home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.org.eff.talk
- Path: sparky!uunet!psinntp!panix!rpowers
- From: rpowers@panix.com (Richard Powers)
- Subject: Re: Beneficial Virus?
- Message-ID: <C0psLo.KLx@panix.com>
- Organization: PANIX Public Access Unix, NYC
- References: <C0IDMu.By5@panix.com> <1993Jan8.151721.29014@nastar.uucp> <C0Ky6z.HsB@panix.com> <1993Jan11.163720.6604@nastar.uucp>
- Date: Tue, 12 Jan 1993 00:12:59 GMT
- Lines: 108
-
- In <1993Jan11.163720.6604@nastar.uucp> phardie@nastar.uucp (Pete Hardie) writes:
- >In article <C0Ky6z.HsB@panix.com> rpowers@panix.com (Richard Powers) writes:
-
- >Certainly, if the sysadmin was the installer. But if Mary User was
- >the installer, and Joe Public gets his files compressed, and can't uncompress
- >them, or is concerned when the "Warning: VIRUSOK.MK not found. Install?"
- >message appears on his home machine when a copied executable is run, how
- >does the info get to Joe?
-
- The BCV would need to use _some_ method to search for files to infect.
- It would be trivial to restrict this to searching only what belongs to
- the user who placed it on the multi-user system.
-
- I don't really see the BCV as being usefull to an individual user on a
- multi-user system. Users usually don't own their own executables, for
- one thing.
-
- >>You can't have it both ways! If it *IS* *totally* transparent, (AS
- >>TRANSPARENT AS A DEVICE DRIVER), then there is no reason for the users
- >>to know of its existence. If there _are_, on the other hand, things
- >>the user should be aware of, then the sysadmin should make the user
- >>aware!
-
- >Yes, *should*; not *WILL*.
-
- >Since the BCV only takes effect on execution, I can copy a file that is
- >compressed to another machine. A device driver would uncompress during
- >the copy off the hard drive, and not on the write to floppy (or perhaps it
- >would re-compress....)
-
- >Again, if we are talking about use on one system, the BCV is not a problem
- >for the installer, and almost never a problem for anyone else.
-
- Exactly! These *are* the circumstances which I had in mind when
- proposing this.
-
- >Once we are
- >discussing 2+ machines, it *can become* a problem for the other users, since
- >they suddenly find a section of code *that they did not write* residing in
- >their executables, and asking them questions about a file *they may know
- >nothing about*.
-
- But I contend that all that is necessary is for the BCV to be used
- responsibly. The design should make it easier for this to be so (the
- marker file, etc.), and minimize any problems that could occur.
-
- >>>How will I know, if I arrive after the installation
- >>>of the BCV, that it is in place?
-
- >>See above.
-
- >I'm not clear on this. If the marker file is present, and I do not have
- >any executables from before, how do I know?
-
- You are talking about a multi-user system in this case, yes? "See
- above." Refers to my discussion of the sysadmins responsibility to
- inform his/her users of the presence of the BCV.
-
- >>>No. I meant that Joe User could install the virus and marker file on the
- >>>multi-user system run by Mary Sysadmin.
- >>
- >>But so what if he did? If Joe User can write to anything other than
- >>his own files, then Mary Sysadmin has more problems than someone
- >>trying to compress executable files! If he can't, then what is the
- >>problem?
-
- >You are assuming that every user can (and should) have all his/her files
- >locked up tighter than a drum, on a multi-user system. The first is possible,
- >but the second is debatable.
-
- But the BCV could (and should) be made to restrict itself to the
- owning users files.
-
- >>>That's the problem with a beneficial virus - we don't all agree that
- >>>X action is always beneficial.
- >>
- >>Aaaaargh! It is irrelevant! The only characteristic which a virus
- >>exhibits that makes it different from other programs is
- >>self-replication. If everything else is equal, why should this factor
- >>make the program suddenly evil?
-
- >You miss my point. That the BCV is a virus (or could be one), is not the
- >issue - the issue is "Is it *beneficial*?" Since it is a virus, is will
- >infect other files (and systems) without the owner's knowledge, and they
- >may not agree that the compression is a benefit. They might consider it
- >a harmful act.
-
- No, I understand what you are saying. I still don't think _you_ get
- my point. Just because the program exhibits behavior that is right
- now exclusively(?) used by programs which exist only as a nuisance (at
- best), or are actually dangerous, does not mean that this should
- reflect on _every_ program which has _some_ similar characteristics.
- The particular methods any program uses can be debated for and
- against. (Is it a bug or is it a feature?) What I'm saying is that
- the characteristics which we say typify(sp?) as virus charecteristics
- do _not_ prohibit a program from being beneficial.
-
- >It is the assumption that you (or the virus writer) know better than I what
- >is beneficial to my system/files that is the problem.
-
- I don't understand why you think anyone is assuming this. This is no
- more the case with the virus writer (beneficial type) than with any
- other programmer whose programs are used on systems other than his
- own.
- --
- ) ) I am more than this... ) )
- ) rpowers@panix.com ) ) Apathy... )
- ) ) Continue...? ) )
-