From: Chris McDonald STEWS-IM-CM-S (2/2/93)
To: /usr/cmcdonal/maillist:@wsmr-em, 
CC: /usr/cmcdonal/reviewlist:@wsmr-, 
Mail*Link¨ SMTP               Information Systems Securit
94-3

1.  In distributing the monthly updates on viral infections in commercial/
government media/software I took time to add up the numbers.  While it is
impossible to capture all infections, and similarly a difficult task to assess
the actual number of infections caused by a seemingly "trusted source", here
then are the "numbers" for MS-DOS and MACINTOSH environments.  It is hazardous
to draw any conclusions, but my MAC friends keep chanting "just say no to
MS-DOS"

	MS-DOS REPORTS          MACINTOSH REPORTS

1988            0                       5
1989            3                       2
1990           13                       7
1991           14                       1
1992           24**                     1


[** 15 incidents involved the Michelangelo virus.]


2.  NCSC-TG-016, "Guidelines for Writing Trusted Facility Manuals", has an
interesting Preface statement:  "Any recommendations that are not in the TCSEC
are prefaced by the word 'should,' whereas all requirements are prefaced by the
word 'shall.'  It is hoped that this will help to avoid any confusion."  Within
the first six pages which constitute Chapter 1, I counted 2 "shalls" and 13
"shoulds".  I omitted counting the "woulds" lest I be accused of not following
instructions.  The material in the "should" category seemed very important in
writing a meaningful TFM.  I am, therefore, totally confused!

3.  MacWorld, March 1993, has an article by Steven Levy "The Case of Purloined
Productivity".  Mr. Levy addresses the conclusion reached by Dr. Gary Loveman
at MIT's Sloan School of Management in 1986 in his study "An Assessment of the
Productivity Impact of Information Technologies":  

		The data speak unequivocally . . . there is no evidence
		of a significant positive productivity impact from IT
		[information technologies].

Mr. Levy explores the conclusion with insight and with a good sense of humor
which I will not ruin for those interested in pursuing the source.  I wonder
what the reaction might have been had Dr. Loveman reached this conclusion:

		The data speak unequivocally . . . there is no evidence
		of a significant positive productivity impact from Trusted
		Computing Bases (TCBs).

4.  PC Magazine, February 23, 1992, has an article by Don Steinberg "On-Line
Services - - Making Meaningful Connections".  The author does a comparison of
American Online, CompuServe, Information Service, Delpi, GEnie and Prodigy.
The March edition promises to present its annual review of anti-viral programs,
which in past years has been marginal in my opinion.

5.  MacWeek, 01.25.93, has some scary statistics on the theft of computer
equipment.  If the numbers are credible, $10 billion was the take for 1992.
$1.5 billion of that was Apple computers, printers and monitors.

6.  For those who employ MACINTOSH anti-viral products, there has been Internet
discussion on how these programs should be configured to work properly with
AutoDoubler.  If you missed the discussion, you can send an Internet request to
Fifth Generation Systems, salient@netcom.com.

7.  I just received my copy of Computer Virus Developments Quarterly, Volume 1,
Number 2 -- Winter, 1992/3.  If you remember a posting from September/October
1992, I announced that Mark Ludwig intended to publish such a quarterly and to
distribute viral code on a disk with each edition.  While a disk was shipped
with the publication, I have not had the opportunity to verify what is on the
disk.  Printed material states that the disk contains the Virus Creation Lab by
Nowhere Man, which has been frequently discussed on Virus-L.  The preview for
the Spring Issue suggests that the Dark Avenger Mutation Engine will be
distributed.  I will post a separate summary of the Quarterly which so far has
only addressed the PC-DOS/MS-DOS world.

------------------ RFC822 Header Follows ------------------
Received: by internetqm.llnl.gov with SMTP;2 Feb 1993 11:34:56 U
Received: from icdc.llnl.gov by icdc.llnl.gov (PMDF #12441) id
 <01GU8TKE4J74ERXBBP@icdc.llnl.gov>; Tue, 2 Feb 1993 11:33 PST
Received: from pierce.llnl.gov by icdc.llnl.gov (PMDF #12441) id
 <01GU8TJASNY8ERXE54@icdc.llnl.gov>; Tue, 2 Feb 1993 11:32 PST
Received: by pierce.llnl.gov (4.1/LLNL-1.18/llnl.gov-05.92) id AA06449; Tue,
 2 Feb 93 11:28:29 PST
Received: from WSMR-SIMTEL20.ARMY.MIL by pierce.llnl.gov
 (4.1/LLNL-1.18/llnl.gov-05.92) id AA06440; Tue, 2 Feb 93 11:28:02 PST
Received: from wsmr-emh03.army.mil by WSMR-SIMTEL20.ARMY.MIL with TCP; Tue,
 2 Feb 1993 12:26:52 -0700 (MST)
Resent-date: Tue, 2 Feb 1993 11:33 PST
Date: Tue, 2 Feb 93 12:23:26 MST
From: Chris McDonald STEWS-IM-CM-S <cmcdonal@wsmr-emh03.army.MIL>
Subject: Information Systems Security Update, #93-4
Resent-to: BILL_ORVIS@QUICKMAIL.llnl.GOV
To: /usr/cmcdonal/maillist:@wsmr-emh03.army.mil
Cc: /usr/cmcdonal/reviewlist:@wsmr-emh03.army.mil
Resent-message-id: <01GU8TKE4J74ERXBBP@icdc.llnl.gov>
Message-id: <9302021928.AA06440@pierce.llnl.gov>
X-Envelope-to: BILL_ORVIS@QUICKMAIL.llnl.gov
X-VMS-To: IN%"/usr/cmcdonal/maillist:@wsmr-emh03.army.mil"
X-VMS-Cc: IN%"/usr/cmcdonal/reviewlist:@wsmr-emh03.army.mil"


======================================================================