Return-Path: XPUM04@prime-a.central-services.umist.ac.uk Received: from G.SEI.CMU.EDU by ubu.cert.sei.cmu.edu (5.61/2.3) id AA19249; Wed, 6 Jun 90 09:36:03 -0400 Received: from SEI.CMU.EDU by g.sei.cmu.edu (5.61/2.5) id AA02406; Wed, 6 Jun 90 09:36:01 -0400 Received: from nsfnet-relay.ac.uk by sei.cmu.edu (5.61/2.3) id AA12462; Wed, 6 Jun 90 09:35:50 -0400 Received: from sun.nsfnet-relay.ac.uk by vax.NSFnet-Relay.AC.UK via Janet with NIFTP id aa15276; 6 Jun 90 13:53 BST From: Anthony Appleyard To: KRVW <@NSFnet-Relay.AC.UK:KRVW@sei.cmu.edu> Date: Tue, 05 Jun 90 14:08:28 BST Message-Id: <$TGVGDBVHCQBC at UMPA> Subject: Virus-L vol 0 issue #0627 Virus-L Digest Mon, 27 Jun 88, Volume 0 : Issue #0627 Today's Topics Tamper proof packaging Re: constructive viruses OS/2 and virii NO constructive viruses please ------------------------------ Date: Mon, 27 Jun 88 15:50:00 EDT Reply-To: Virus Discussion List Sender: Virus Discussion List From: Woody Subject: Tamper proof packaging I found this on an old USENET digest (dealing with the macintosh). If has some interesting comments about commercial firms preventing the dissemination of viruses and bootleg versions of their products. - -- < forwarded message begins here > --- From: letovsky-stanley@yale.UUCP Subject: Viruses and Tamper-Proof Packaging Date: 19 May 88 15:57:46 GMT Organization: (none) >From: Stanley Letovsky Re: Atul Butte's proposal for "tamper-proof packaging" for software to prevent dissemination of software viruses (Comp.sys.mac Sun, 08 May 88): Butte proposes a variation on the one-way encryption functions of public key cryptography schemes which could encrypt software in a way that ensures that the software actually came straight from the vendor. He also suggests that the decryption key could somehow be provided along with the encrypted software. His proposal is interesting, and seems viable in its overall framework, but one detail is problematic. One cannot distribute the decryption key with the encrypted software: any evil hacker could create such a package, encrypting virus-infected software and supplying his own key. The decryption keys must be publicly posted in such a way that the consumer could have absolute confidence that they belong to a reputable firm, while the firm is responsible for ensuring that they alone know how to encrypt for their publicly posted decryption key. Incidentally, Butte's scheme would seem to have implications for preventing software bootlegging. The vendor could supply the decryption key only to customers with proof of purchase. Bootleggers would have to risk virus infection. Vendors might even be motivated to distribute infected bootleg copies around the marketplace, so as to heighten demand for the genuine article. Of course, they could do that even without tamper-proof packaging... Stan Letovsky letovsky@yale.edu David Littman littman-david@yale.edu - -- < forwarded message ends here > ---- I find Letovsky and Littman's final paragraph rather interesting. Reminiscent of recent SF literature! woody WWEAVER@DREW -------------------- Date: Mon, 27 Jun 88 17:10:18 CST Reply-To: Virus Discussion List Sender: Virus Discussion List From: David Camp Subject: Re: constructive viruses In-Reply-To: Message of Fri, 24 Jun 88 14:20:44 CDT from >> >>Maybe you don't recall the details of the constructive virus sjb was >>referring to. It contained self-replicating code and patches for the >>... >>boot disk. I, for one, hate updating software on all the disks it might >>be living on, and I love the idea of software that updates itself. >> >>- Jeff Ogata >> > >so would we all, until something failed and we would change our ideas >with GREAT suddenness and gusto. > >- Len Levine > > Sometimes I have reason to use an old version of Dos. Not only would I not want it to be automatically replaced, but I would not want it in Rom, either. -David- -------------------- Date: Mon, 27 Jun 88 19:15:48 EDT Reply-To: Virus Discussion List Sender: Virus Discussion List From: David.Slonosky@QueensU.CA Subject: OS/2 and virii Assuming OS/2 is released, does anyone have a feeling for whether multitasking will have an enhanced impact of the viruses? That is, the virus in your WordPerfect program sees the Microsoft Windows program and enters it then goes dormant until April 1, 1992... -------------------- Date: Mon, 27 Jun 88 14:05:00 URZ Reply-To: Virus Discussion List Sender: Virus Discussion List From: BG0@DHDURZ2 Subject: NO constructive viruses please Hi folks, I don't agree that there are "constructive viruses". All things these viruses are supposed to do can be done (more easily) by using normal programs or extensions of the operating system (e.g. data compression,...). The fact is that a virus has to *alter* existing executables even if it is a "good" virus. I don't want other persons to alter my programs (via viruses) because they may cause side effects on my software. I something went wrong with my programs *I* want to be responsable for the errors... Some people say: 'The virus should ask the user if he wants his program to be infected by this "good" virus.' I don't want to be asked silly questions all the time either. By the way: . If you buy a software package and you have problems with it, I think the software house can refuse to give support if the software is altered by an (even) "good" virus. . At least here in Germany it is a crime (Para. 303a,b StGB - computer sabotage) to spread a (constructive) virus *BECAUSE* it alters existing programs. I do believe the tale of "constructive viruses" is spread by virus programmers who want to legitimate their doing. All the best, Bernd. -------------------- *** end of Virus-L issue ***