VIRUS-L Digest Tuesday, 22 Nov 1988 Volume 1 : Issue 18 Today's Topics: RE: Hardware Damage Gordon Meyer address (Re: Hacker paper.) Morris and penalties. CSI proceedings ethics of a worm PC Viruses doing hardware damage Computer crime legislation. Re: KillVirus INIT whose estimate is that? --------------------------------------------------------------------------- Date: Tue, 22 Nov 88 09:23 EST From: "SysOp: HelpLine BBS (703) 269-4802" Subject: RE: Hardware Damage In response to the queries on hardware damage... I have beeen working on a research paper recently on the topic of Hacker/Phreaker Bulletin Boards. In the course of that research I came across a BB that features a Virus/Trojan Message Area. One of the hot topics in that message base is damaging hardware through Virus and Trojan Programs. Among the methods included in the discussion is yanking the read/write heads from one edge to the other. I am certainly NOT a hardware person, but this does seem to be a method that would at least cause some severe wear and tear to a disk. Chip Whiteside ------------------------------ Date: Tue, 22 Nov 88 09:24:14 est From: preedy@nswc-wo.arpa.ARPA Subject: Gordon Meyer address (Re: Hacker paper.) I can't seem to get through to Gordon on the address he gave. HELP! Pat Reedy PREEDY@NSWC-WO.ARPA [Ed. A couple people have had the same problem; try - that's the address that he's registered as on the VIRUS-L distribution.] ------------------------------ Date: Tue, 22 Nov 88 09:34:47 EST From: "Homer W. Smith" Subject: Morris and penalties. As for nailing Morris to the wall, I would just like to point out that he did not RUIN anyones life, so we should not RUIN his. In fact we should give him the opportunity to help us prevent such occurances in the future and thus make amends to us and justify his existance to the rest of the world. I am sure he would be willing and successfull on all accounts. As for punishing him as an EXAMPLE to others who would be so foolish, this is inhumane and unenlightened, although one can well understand the anger felt by those who had to clean up after his mess. I vote for mercy with amends and community service. Homer Wilson Smith ------------------------------ Date: Tue, 22 Nov 88 09:32 CST From: Ken De Cruyenaere 204-474-8340 In reply to: U030009@HNYKUN11 Subject: CSI proceedings There are no proceedings, as such, that I am aware of. The conference was made up of workshops and general sessions as well as an exhibition ("world's largest") of security products. The sessions and workshops usually provided some "handout" material, to those who attended. Some of the sessions were worthwhile, others not. The exhibition was certainly very interesting as well. The main benefit I get from the conference is the chance to meet with others interested in computer security. The handout material on its own would not be necessarily be of great value but you can try contacting CSI: Computer Security Institute - 360 Church St. Northborough, Massachusetts, 01532 - USA (508-393-2600) Ken D. (University of Manitoba) ------------------------------ Date: Tue, 22 Nov 88 09:48:37 EST From: James Mathiesen Subject: ethics of a worm I've been hearing a lot of people making noises like they'd enjoy seeing Mr. Morris strung up on a tree. Frankly, I don't see what everyone's problem is. He didn't write a virus, he wrote a worm. It doesn't destroy data or attach itself to programs or depend on user stupidity and ignorance. Instead he depended on programmer stupidity and ignorance. Big difference. I think this is why everyone is so hostile. He rubbed a lot of peoples' faces in the fact that their 'secure' systems were full of holes. Big deal. I already knew that. Frankly if their 'security' depended on people's ignorance (not knowing how to exploit bugs in fingerd and sendmail) they deserved to have their faces rubbed in it, and have no right to get annoyed. They should just swallow their pride, patch their holes, and chill. Maybe now they'll actually work toward protecting their system. The only secure system is one which does not depend on the ignorance of the person trying to break in. You should always assume that the 'enemy' you protect against has access to the full source of your system. If this is a 'security risk' then you don't have security. Frankly, I don't think there was any security for Mr. Morris to break. And I don't enjoy watching people try to crucify someone for showing them that their ivory towers are top heavy. If it wasn't secure against Mr. Morris, it wasn't secure against anyone else. Pretending otherwise is stupid. You should all thank him for not randomizing every 100,000th byte of your file system. Actually, no, he shouldn't be praised. He doesn't deserve to be. But neither does he deserve to be condemned. I think his act was basically neutral -- one with both good and bad consequences, none of which were extra-ordinary. -- james p.s. no I don't necessarily recommend that he become a security consultant, not unless he has some better background in building rather than breaking security. Disclaimer: I don't know what my employer's opinions are. Please direct personal flames to my personal account, and I'll return the favor. ------------------------------ Date: Tue, 22 Nov 88 10:58:41 EST From: Mark W. Eichin Subject: PC Viruses doing hardware damage There was a trick, common to both the IBM PC and the Tandy Model 2, which use the same video control chip (Motorola 6xxx, I forget which) that could make them literally `go up in smoke'. The chip had registers to control the screen refresh rate, and you could set them to really bizarre values. I have heard two versions of this: 1) you could set the values really high, and burn out the CRT 2) you could set them to zero, and since the switching power supply was driven by the same oscillator (cheaper that way :-) it would burn up/melt/whatever due to excessive DC current. Either would probably correspond to stories I've heard of PC's `blowing up' this way... I have never heard of a virus doing it, though. I have heard of legitimate program bugs, or hardware failures, causing the same thing... or at least, they *seemed* legitimate... :-) Mark Eichin SIPB Member & Project Athena ``Watchmaker'' ------------------------------ Date: Tue, 22 Nov 88 12:41 EST From: Ain't no livin' in a Perfect World. Subject: Computer crime legislation. Upon reading the the comments that tough legislation against viruses would result in harder to find viruses, I began to think that the viruses out now are already hard to find. Besides, it will keep people who don`t know how to hide them from writing them and putting them out there. Anyway, without the legislation we'll have all those annoying viruses plus the harmful ones too. At least we'll get rid of the really annoying ones that don't cause damage. Tom Kummer. ------------------------------ Date: Tue, 22 Nov 88 13:42:17 EST From: Joe McMahon Subject: Re: KillVirus INIT To: Roberta Russell , Virus Discussion List In-Reply-To: Your message of Tue, 22 Nov 88 09:41 EDT >Just saw your notice this morning on the VIRUS-L discussion. I was >mightily confused when you said you did not have a copy of KillVirus, as >I downloaded it from the server at SCFVM last week. Is this some other >program? No, *I* was confused last week -- I had mixed up the KillVirus INIT with the MacTutor INIT (also in there). I guess this is one for the "duuuuuuh" file. Sorry if I confused anyone else. I have now added the KillVirus INIT to the HyperCard stack (V1.7 now) and will be putting it up in the next day or so. KillVirus is now my recommended method of dealing with nVIR. - --- Joe M. ------------------------------ Date: Tue, 22 Nov 88 15:06:14 EST From: Jefferson Ogata (me!) Subject: whose estimate is that? The $20 million estimate I heard from a friend who works at Goddard (NASA). I'm not sure where he got it (might've been TV). The work estimates I've heard are all in the tens of thousands of man-hours, and that didn't include time spent later on reconstructing the source code from .o files and tracking down the actual writer of the code. The $20 million seems more reasonable every time I look at it. There's more to come as well, as the FBI spends tremendous amounts of dough collecting evidence against Morris, and lots of rich lawyers prepare for the case, which might set a major precedent. - - Jeff Ogata [Ed. Thanks for clearing that up, Jeff. I was just curious where the value was coming from.] ------------------------------ End of VIRUS-L Digest ********************* Downloaded From P-80 International Information Systems 304-744-2253