home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!uunet.ca!geac!zooid!ron
- From: ron@zooid.guild.org (Secret Mud)
- Newsgroups: comp.org.eff.talk
- Subject: Re: Virus design
- Message-ID: <725697409.25346@zooid.guild.org>
- Date: 30 Dec 92 06:36:49 GMT
- Lines: 35
-
- From: rat@ruth.UUCP (David Douthitt)
- >betsys@cs.umb.edu (Elizabeth Schwartz) writes:
- >| I'm not psychic; if a program shows up on my system, unannounced,
- >| and says "Hi! Sorry I cracked su on your machine, but I'm a GOOD virus
- >| so don't mind ME" I'm not gonna waste time trying to guess if it is
- >| lying :-)
- >
- >What about a virus that showed up on your system, and said "Hi! I used
- >security hole x, but I fixed it!" Imagine what would have happened
- >(with appropriate warnings and so on) if a virus was written (very similar
- >to what rtm did), but instead it closed up the security holes that rtm
- >eventually used.
- >
- >Those holes are the perfect example - after all, they *HAD* been fixed
- >as I understand it, but many people did not update their software to
- >fix them. See what happens when you leave it up to the admins?
- >
-
- As soon as a virus/worm/trojan announced that, I would flush the system, and
- rebuild from the backups. Then I would check and fix the hole myself. Then I
- would try and track down the writer, and charge him for my time to do the
- rebuild.
-
- Sorry, but I don't trust uninvited software to break into my system and make
- fixes. Heck, I don't trust my *own* code to do that sort of thing without
- testing, checking and a backup to restore from.
-
- Vigilante patching is no more beneficial than outlaw cracking. People need to
- abandon the idea of beneficial viruses before someone gets hurt, and someone
- else gets sued because of it.
-
- Any software trying to kick my door down is going to get shotgunned, no matter
- what its motives are.
-
- - Ron Sharp.
-
