disk if presented (except that one can imagine a virus that
only attacks on Tuesdays). For example, periodically inspect some of
the most recent disks and also whenever you have introduced something
from outside your system (e.g. a new program or somebody else's disk).
If you don't have the time or perhaps expertise, I would think it
would be well worth your while to get someone to do it for you (at
least find out which programs you should be using to look for
viruses). Does anybody know of anyone who specializes in examining
other people's disks for viruses (like for $)?
3) If you keep the system used to produce your product well
isolated, then your risks should be lessened considerably.
4) Maybe consulting a lawyer would help, but couldn't you state in
the fine print in the literature distributed with your disks that you
have taken great pains to isolate your system (and product) from
potential sources of viral contamination, and that you regularly check
your system and disks for common, known viruses... BUT (here comes
the disclaimer) you assume no responsibility for anything harmful that
might be on any of your disks, and that the buyer in buying the
product acknowledges this and uses it at his own risk? That is, you
state that you have taken every reasonable measure to protect the
consumer, but for legal reasons wash your hands of any liability --- a
licensing agreement.
5) About a virus writing on a disk inspite of a write-protect tab,
I don't believe it. I think there must be a misunderstanding
somewhere. I suppose the details of enforcing a write-lock vary, but
they all rely on hardware that disables the write-mode of the disk
drive. There is no way software can circumvent this protection,
unless your drive is defective and the write-lock-tab feature isn't
working properly.
Steven C. Woronick | Disclaimer: I'm just a physicist. These are
Physics Dept. | entirely my own opinions and not necessarily
SUNY | anybody else's and may not even be right...
Stony Brook, NY 11794 |
Acknowledge-To: <XRAYSROK@SBCCVM>
------------------------------
Date: Mon, 19 Dec 88 17:43 EST
From: <[email protected]>
Subject: Thwarting the Brain... (PC)
Reading all the comments about the brain virus one thing becomes
clear: It can be detected because it announces itself in the Boot
record with messages like "Welcome to the dungeon", "BRAIN COMPUTER
SERVICES" etc etc etc... I can't help but wonder what would happen if
some wily person decided to create his or her own strain with
absolutely no messages (including not modifying the volume label). I
shudder even as I write this. Could detection be that easy then
atleast for lay persons like me. Most of the preventive measures that
I've read so far say something like "Use a disk editor like Norton
Utilities and examine the Boot record. If you see a message saying
Brain etc etc, then your disk is infected" What if there were no
messages. I c wouldn't know the difference between the boot record of
an uninfected disk and that of an infected disk.(of late I've been
peering into the boot record of every 5.25" floppy I own ! Thats how
paranoid I've become) . What's a possible solution. Pre formatted
floppy disks of two kinds (bootable and non bootable) where only the
manufacturer does any work with the boot record. (Vendors are already
sellin g pre formatted disks so thats not so absurd, is it?) A
special material for the boot record which can cause it to be read but
not written to, except by special devices which only manufacturers
will own. This may seem off the wall right now but I think we all
need to think of some solution to this "modification of boot record"
business, especially because most programs can't treat it like a
normal file and hence can't check for any changes to the boot record.
(I'm referring to programs like flushot and checkup which can be made
to check files for changes since the last run). Any
comments/additions to the theme?
Mathew Mathai
Virginia Tech
bitnet : MATHAIMT@VTCC1
------------------------------
Date: 19 December 1988 21:22:30 CST
From: "Michael J. Steiner " <[email protected]>
Subject: Cold boot vs. warm boot... (PC)
How can a virus stay "effective" after a warm boot? Aren't both kinds of
boots the same? (Evidently, there must be differences; what are they?)
Michael Steiner
Email: [email protected]
------------------------------
Date: Mon, 19 Dec 88 22:38:24 PST
From: Robert Slade <[email protected]>
Subject: Virus file and the nets
I am being flooded with requests for the files, so you may get delayed
responses.
You may also get no responses. For some reason, many messages get through to
me, but the return path won't work. Sorry about that. Not much I can do.
[email protected] - he changed his name to "Silver Donald
Cameron. What disks do you use? $15-20.
------------------------------
End of VIRUS-L Digest
*********************
|
|
|
To the best of our knowledge, the text on this page may be freely reproduced and distributed.
If you have any questions about this, please check out our Copyright Policy.
totse.com certificate signatures
|
|
|
About | Advertise | Bad Ideas | Community | Contact Us | Copyright Policy | Drugs | Ego | Erotica
FAQ | Fringe | Link to totse.com | Search | Society | Submissions | Technology
|
|
|
|
|
|
|
TSHIRT HELL T-SHIRTS
|
