Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!uwm.edu!uakari.primate.wisc.edu!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw
From: XRAYSROK%SBCCVM.BITNET@VMA.CC.CMU.EDU (Steve)
Newsgroups: comp.virus
Subject: Tiger Teams
Message-ID: <0011.8909271119.AA09775@ge.sei.cmu.edu>
Date: 26 Sep 89 22:12:26 GMT
Sender: Virus Discussion List 
Lines: 23
Approved: krvw@sei.cmu.edu


   Maybe I just don't understand, but I personally think the "Tiger Team"
idea put forth (by David Gursky) on this list is a little ridiculous
because:
   1) Most viruses are not spread by someone sneaking in at night and
against your wishes copying something onto your computer.  Rather,
they are usually spread voluntarily (but unknowingly) by the user
exposing the computer to foreign contaminated disks or programs.  If I
always (almost always anyway) operate within a closed system, how is
letting someone *tamper* with my computer going to help me? I'd feel
much safer just scanning for known viruses, which brings up the next
point.
   2) What corporation (or employee for that matter) is willing to
take the risk of letting someone (outsiders or corporation employees)
*tamper* with the computers which the company (and the employee)
depends upon, especially when proper operating procedures (regular
backups, etc.) will offer you very good protection?
   3) Can you guarantee that the "Team" will not do damage?  No, you
cannot.  And if they are introducing live viruses, we already know
that no one can guarantee that the viruses will be benign in every
situation (as has been discussed many times by others on this list),
or that they will not get away.
Acknowledge-To: