home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.org.eff.talk
- Path: sparky!uunet!gatech!emory!nastar!phardie
- From: phardie@nastar.uucp (Pete Hardie)
- Subject: Re: Beneficial Virus?
- Message-ID: <1993Jan8.152210.29106@nastar.uucp>
- Organization: Digital Transmission Systems, Duluth, GA.
- References: <19348@mindlink.bc.ca>
- Date: Fri, 8 Jan 1993 15:22:10 GMT
- Lines: 28
-
- In article <19348@mindlink.bc.ca> Clayten_Hamacher@mindlink.bc.ca (Clayten Hamacher) writes:
- >>But if the environment requires virus-free code, ANY infected program is not
- >>acceptable. Just because the pop-up message says "I'm just a decompression
- >
- >Then you shouldn't use any program that is over a month old.. Someone could
- >have written a trojan into it. But then you can't trust new programs because
- >they might be trojans... Hmmm, hire in-house programmers to make ALL your
- >s/w.
-
- Although this isn't the group for a security discussion.....
-
- You can compare an executable (for non-changing code) against a known clean
- copy, to check for infection after the clean copy date.
-
- >P.S. if someone was going to write a virus they wouldn't have it say "Hi, i'm
- >nice, trust me", they'd have it secretly infect..
-
- But that's just what the BCV does, in one description. It prompts the user
- for an action (suicide, install marker file, etc). If the BCV existed,
- how long do you think it would be before someone wrote a copy-cat virus
- that looked for the same marker file, performed the same compression, and
- at some later date, wiped the disk clean?
-
- --
- Pete Hardie: phardie@nastar (voice) (404) 497-0101
- Digital Transmission Systems, Inc., Duluth GA
- Member, DTS Dart Team | cat * | egrep -v "signature virus|infection"
- Position: Goalie |
-
