Path: utzoo!attcan!uunet!super!udel!mmdf From: BEB%UNO.BITNET@cunyvm.cuny.edu Newsgroups: comp.sys.amiga Subject: Re: The Ultimate Fix!!! Message-ID: <4254@louie.udel.EDU> Date: 27 Sep 88 01:08:06 GMT Sender: mmdf@udel.EDU Lines: 56 Don Whitewrites: > If kickstart (both ROM and Disk) were distributed with a WORKBENCH checker > you would be told automatically when your disk was not standard. If you have And how do we do the checking? Checksums? Once known (same day they hit the street if not before) they can be matched by a trojan virus. Comparison with code in ROM? No room in current ROMs, is there? Code not in ROM? Unsecure. > attempted to load a copy-protected program then you will simply accept that > it is non-standard. And documentation should warn you that you are subject to > having other disks harassed. There is NO WAY TO GET PAST THIS WARNING because > it is in ROM or a write-protected kickstart. (System Master disks should be > distributed with NO WRITE PROTECT TABS!!! I.E ALWAYS PROTECTED!!!) Nobody in his right mind ever boots off the original master more than once. (I think I did it twice. :} > This method would incur some cost. Any time Workbench changed, KickStart > would have to be redistributed. So C= would be very unwilling to do it, even if it would help, and I for one would be unwilling to pay extra for such a limited gain in "security". > But there would always be dependable warning > when you first stuck a virused disk in your system. It would be READ before > it was RUN. This insures that no bad code is executed!! Any code not in ROM is fair game for a trojan horse. You can't put it all in ROM without *major* hardware redesign. At most you can get a clean boot, but from the end of the boot on anything is vulnerable. > Come on now! Wouldn't this work? This only addresses the bootblock type of virus. How do you defend against a virus that spreads by attaching itself to random load files (for instance)? Or how about a "dir" that copies itself to a writeable disk that contains a :c/dir. This is the vector. Pick any sort of crazy badness you could imagine for the disease. When you've figured out how to defeat that, I'll suggest another method of mangling your system. See? It's a no-win game. No point in even trying to defend against it. Talking about viruses and trojan horses just encourages the pinheads that write them. The best defense is a suspicious nature. > Don White > {ihnp4 | akgua | seismo}!zehntel!donw > Box 271177 Concord, CA. 94527-1177 Bruce death before disclaimer <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><> <>Handle: Bruce Bettis USnail: University of New Orleans <> <>BITnet: Computer Research Center <> <>Voices: (504) 286-7067 New Orleans, La. 70148 <> <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>