VIRUS-L Digest             Tuesday, 22 Nov 1988         Volume 1 : Issue 18

Today's Topics:
RE: Hardware Damage
Gordon Meyer address (Re: Hacker paper.)
Morris and penalties.
CSI proceedings
ethics of a worm
PC Viruses doing hardware damage
Computer crime legislation.
Re: KillVirus INIT
whose estimate is that?

---------------------------------------------------------------------------

Date:     Tue, 22 Nov 88 09:23 EST
From:     "SysOp: HelpLine BBS (703) 269-4802" <STU_CWHITES@JMUVAX1>
Subject:  RE: Hardware Damage

In response to the queries on hardware damage...

I have beeen working on a research paper recently on the topic of
Hacker/Phreaker Bulletin Boards. In the course of that research I
came across a BB that features a Virus/Trojan Message Area.  One of
the hot topics in that message base is damaging hardware through Virus
and Trojan Programs.  Among the methods included in the discussion is
yanking the read/write heads from one edge to the other.  I am
certainly NOT a hardware person, but this does seem to be a method
that would at least cause some severe wear and tear to a disk.

                                               Chip Whiteside

------------------------------

Date: Tue, 22 Nov 88 09:24:14 est
From: [email protected]
Subject: Gordon Meyer address (Re: Hacker paper.)

I can't seem to get through to Gordon on the address he gave.  HELP!

        Pat Reedy
        [email protected]

[Ed. A couple people have had the same problem; try
<[email protected]> - that's the address that he's registered as on
the VIRUS-L distribution.]

------------------------------

Date:         Tue, 22 Nov 88 09:34:47 EST
From:         "Homer W. Smith" <CTM@CORNELLC>
Subject:      Morris and penalties.

    As for nailing Morris to the wall, I would just like to point out
that he did not RUIN anyones life, so we should not RUIN his.  In fact
we should give him the opportunity to help us prevent such occurances
in the future and thus make amends to us and justify his existance to
the rest of the world.  I am sure he would be willing and successfull
on all accounts.
    As for punishing him as an EXAMPLE to others who would be so
foolish, this is inhumane and unenlightened, although one can well
understand the anger felt by those who had to clean up after his mess.
    I vote for mercy with amends and community service.

Homer Wilson Smith

------------------------------

Date:    Tue, 22 Nov 88 09:32 CST
From:    Ken  De Cruyenaere <KDC@UOFMCC> 204-474-8340
In reply to:      U030009@HNYKUN11
Subject: CSI proceedings

There are no proceedings, as such, that I am aware of.  The conference
was made up of workshops and general sessions as well as an exhibition
("world's largest") of security products.  The sessions and workshops
usually provided some "handout" material, to those who attended.

Some of the sessions were worthwhile, others not.  The exhibition was
certainly very interesting as well.  The main benefit I get from the
conference is the chance to meet with others interested in computer
security.  The handout material on its own would not be necessarily be
of great value but you can try contacting CSI:

Computer Security Institute - 360 Church St.
Northborough, Massachusetts, 01532 - USA
(508-393-2600)
Ken D.  (University of Manitoba)

------------------------------

Date:         Tue, 22 Nov 88 09:48:37 EST
From:         James Mathiesen <[email protected]>
Subject:      ethics of a worm

I've been hearing a lot of people making noises like they'd enjoy
seeing Mr. Morris strung up on a tree.  Frankly, I don't see what
everyone's problem is.  He didn't write a virus, he wrote a worm.  It
doesn't destroy data or attach itself to programs or depend on user
stupidity and ignorance.  Instead he depended on programmer stupidity
and ignorance.  Big difference.

I think this is why everyone is so hostile.  He rubbed a lot of
peoples' faces in the fact that their 'secure' systems were full of
holes.  Big deal.  I already knew that.  Frankly if their 'security'
depended on people's ignorance (not knowing how to exploit bugs in
fingerd and sendmail) they deserved to have their faces rubbed in it,
and have no right to get annoyed.  They should just swallow their
pride, patch their holes, and chill.  Maybe now they'll actually work
toward protecting their system.

The only secure system is one which does not depend on the ignorance
of the person trying to break in.  You should always assume that the
'enemy' you protect against has access to the full source of your
system.  If this is a 'security risk' then you don't have security.

Frankly, I don't think there was any security for Mr. Morris to break.
And I don't enjoy watching people try to crucify someone for showing
them that their ivory towers are top heavy.  If it wasn't secure
against Mr. Morris, it wasn't secure against anyone else.  Pretending
otherwise is stupid.  You should all thank him for not randomizing
every 100,000th byte of your file system.

Actually, no, he shouldn't be praised.  He doesn't deserve to be.  But
neither does he deserve to be condemned.  I think his act was
basically neutral -- one with both good and bad consequences, none of
which were extra-ordinary.

                                     -- james

p.s. no I don't necessarily recommend that he become a security
 consultant, not unless he has some better background in building
 rather than breaking security.

Disclaimer:  I don't know what my employer's opinions are.

Please direct personal flames to my personal account, and I'll return
the favor.

------------------------------

Date: Tue, 22 Nov 88 10:58:41 EST
From: Mark W. Eichin <[email protected]>
Subject: PC Viruses doing hardware damage

There was a trick, common to both the IBM PC and the Tandy Model 2,
which use the same video control chip (Motorola 6xxx, I forget which)
that could make them literally `go up in smoke'. The chip had
registers to control the screen refresh rate, and you could set them
to really bizarre values.

I have heard two versions of this:
   1) you could set the values really high, and burn out the CRT
   2) you could set them to zero, and since the switching power
supply was driven by the same oscillator (cheaper that way :-) it
would burn up/melt/whatever due to excessive DC current.

Either would probably correspond to stories I've heard of PC's
`blowing up' this way... I have never heard of a virus doing it,
though. I have heard of legitimate program bugs, or hardware failures,
causing the same thing... or at least, they *seemed* legitimate... :-)

               Mark Eichin
           <[email protected]>
       SIPB Member & Project Athena ``Watchmaker''

------------------------------

Date:     Tue, 22 Nov 88 12:41 EST
From:     Ain't no livin' in a Perfect World. <KUMMER@XAVIER>
Subject:  Computer crime legislation.

    Upon reading the the comments that tough legislation against
viruses would result in harder to find viruses, I began to think
that the viruses out now are already hard to find.  Besides, it
will keep people who don`t know how to hide them from writing them
and putting them out there.  Anyway, without the legislation
we'll have all those annoying viruses plus the harmful ones too.
At least we'll get rid of the really annoying ones that don't cause
damage.

  Tom Kummer.

------------------------------

Date:         Tue, 22 Nov 88 13:42:17 EST
From:         Joe McMahon <XRJDM@SCFVM>
Subject:      Re: KillVirus INIT
To:           Roberta Russell <PRUSSELL@OBERLIN>,
             Virus Discussion List <VIRUS-L@LEHIIBM1>
In-Reply-To:  Your message of Tue, 22 Nov 88 09:41 EDT

>Just saw your notice this morning on the VIRUS-L discussion.  I was
>mightily confused when you said you did not have a copy of KillVirus, as
>I downloaded it from the server at SCFVM last week.  Is this some other
>program?

No, *I* was confused last week -- I had mixed up the KillVirus INIT
with the MacTutor INIT (also in there). I guess this is one for the
"duuuuuuh" file. Sorry if I confused anyone else. I have now added the
KillVirus INIT to the HyperCard stack (V1.7 now) and will be putting
it up in the next day or so. KillVirus is now my recommended method of
dealing with nVIR.

- --- Joe M.

------------------------------

Date:     Tue, 22 Nov 88 15:06:14 EST
From:     Jefferson Ogata (me!) <OGATA@UMDD>
Subject:  whose estimate is that?

The $20 million estimate I heard from a friend who works at Goddard
(NASA).  I'm not sure where he got it (might've been TV).  The work
estimates I've heard are all in the tens of thousands of man-hours,
and that didn't include time spent later on reconstructing the source
code from .o files and tracking down the actual writer of the code.
The $20 million seems more reasonable every time I look at it.
There's more to come as well, as the FBI spends tremendous amounts of
dough collecting evidence against Morris, and lots of rich lawyers
prepare for the case, which might set a major precedent.

- - Jeff Ogata

[Ed. Thanks for clearing that up, Jeff.  I was just curious where the
value was coming from.]

------------------------------

End of VIRUS-L Digest
*********************
Downloaded From P-80 International Information Systems 304-744-2253

You are viewing proxied material from infinitelyremote.com. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.