Return-Path: XPUM04@prime-a.central-services.umist.ac.uk Received: from G.SEI.CMU.EDU by ubu.cert.sei.cmu.edu (5.61/2.3) id AA04414; Wed, 20 Jun 90 17:05:05 -0400 Received: from SEI.CMU.EDU by g.sei.cmu.edu (5.61/2.5) id AA06874; Wed, 20 Jun 90 17:04:44 -0400 Received: from nsfnet-relay.ac.uk by sei.cmu.edu (5.61/2.3) id AA22654; Wed, 20 Jun 90 17:04:27 -0400 Received: from sun.nsfnet-relay.ac.uk by vax.NSFnet-Relay.AC.UK via Janet with NIFTP id aa23397; 20 Jun 90 16:25 BST From: Anthony Appleyard To: DAVIDF@cs.heriot-watt.ac.uk Date: Wed, 20 Jun 90 16:36:04 BST Message-Id: <$TGWGCZNQBTTQ at UMPA> Subject: Virus-L vol 0 issue #1102 Virus-L Digest Wed, 2 Nov 88, Volume 0 : Issue #1102 Today's Topics Anybody home? Re: Anybody home? network traffic comments on EEV vs FEV I'm hit! I'm hit! ------------------------------ Date: Wed, 2 Nov 88 06:28:24 PST From: Robert Slade Subject: Anybody home? I've very suddenly stopped getting VIRUS-L. -------------------- Date: Wed, 2 Nov 88 13:27:44 EST From: "Steven C. Woronick" Subject: Re: Anybody home? I've not been getting much virus-l mail either. I figure that either (1) the listserver is ill or (2) my mail is getting intercepted somewhere or (3) everybody's afraid to talk for fear of being flamed for writing about issues on the fringe of virus-l's set of pre-approved topics (like all the flak about ethics in computer crime and punishment). -------------------- Date: Wed, 2 Nov 88 14:58:21 EST From: Ken van Wyk Subject: network traffic VIRUS-L is alive and well. Traffic has just been low lately, that is all. -------------------- Date: Wed, 2 Nov 88 14:58:21 EST From: Ken van Wyk Subject: comments on EEV vs FEV Re: Len Levine's suggestion: > Let me suggest a couple of definitions. > ...two kinds of virii, those that exploit errors (Error Exploiting > Virii or EEV) and those that exploit system features (Feature > Exploiting Virii or FEV). I should think that such a naming convention could be pretty useful whereby an EEV would be attributable to (presumably) a system programming error, and an FEV would be attributable to a system design deficiency. I'd also think that EEVs would be more prevalent on micros since there is no facility for memory protection, etc. Of course, this is an opinion... To the "garden variety" virus author, technical specifications for micros are much easier to find than the same for mainframes; hence writing an EEV to exploit some non-protected facility (e.g., writing an absolute sector to disk) would be easier than doing the same on a mainframe. What's more, direct i/o instructions on most mainframes are privileged instructions and wouldn't be available to an average user program. More frequently, a mainframe virus would take advantage of something like file sharing in order to infect other users' file spaces. Comments? Ken Kenneth R. van Wyk Calvin: (hammer hammer hammer ...) User Services Senior Consultant Mom: Calvin, what are you DOING to the Lehigh University Computing Center coffee table?! Internet: Calvin: Is this some sort of trick BITNET: question? -------------------- Date: Wed, 2 Nov 88 20:36:00 PST From: "JOHN D. WATKINS" Subject: I'm hit! I'm hit! Just in case anybody cares (studying the spread of these things), UCR (that's R as in Riverside, CA; near LA) has been hit by nvir. Actually, we first saw it here a couple of months ago, but we thought we stamped out the (theoretically) small infection. Well, like they say, they're back... Kevin Lund -------------------- *** end of Virus-L issue ***