Path: utzoo!attcan!uunet!tut.cis.ohio-state.edu!mailrus!sharkey!atanasoff!jwright From: jwright@atanasoff.cs.iastate.edu (Jim Wright) Newsgroups: comp.sys.amiga Subject: Re: "xeno" virus Message-ID: <1332@atanasoff.cs.iastate.edu> Date: 12 Aug 89 22:51:17 GMT References: <21fB02Wm49np01@amdahl.uts.amdahl.com><3633@mentor.cc.purdue.edu> Reply-To: jwright@atanasoff.cs.iastate.edu.UUCP (Jim Wright) Organization: Iowa State U. Computer Science Department, Ames, IA Lines: 18 In article <3633@mentor.cc.purdue.edu> ain@mentor.cc.purdue.edu (Pat-bob White) writes: | In article hubey@pilot.njin.net (Hubey) writes: | > [wonders about programs to check files' CRC values] | | Anyone could write a program to do that now -- if they didn't publish | their CRC calculation method, then things would be safer till some virus | writer found it out. Once that happened, there would be many people relying | on that program to keep them safe.. making it actually easier for a virus to | spread. There's a better way. Use two different polynomials to compute the CRC values. A single CRC check can be faked out by tweaking the bytes, but getting past two such checks would be much more difficult. Even if you distributed source code. -- Jim Wright jwright@atanasoff.cs.iastate.edu