Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!husc6!rutgers!bellcore!faline!ulysses!mhuxt!ihnp4!alberta!edson!tic!ruiu
From: ruiu@tic.UUCP (Dragos Ruiu)
Newsgroups: comp.misc
Subject: Re: Trojan Horse a Myth?
Message-ID: <166@tic.UUCP>
Date: Sun, 6-Dec-87 15:13:49 EST
Article-I.D.: tic.166
Posted: Sun Dec  6 15:13:49 1987
Date-Received: Sat, 12-Dec-87 04:09:08 EST
References: <459@gtx.com>
Organization: U of A, E.E., Edmonton,Canada
Lines: 35
Summary: Trojans are all too common in BBS - PC land.

In article <459@gtx.com>, al@gtx.com (0732) writes:
> It seems to me that the Professor is being quite naive.  We all know
> how easy it would be to create a Trojan Horse Program, and even, with a
> little more difficulty, make it infect the user's system in subtle
> ways.  As for the question, "has anyone actually been hurt by one of
> these?", I only know third-hand accounts.  Can anyone relate a
> first-hand account of damage done to his/her system by a malicious
> Trojan Horse?
> 
>    | Alan Filipski, GTX Corp, 2501 W. Dunlap, Phoenix, Arizona 85021, USA |
>    | {ihnp4,cbosgd,decvax,hplabs,seismo}!sun!sunburn!gtx!al (602)870-1696 |

Trojans shop up with alarming regularity about twice a year on public domain
software distributed by BBS's. The only time I have ever been caught is when
a friend gave me a reputedly 'new' version of ARC he had just downloaded. This 
was two and a half years ago. My friend lost his entire hard disk, luckily I 
tested it on floppy. (My friend just about had his backup disks framed :-)
 
   The ocurrence of disk-erasing trojans, viruses etc. has even spawned a
de-fuser program called CHK4BOMB that lets you examine new programs and warns
of questionable practices within them. It is standard fare on all IBM-PC BBS's
but unfortunately I think it is nowhere near infallible and the user needs
a lot of knowledge of system calls on a PC. I still use my copy on something
too good to be true (When I use MS-Clunk :-).
 
    Now if we could only figure out what drives people to do things like this.
I can see what would cause trojans on a timesharing system in a CS environment,
but what would drive someone to spring nasty effects on some complete stranger?


-- 
Dragos Ruiu          Disclaimer: My opinons are my employer's, I'm unemployed!
            UUCP:{ubc-vision,mnetor,vax135,ihnp4}!alberta!edson!tic!dragos!work
(403) 432-0090         #1705, 8515 112th Street, Edmonton, Alta. Canada T6G 1K7 
Never play leapfrog with Unicorns...