Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!uwm.edu!uakari.primate.wisc.edu!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw From: XRAYSROK%SBCCVM.BITNET@VMA.CC.CMU.EDU (Steve) Newsgroups: comp.virus Subject: Tiger Teams Message-ID: <0011.8909271119.AA09775@ge.sei.cmu.edu> Date: 26 Sep 89 22:12:26 GMT Sender: Virus Discussion ListLines: 23 Approved: krvw@sei.cmu.edu Maybe I just don't understand, but I personally think the "Tiger Team" idea put forth (by David Gursky) on this list is a little ridiculous because: 1) Most viruses are not spread by someone sneaking in at night and against your wishes copying something onto your computer. Rather, they are usually spread voluntarily (but unknowingly) by the user exposing the computer to foreign contaminated disks or programs. If I always (almost always anyway) operate within a closed system, how is letting someone *tamper* with my computer going to help me? I'd feel much safer just scanning for known viruses, which brings up the next point. 2) What corporation (or employee for that matter) is willing to take the risk of letting someone (outsiders or corporation employees) *tamper* with the computers which the company (and the employee) depends upon, especially when proper operating procedures (regular backups, etc.) will offer you very good protection? 3) Can you guarantee that the "Team" will not do damage? No, you cannot. And if they are introducing live viruses, we already know that no one can guarantee that the viruses will be benign in every situation (as has been discussed many times by others on this list), or that they will not get away. Acknowledge-To: