VIRUS-L Digest             Tuesday, 30 May 1989        Volume 2 : Issue 122

Today's Topics:
comp.virus gets undigestified
Mac II virus?
re: Virus writing - crime?
Computer Law (long)
New Virus for the PC
Dirty Dozen update

---------------------------------------------------------------------------

Date:    Tue, 30 May 89 11:40:26 EDT
From:    [email protected] (Kenneth R. van Wyk)
Subject: comp.virus gets undigestified

Comp.virus readers will be happy to see that the VIRUS-L digests are
now being undigestified as they get spooled to the usenet newsgroup
comp.virus.  Hopefully, this will make things easier for news users.

It also makes the subject line even more important than before, so I'd
like to request everyone's assistance in using informative subject
lines.  Without a good subject line, your message is more likely to be
ignored - particularly by people reading comp.virus.

Thanks,

Ken

------------------------------

Date:    Tue, 30 May 89 08:34:30 PDT
From:    [email protected] (Lewis M. Gutman)
Subject: Mac II virus?

I'm not sure I'm having a virus problem, but I wanted to check if
anyone has had similar experiences.

After attending a virus seminar, I went back and checked my Mac II,
and noticed that the System file had been modified earlier that day.
I ran Interferon 3.1 and it showed a virus type 003 in my TOPS file.
The Interferon documentation says that virus type 003 is the "SNEAKS"
virus, and that this virus affects the INITs in the System folder.
There are only 6 INITs in my System folder, one for each of the three
TOPS files: TOPS, SOFTTALK, and SPOOL.  EasyAccess has three INITs.  I
ran ResEdit over all the INITs and couldn't find any strings like
"Evil Wizard," or anything else overtly suspicious.

Another symptom: I've been running Gatekeeper in Notify Only mode for
the past month, and whenever I bring up the machine, it gives warnings
for SPOOL and TOPS. I've ignored those messages, thinking that TOPS
(and SPOOL) were just performing some misinterpretted, but legal
operation.

Anyone having similar experiences?  Am I infected?

Thanks.

Lew Gutman
Naval Ocean Systems Center
San Diego, Ca.
(619) 553-4958
<[email protected]>

------------------------------

Date:    30 May 1989, 11:48:00 EDT
From:    David M. Chess   <[email protected]>
Subject: re: Virus writing - crime?

>    ... but then i thought that if you do not copy diskettes you do
> not have viruses. Diskette copying is a crime, ofcourse, so...

As I'm sure other folks will point out as well, there are two errors
here.  First, it's not true that "if you do not copy diskettes you do
not have viruses".  Viruses can spread in all sorts of ways, including
buying diskettes with legitimate software on them, getting and running
public domain executable files, and even just from putting a diskette
into an infected machine and doing a DIR on it!

Second, it's not true that "diskette copying is a crime".  Some
instances of diskette copying (and file copying) are violations of
copyright laws.  But many are not; many programs are in the public
domain, or may be copied in some circumstances without violating the
license; there are All Sorts of Terms and Conditions out there, and by
no means is "diskette copying" always a "crime".

I think it's very (very very) important to keep firmly in mind the
fact that viruses typically spread through legitimate actions by
legitimate users; the myth that viruses are only spread by grubby
criminals and law-breaking teenagers trading pirated software is
potentially a very dangerous one.

OBEYING THE LAW DOES NOT MAKE YOU IMMUNE FROM COMPUTER VIRUSES,
and having a virus does not mean that you have broken the law!

DC

------------------------------

Date:    Tue, 30 May 89 11:06:30 CDT
From:    "Len Levine" <[email protected]>
Subject: Computer Law (long)

>My question is if virus writing is a crime. I have thought of this
>question a lot. At the begining i thought that it must be a crime
>because people write this program in order to erase data to other
>people but then i thought that if you do not copy diskettes you do not
>have viruses. Diskette copying is a crime, ofcourse, so virus writing
>is not a crime because people wouldn't had them unless they copy
>diskettes.

The following (long) document is the computer law for the state of
Wisconsin.  Other states have similar laws.  Virus writing is against
the law if damage occurs.  The penalty is proportional to the amount
of damage.

                  o /
-------------------x-----------------------------------------
                  O \

        -- Computer Law - State of Wisconsin Statute --

                   Chapter 293, Laws of 1981

                    943.70 Computer crimes.

(1) DEFINITIONS. In this section:

  (a) "Computer" means an electronic device that performs
      logical, arithmetic and memory functions by manipulating
      electronic or magnetic impulses, and includes all input,
      output, processing, storage, computer software and
      communication facilities that are connected or related to
      a computer in a computer system or computer network.

  (b) "Computer network" means the interconnection of
      communication lines with a computer through remote
      terminals or a complex consisting of 2 or more
      interconnected computers.

  (c) "Computer program" means an ordered set of instructions or
      statements that, when executed by a computer, causes the
      computer to process data.

  (d) "Computer software" means a set of computer programs,
      procedures or associated documentation used in the
      operation of a computer system.

  (dm) "Computer supplies" means punchcards, paper tape,
      magnetic tape, disk packs, diskettes and computer output,
      including paper and microform.

  (e) "Computer system" means a set of related computer
      equipment, hardware or software.

  (f) "Data" means a representation of information, knowledge,
      facts, concepts or instructions that has been prepared or
      is being prepared in a formalized manner and has been
      processed, is being processed or is intended to be
      processed in a computer system or computer network. Data
      may be in any form including computer printouts, magnetic
      storage media, punched cards and as stored in the memory
      of the computer. Data are property.

  (g) "Financial instrument" includes any check, draft, warrant,
      money order, note, certificate of deposit, letter of
      credit, bill of exchange, credit or credit card,
      transaction authorization mechanism, marketable security
      and any computer representation of them.

  (h) "Property" means anything of value, including but not
      limited to financial instruments, information,
      electronically produced data, computer software and
      computer programs.

  (i) "Supporting documentation" means all documentation used in
      the computer system in the construction, clarification,
      implementation, use or modification of  the software or
      data.

(2) OFFENSES AGAINST COMPUTER DATA AND PROGRAMS.

  (a) Whoever willfully, knowingly and without authorization
      does any of the following may be penalized as provided in
      par. (b):

  1.  Modifies data, computer programs or supporting
      documentation.

  2.  Destroys data, computer programs or supporting
      documentation.

  3.  Accesses data, computer programs or supporting
      documentation.

  4.  Takes possession of data, computer programs or supporting
      documentation.

  5.  Copies data, computer programs or supporting
      documentation.

  6.  Discloses restricted access codes or other restricted
      access information to unauthorized person.

  (b) Whoever violates this subsection is guilty of:

  1.  A Class A misdemeanor unless subd. 2, 3 or 4 applies.

  2.  A Class E felony if the offense is committed to defraud or
      to obtain property.

  3.  A Class D felony if the damage is greater than $2,500 or
      if it causes an interruption or impairment of governmental
      operations or public communication, of transportation or
      of a supply of water, gas or other public service.

  4.  A Class C felony if the offense creates a situation of
      unreasonable risk and high probability of death or great
      bodily harm to another.


(3) OFFENSES AGAINST COMPUTERS, COMPUTER EQUIPMENT OR SUPPLIES.

  (a) Whoever willingly, knowingly and without authorization
      does any of the following may be penalized as provided in
      par. (b):

  1.  Modifies computer equipment or supplies that are used or
      intended to be used in a computer, computer system or
      computer network.

  2.  Destroys, uses, takes or damages a computer, computer
      system, computer, network or equipment or supplies used or
      intended to be used in a computer, computer system, or
      computer network.

  (b) Whoever violates this subsection is guilty of:

  1.  A Class A misdemeanor unless sub. 2,3 or 4 applies.

  2. A Class E felony if the offense is committed to defraud or
      obtain property.

  3.  A Class D felony if the damage to the computer, computer
      system, computer network, equipment or supplies is greater
      than $2,500.

  4.  A Class C felony if the offense creates a situation of
      unreasonable risk and high probability of death or great
      bodily harm to another.

                -- Penalties for Infractions --

939.50(3) Penalties for felonies are as follows:

  (a) For a Class A felony, life imprisonment.

  (b) For a Class B felony, imprisonment not to exceed 20 years.

  (c) For a Class C felony, a fine not to exceed $10,000 or
      imprisonment not to exceed 10 year, or both.

  (d) For a Class D felony, a fine not to exceed $10,000 or
      imprisonment not to exceed 5 year, or both.

  (e) For a Class E felony, a fine not to exceed $10,000 or
      imprisonment not to exceed 2 year, or both.

939.51(3) Penalties for misdemeanors are as follows:

  (a) For a Class A misdemeanor, a fine not to exceed $10,000 or
      imprisonment not to exceed 9 months, or both.

  (b) For a Class B misdemeanor, a fine not to exceed $1,000 or
      imprisonment not to exceed 90 days, or both.

  (c) For a Class C misdemeanor, a fine not to exceed $500 or
      imprisonment not to exceed 30 days, or both.

                  o /
-------------------x-----------------------------------------
                  O \

+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
| Leonard P. Levine           e-mail [email protected] |
| Professor, Computer Science         Office (414) 229-5170 |
| University of Wisconsin-Milwaukee   Home   (414) 962-4719 |
| Milwaukee, WI 53201 U.S.A.          Modem  (414) 962-6228 |
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +

------------------------------

Date:    30 May 1989, 12:07:20 EDT
From:    David M. Chess  <[email protected]>
Subject: New Virus for the PC

> This virus marks track 39 sector 8 as bad (it stores the virus there).

Hm.  That's the place where the Yale/Alameda virus stores the original
boot record.  Perhaps you have a variant of that virus that does the
screen effect?  Are there any speaker noises (like the 17xx virus
produces), or little bouncing balls on the screen?  Or do letters just
get blanked out?

DC

------------------------------

Date:    TUE MAY 30, 1989 12.48.18 EST
From:    "Jack Maher" <[email protected]>
Subject: Dirty Dozen update

Could someone send me an updated copy of the "DIRTY DOZEN", PLEASE.
The most recent version I have is dated 2/21/88. I am JJMC @ LEHIGH.
Thank you very much. I really appreciate it.

------------------------------

End of VIRUS-L Digest
*********************
Downloaded From P-80 International Information Systems 304-744-2253

You are viewing proxied material from infinitelyremote.com. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.