Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!uwm.edu!uakari.primate.wisc.edu!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw From: ginosko!cg-atla!mallett@uunet.UU.NET (Bruce Mallett) Newsgroups: comp.virus Subject: Anti-viral hard disk controllers Message-ID: <0011.8909281133.AA14331@ge.sei.cmu.edu> Date: 27 Sep 89 20:37:15 GMT Sender: Virus Discussion ListLines: 34 Approved: krvw@sei.cmu.edu Seems to me that virus infestation in companies could be controlled through a little bit of dicipline and with the help of a modified hard disk controller. The scheme is to partition the hard disk into an executable partition and into a data partition. All executables are kept on the bootable, outer partition. The modified disk controller has: switches which indicate the last track number of this outer partition a switch out the back to enable/disable writes to this outer partition. Probably a rotary requiring a screw-driver or other tool to change. In a corporate environment where systems are controlled I would think that this would work quite well. Virus software must be able to write to executables to spread, and they would not be able to since the partition containing them is hardware protected. Without hardware assist, software is always defeatable so no software solution is going to guarantee protection against all infestations. Dicipline is needed in several areas: administration to ensure that systems get properly setup, environments defined correctly, etc.; software packages must not maintain/modify data out of their executable directories; users must not fiddle with the switch nor import foreign, unknown software (by write-enabling the partition), etc. Note that programs run from the floppy can still wreak havoc to the un- protected partition, but they cannot spread via the HD. Is this workable? [Ed. There is at least one commercial product that does exactly that, but it's name escapes me.]