Return-Path: XPUM04@prime-a.central-services.umist.ac.uk Received: from G.SEI.CMU.EDU by ubu.cert.sei.cmu.edu (5.61/2.3) id AA04456; Wed, 20 Jun 90 17:18:11 -0400 Received: from SEI.CMU.EDU by g.sei.cmu.edu (5.61/2.5) id AA06938; Wed, 20 Jun 90 17:18:10 -0400 Received: from nsfnet-relay.ac.uk by sei.cmu.edu (5.61/2.3) id AA23002; Wed, 20 Jun 90 17:17:39 -0400 Received: from sun.nsfnet-relay.ac.uk by vax.NSFnet-Relay.AC.UK via Janet with NIFTP id aa23159; 20 Jun 90 16:20 BST From: Anthony Appleyard To: DAVIDF@cs.heriot-watt.ac.uk Date: Wed, 20 Jun 90 16:32:24 BST Message-Id: <$TGWGCZNQBTQN at UMPA> Subject: Virus-L vol 0 issue #1017 Virus-L Digest Mon, 17 Oct 88, Volume 0 : Issue #1017 Today's Topics ** no subject, date = Mon, 17 Oct 88 00:34:00 EST Terminology problems & Vote call Re: Terminology problems & Vote call First, let's kill the teachers. hackers another attempt at voting Re: networks Please stop this drivel! networks Re: Re: networks Another vote. Re: I am proud to be a hacker! ------------------------------ Date: Mon, 17 Oct 88 00:34:00 EST From: Dimitri Vulis Please... stop using the word 'hacker' if you don't know what it means... Users who maliciously destroy data, plant viruses, Trojan horses, etc are usually too dumb/ignorant to qualify as hackers. I had XMAS EXEC sent to my CMS account last winter, and I took the usual precaution of _looking_ at it before running it. It was _immediately_ obvious to be what it was supposed to do (i.e. display a XMAS tree and send copies of itself to all the folks in my NAMES file), so I did not run it, and I sent a stern warning to the person who sent it to me; however, it was written in such an amateurish matter that it really made me puke. It is my understanding that _most_ viri, Trojans, etc are written by children under 18 are primitive and full of bugs that render them less harmful than meant by their authors. A 'hacker' is, generally speaking, an anthusiastic systems programmer--- nothing less, nothing more. The media (flame=on) sometimes misuse this term to describe what really are phreaks and/or crackers. Well, one may follow this usage, and one may use the term 'virus' generically instead of 'Trojan horse' or 'time bomb' etc, and one will sound like one does not know what one is talking about, which is probably the case. (flame=off). Programming expertise and a malicious destruction of other people's data seldom coincide. Now, about employing 'hackers' (crackers) in computer centers: I think it's a real bad idea. A person caught snooping around other people's data (even w/o destroying anything) cannot be trusted with the power inherent in (almost) any systems support job. Even a lowly student consultant is in position to notice passwords being typed, for example. In the past (I mean real dark past, 10--15 years ago) there were so few knowledgeable users available that (school) DP people had to hire such folks as consultants etc because they picked up something about the system while snooping which they could pass on to othet users. Well, today the systems are (somewhat) easier to use, and the pool of knowledgeable users is much wider, so the cracker types can and should be blacklisted. Users caught trying to destroy other users' data or to interfere with the operation of the computer center ought to be punished in the most severe manner available. Some years ago I had some of my files erased by a sicko who was working for the computer center (a realy psychopath). I was not too happy about it, obviously. I think SUNY@Albany was completely right in kicking the butt of the loser who tried to launch a virus and could not do even that competently. It's too bad they could not put him to jail as well. They should also publicize the incident as widely as possible. Hopefully, this will make others like the student in question think twice before attempting to write something like this. Being lenient with system abusers generated a wrong kind of message --- that systen abuse is tolerated at this particular installation. -Dimitri Vulis -CUNY GC, Math department -------------------- Date: Mon, 17 Oct 88 07:34:38 GMT Comments: Warning -- original Sender: tag was JANET@BRIGHTON.AC.UK From: JANET@VMS.BRIGHTON.AC.UK Subject: Terminology problems & Vote call Dimitri Vulis (17 Oct 88 00:34:00 EST) writes... > Please... stop using the word 'hacker' if you don't know what it means.. In the UK, a minority of people would know of the term "cracker". A book (third issue came out this year) called "The Hacker's Handbook", on the subject of connecting to other people's systems and logging in, only makes it more confusing. I saw a list of many terms used in the USA of which (fortunately) few have alternative meanings in the UK. Outside the specialist terms from MIT etc, onto mundane things... a (US) bus is a (UK) coach [eg Greyhound], and a (Can) pavement is a (UK) road. I was *very* confused by that until I found a (Can) sidewalk is a (UK) pavement. "Get on the pavement" could be dangerous! Suggestions anyone? > Now, about employing 'hackers' (crackers) in computer centers: > I think it's a real bad idea. Can anyone suggest a means by which we can take a vote? (Must be able to receive votes by MAIL not just SEND (n/a worldwide)). I'm not sure [having commented on 'Informants'] that CONTINUING a 50:50 (??) matter is of value on any list... Must say I found all views of value. Peter Morgan, Computer Centre, Brighton Poly. pgm@vms.brigton.ac.uk or pgm%vms.brighton.ac.uk@cunyvm.cuny.edu [ Decision please, from On High -- Ken... LUKEN@LEHIIBM1 ] -------------------- Date: Mon, 17 Oct 88 09:17:41 EDT From: Ken van Wyk Subject: Re: Terminology problems & Vote call In-Reply-To: Your message of Mon, 17 Oct 88 07:34:38 GMT > Can anyone suggest a means by which we can take a vote? (Must be able > to receive votes by MAIL not just SEND (n/a worldwide)). I'm not sure > [having commented on 'Informants'] that CONTINUING a 50:50 (??) matter > is of value on any list... Must say I found all views of value. A couple of related things... First, the arguments (both for and against) about hiring "hackers" have gone on for quite some time now with both sides making very interesting points. I suggest that they be continued on the ETHICS-L list, as suggested by a reader, however. The same goes for the arguments about the definition/history of the term "hacker"; interesting as it is, it doesn't really have much of a place here. Both things can be argued ad infinitum with neither side claiming a decisive victory. Thanks in advance for everyone's cooperation on this matter. Ken Kenneth R. van Wyk Calvin: I can't stop this bike, help! User Services Senior Consultant Hobbes: Turn into a gravel driveway and Lehigh University Computing Center fall! Quick! Internet: Calvin: Screeeech! Boom! :-( BITNET: Hobbes: I didn't think you'd listen to me! -------------------- Date: Mon, 17 Oct 88 09:24:16 EDT From: "Mark F. Haven" Subject: First, let's kill the teachers. "Date: Fri, 14 Oct 88 23:42:00 EST From: ACS045@GMUVAX Subject: Penalties for Hackers sounds like most places you've been are a lot more lenient than our place over here.... We just had a nasty bit of business where a student consultant either wrote a VMS trojan .COM file or showed a user how to write a .COM file, which was then sent around the system and managed to zap a few accounts before the file was discovered. No short chain for him.....he was fired faster than a speeding bullet.. It turned out that he didn't really DO anything in terms of writing or distributing the beast, but just the mere fact that his name came up a few times in the resulting inquisition was enough to get him canned...":- PLEASE tell us there's more to this than what you said, in particular "he didn't really do anything but just the mere fact that his name came up a few times". On that basis you would be firing your top and most accessible instructors who provide information in the most understandable way. I've taught hundreds of people how to write in various languages. Some of them I've spent a lot of time helping. Are you saying that if one of them wrote a destrustive program and then told you I taught him a language, and several others said I often answered such questions, then I'd be out like a speeding bullet? (In such a case I guarantee my lawyer would beat up your lawyer.) -------------------- Date: Mon, 17 Oct 88 09:06:00 MDT From: GORDON_A%CUBLDR@VAXF.COLORADO.EDU Subject: hackers Just a comment...weren't the original founders of APPLE Computers considered to be hackers? This isn't a flame but a commentary. One can learn a lot by poking around programs etc., perhaps a lot more than in school. Like everything else there are "good" ones and "bad" ones. Allen Gordon, Univ Colorado -------------------- Date: Mon, 17 Oct 88 11:30:44 edt From: GATEH@CONNCOLL Subject: another attempt at voting I vote to move the hacker/hire-fire/definition-genealogy discussions to another list (perhaps ETHICS-L, as other folks have mentioned), and reserve this list for more technical topics. that'll be two cents Gregg TeHennepe | BITNET: gateh@conncoll Minicomputer Specialist | Phone: (203) 447-7681 Academic Computing and User Services Connecticut College New London, CT -------------------- Date: Mon, 17 Oct 88 10:18:44 CDT From: Len Levine Subject: Re: networks In-Reply-To: Message from "VIRUS-L@LEHIIBM1.BitNet" of Oct 16, 88 at 10:41 am >> Read-only files, protected at the server end where the >>virus is assumed not to reside, are protected. > It seems to me, that you are against any write access to a server >because of the potential for a virus to infect public programs.:-) Do >you think that, because of a *potential* threat, we should limit the >functionality of our servers? >Erik Sherk I have no desire to limit systems, I am interested only in becoming aware (and in helping others to become aware) of the threat and what we will have to do to protect against it. Thus far it seems to me that: No conventional MS-DOS or MAC stand alone installation that accepts executable files from another system is safe. (The basic failure is that there is no forbidden code area that any user program cannot penetrate in either of these designes. Thus, anything that the virus writer wants to do, s/he can do.) No system (whatever its form) that permits a user to write executable code for another user to execute is safe if the later executer (pardon the English) is a system level user or has serious files to protect. The best safety is in the form of a lock with a known form but an unknown key. (There is no way to permanently hide the form of the lock. The design of the Yale lock is known to many. The shape of the key however, can be hidden from the perp ((as we say in Hill Street)) and can be changed at will.) Finally, I know of no existing virii that do the nasty things that the above imply. I know that some will come though. + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + | Leonard P. Levine e-mail len@evax.milw.wisc.edu | | Professor, Computer Science Office (414) 229-5170 | | University of Wisconsin-Milwaukee Home (414) 962-4719 | | Milwaukee, WI 53201 U.S.A. Modem (414) 962-6228 | + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + -------------------- Date: Mon, 17 Oct 88 13:08:00 EST From: Tom O'Toole - HCF Subject: Please stop this drivel! This same arguement (hackers... degenerating into "what is a hacker" etc...) reared it's ugly head on info-vax a while ago and took forever to die. The moderator of this list has requested that the discussion be moved to another list, yet the messages are still coming. And PLEASE drop the notion of a "vote" immediately. Let's get on with it, 'cuz we're wasting our time. Thanks... Tom O'Toole, JHUVMS system programmer, Homewood Computing Facilities Johns Hopkins University, Balto. Md. 21218, ecf_stbo@jhuvms.bitnet -------------------- Date: Mon, 17 Oct 88 13:59:40 EDT From: "David M. Chess" Subject: networks Len Levine lists some problems that allow viruses to propagate: "...there is no forbidden code area that any user program cannot penetrate... ...permits a user to write executable code for another user to execute ... if the later executer (pardon the English) is a system level user or has serious files to protect.". I would suggest that the first of these things is not at all necessary for a virus to spread and to do damage, and that the second of these things is a necessary feature of any real system at all (there are no systems where no one executes any code that was written by someone else, and every serious user has at least one serious file). Because of these thoughts, I would object (again) to any suggestion that MS-DOS and MAC systems are more vulnerable to viruses than are any other systems. How about changing the sentence in question to read: > No conventional computer installation that accepts > executable files from another system is safe. Forgive me if I harp on this, but I'm constantly reading and hearing how it's just these silly micros that are vulnerable to viruses, and that as soon as they get to be more like mainframes, we'll be safe. It's not true... On the other hand, I agree wholeheartedly that known-form locks with unknown keys are a very promising approach to all this. DC -------------------- Date: Mon, 17 Oct 88 16:13:07 EDT From: MICHAEL LEE Subject: Re: Re: networks Someone mentioned the Yale lock. Can you explain more? It sounds interesting but I have no idea of what it entails. Mike Lee, WASH University, ST. LOUIS, MO -------------------- Date: Mon, 17 Oct 88 13:53:48 EDT From: "Mark F. Haven" Subject: Another vote. I support Gregg TeHennepe's urge that we move this to ETHICS-L. Two reasons, first the traffic is voluminous and has to be sorted through by those interested in the more technical aspects of viruses, second ETHICS-L has been completely silent for months and is defined as the forum for just this kind of discussion, second and a half - this is getting boring but I feel the need to stay sub% scribed to VIRUS-L for the technical stuff and the discussion on who is a "hacker", did the Albany student get too much or too little, etc. has gotten beaten to death (and boredom) already. Mark F. Haven, Computer Specialist, National Institutes of Health, Bethesda, MD -------------------- Date: Mon, 17 Oct 88 11:33:00 MDT From: Grep the Peg Subject: Re: I am proud to be a hacker! In-Reply-To: Message of 16 Oct 88 22:58 MDT from "ZDABADE at VAX1.CC.LEHIGH.EDU Right on. I lost my account on the University of Calgary vaxes four times in my first year. Once because I used "rlogin" when I wasn't supposed to. Three other times because of unfounded "rumour". It seems the sysop's fastest way to get me into his office was to turn off my account. I don't even think what I did classifies as hacking... -------------------- *** end of Virus-L issue ***