Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!wuarchive!gem.mps.ohio-state.edu!uakari.primate.wisc.edu!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw
From: David.M..Chess.CHESS@YKTVMV
Newsgroups: comp.virus
Subject: re: Why not change OS?
Message-ID: <0001.8910031107.AA02205@ge.sei.cmu.edu>
Date: 2 Oct 89 00:00:00 GMT
Sender: Virus Discussion List 
Lines: 35
Approved: krvw@sei.cmu.edu

Hm.   You seem to be assuming, among other things, that:

  - If a virus can't talk directly to the hardware or to files
    belonging to other folks, it can't do any serious harm, and

  - UNIX programs are exchanged only as source, not as binaries.

I'd disagree with both of those claims; the Jerusalem virus, one of
the most widespread and troublesome in the PC world, doesn't talk
directly to the hardware, and doesn't rely on being able to write out
of the user's own space.  I imagine everyone on the list can think of
a number of nasty/destructive/confusing things that a virus could do
even if it only had access to the user's own data files, and couldn't
write direct to hardware (I won't list any here, hehe!).

As UNIX and UNIX-derived systems continue to spread beyond the
programmer community, program exchange among groups using the same
hardware will tend, I would expect, to include more exchange of
binaries.  I wouldn't expect to see a virus that could infect more
than one or two hardware platforms in the near future (cross fingers),
but a virus that could spread to any machine in one of the more
popular UNIX hardware categories would be quite enough to cause
problems for lots of folks!

While I don't know of any UNIX viruses at the moment, I would disagree
with the suggestion that UNIX is inherently virus-resistant enough to
make it worthwhile switching OS's in hopes of being able to forget
about virus protection!  The same applies to any other general-purpose
OS around; viruses *don't* need insecure systems to spread and do Bad
Things.  That's the whole point...

DC
IBM T. J. Watson Research Center

UNIX is a trademark of AT&T (or Bellcore, or someone like that)