--------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E2K00000 Date: 02/15/97 From: ROD FEWSTER Time: 09:52am \/To: GENE PARIS (Read 3 times) Subj: More Viruses? * Gene Paris to Steven Walley * > GP>Let's see and let me guess, I guess both computers > GP>were in charge of life substaining devices? Life-sustaining equipment IS controlled by computers ... computers with hardcoded on-chip fallback emergency programming, uninterruptable power, etc ... computers specifically designed to control such equipment, with no hard drives, no floppy drives, and no input devices except function setting buttons/keypads ... which means there's no way in for a virus except at factory programming level. > GP>Personally, I find your whole story hard to believe. > GP>You look more like a low life scare monger to me. I shudder every time I hear a "computer viruses in hospitals could cause patient death" story ... although I think you may have been reading too much between the lines in Steven Waller's original message. > SW> Sounds like you are describing youself. > Right, like I am the one talking about increased virus production > and virii on hopital computers. I remember similar posts from one > Paul Ferguson, who seemed to find a new hospital computer that was > infected every month. Funny, I've worked in hospitals all my adult > life yet have yet to see any infected computers (though I am sure it > happens from time to time). A couple of years ago I was called in to eradicate a virus outbreak in a hospital system. The Health Service had a "Big Name" antivirus program installed statewide and thought their machines were virus-free until things started to go haywire ... programs refused to load, documents and records suddenly became unreadable, etc. They found Die Hard and Ripper with a shareware ThunderBYTE and contacted me for help, but by then over 600 of their 2000 machines were infected ... requiring a major cleanup. > The point being can you back up any of this with facts or studies? > No, I didn't think so. This is why I call you a scare monger. The > media and the public is waking up to your kind. This type of scare > tactic is becoming less effective and only making you guys look like > asses. Medical/treatment records in Australia are stored on hard charts, not on computers. The aforementioned statewide hospital virus infection posed absolutely no threat to human life or patient welfare (if it had, I would have blown the whistle instantly) so the story never made it into the media. Being "virus responsible" and issuing timely warnings about REAL virus threats is expected of an ethical AVer, but I'm a loud opponent of the UNETHICAL practice of using "panic the public advertising" to generate sales and I firmly believe that AVers or journalists who create "virus panics" without substance ... ie: in instances where the threat of data devastation is later exposed as a trivial non-event or a media beat-up ... should be arrested and prosecuted for fraud. > "AS PREDICTED, THE DREAD MICHELANGELO VIRUS ERUPTS, WREAKING UNTOLD > HAVOC ON AN ESTIMATED ONE COMPUTER BELONGING TO ROSE DEEGLE, OF > ROCHESTER, N.Y., WHOSE CHRISTMAS CARD LIST IS NEARLY WIPED OUT." > -DAVE BARRY That just about says it all! :) --- * Origin: --==[ Secure Antivirus Systems International ]==-- (3:640/886) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E2K00001 Date: 02/13/97 From: RICK COLLINS Time: 05:58pm \/To: SHELDON LAMB (Read 3 times) Subj: disable the rom?really? -=> Quoting Sheldon Lamb to Rick Collins <=- -=> FidoMail to 1:163/215, please.-=< RC>CC>is a dos command to clear the memory without rebooting? RC>CC>In some games I have to disable the cd rom to get more memory. RC>SL> ...if you're stuck dropping the rom to get more mem,you havent RC>SL> optimized the mem for each mode...it's rather RC>SL> labor-intensive,actually,but it works...just set up the config RC>But it doesn't allow him to avoid re-booting, does it? SL> ...no,it doesn't...the only time you invoke your config.sys is at My point was that's what he asked for - to clear memory without re- booting. TTFN. Rick. Ottawa, ON 13 Feb 17:58 --- Blue Wave/DOS v2.20 * Origin: BitByters BBS, Rockland ON, Can. (613)446-7773 v34, (1:163/215) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E2K00002 Date: 02/14/97 From: STEVEN WALLEY Time: 08:36pm \/To: GENE PARIS (Read 3 times) Subj: Twit GP>GP> SW> Both had the Stealth C Boot virus according to GP>GP> SW> F-Prot. Luckily, this GP>GP> SW> one is easy to remove. GP>GP> SW> I've seen more viruses in the past year than in GP>GP> SW> the previous 5 years GP>GP> SW> combined. GP>GP>You look more like a low life scare monger to me. GP> SW> Sounds like you are describing youself. Congratulations. Because of your gross stupidity, you have been added to my TWIT filter. --- OLX 2.1 ... Press a key to continue...Not that one!*%@$NO CARRIER --- * Origin: The Learning Curve - Torrance, CA. (310) 371-0007 (1:102/332) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E2K00003 Date: 02/15/97 From: GENE PARIS Time: 08:26am \/To: ROD FEWSTER (Read 3 times) Subj: More Viruses? rf> Life-sustaining equipment IS controlled by computers ... computers with rf> hardcoded on-chip fallback emergency programming, uninterruptable power, rf> etc ... computers specifically designed to control such equipment, with rf> no hard drives, no floppy drives, and no input devices except function rf> setting buttons/keypads ... which means there's no way in for a virus rf> except at factory programming level. Thank you. Having worked in hospitals I know that, hearing Paul Ferguson's claims of viruses being on life substaining systems always make me sick to my stomach...because some people believed him. And you of course are right perfer I am reading too much in little Stevie's message, but as I say having read a couple hundred Ferguson's hospital stories I freak out when I hear hospital and virus in the same sentence. rf> A couple of years ago I was called in to eradicate a virus outbreak in a rf> hospital system. The Health Service had a "Big Name" antivirus program rf> installed statewide and thought their machines were virus-free until rf> things started to go haywire ... programs refused to load, documents and rf> records suddenly became unreadable, etc. They found Die Hard and Ripper rf> with a shareware ThunderBYTE and contacted me for help, but by then over rf> 600 of their 2000 machines were infected ... requiring a major cleanup. Like I said, I am sure it happens, but I am willing to bet real money that no patience's life was endangered. Hospital administrators do get a little paranoid concerning virii (mostly because of public relations). 3 years ago I wrote my own Anti-virus program specifically for hospitals and doctor's offices. It was\is called Vx-Condom and where admittedly not as good as Thunderbyte or F-Protect it did have the advantage of being doctor\nurse friendly (you'd be surprised how medical people are afraid of computers). I never personally made a dime from the program (it all went to charity), yet Paul Ferguson accused me of all kinds of nasty things like infecting the hospitals I worked in then offering up a "cure". He of course had no facts to back this up. Also, since I was unable to write updates due to an extended stay with the United States Goverment, everyone (almost) is now suing me. My credibility in the world of serious programing is ruined (thanks to the media, who would trust a Anti-Virus program by Geno Paris? :) So all is left is to write Technopathic programs (this doesn't include viruses or trojans, because they are boring and unfunny) and release them into the Silicon Vortex. Oh, and I am willing to bet that I still would not be allowed to join CARO :) But hell, enough whining, I am starting to sound like John Souvest! -Geno --- Maximus 3.01 * Origin: rADiO_fREe_okC NuKe wHQ 405.634.9963! (1:147/69) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E2K00004 Date: 02/13/97 From: PAUL WALKER Time: 06:01pm \/To: CURTIS CANNING (Read 3 times) Subj: Warning Hi Curtis, TC>> A trojan is a program that appears to do one thing but actually TC>> does another. A program called INSTALL.BAT that formats your C CC>> What you just described is a "Batch Bomb" not a virus dropper, "Batch bomb"? The first sentence is fine, perfectly accurate. (Oh... also the trojan might actually do what it's supposed to as well.) CC>> which I admit it is a trojan, but not a trojan virus that CC>> activates at a certain time and infects the hard drive and spreads. There's no such thing as a "trojan virus" - they're fundamentally different. Trojans don't spread on their own. Viruses do. (Also see top paragraph.) --- FMail 1.02 * Origin: My room, where else? (2:253/417.46) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E2K00005 Date: 02/15/97 From: RICK COLLINS Time: 08:22am \/To: JOHN ALDRED (Read 3 times) Subj: school book.. -=> Quoting John Aldred to Joshua Small <=- -=> FidoMail to 1:163/215, please.-=< ja> AFAIK the correct definition of a Virus was "A program or code ja> which alters data on a person's hard drive without that person's ja> knowledge or consent" Please correct me if I'm wrong :) You're wrong. a "virus", by definition, must "replicate". It may do anything else or nothing else - but to be a virus, it has to replicate. TTFN. Rick. Ottawa, ON 15 Feb 8:23 --- Blue Wave/DOS v2.20 * Origin: BitByters BBS, Rockland ON, Can. (613)446-7773 v34, (1:163/215) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E2L00000 Date: 02/16/97 From: DAVID DESROSIERS Time: 09:56am \/To: GENE PARIS (Read 3 times) Subj: Re: More Viruses? -=> Quoting Gene Paris to Rod Fewster <=- GP> Thank you. Having worked in hospitals I know that, hearing Paul GP> Ferguson's claims of viruses being on life substaining systems always GP> make me sick to my stomach... Maybe you're coming down with a ... never mind ;) GP> stories I freak out when I hear hospital and virus in the same GP> sentence. Unless it's cellular ;) rf> A couple of years ago I was called in to eradicate a virus outbreak in a rf> hospital system. The Health Service had a "Big Name" antivirus program rf> installed statewide and thought their machines were virus-free until rf> things started to go haywire ... programs refused to load, documents and rf> records suddenly became unreadable, etc. They found Die Hard and Ripper rf> with a shareware ThunderBYTE and contacted me for help, but by then over rf> 600 of their 2000 machines were infected ... requiring a major cleanup. Happened to over 1,000 machines on a site I work for with the new McAfee installed. "But we registered it legally, doesn't THAT make it the est one out there? SOMEONE had to think so..." -The Visionary visionary@brazerko.com visionary@aura.title14.com ... Who has the USSR's BIOWAR contagious snake bite virus? --- WtrGate+ 0.93.PRE7 beta sn 116 * Origin: hacker heaven bbs - #include (1:320/2600) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E2L00001 Date: 02/16/97 From: GENE PARIS Time: 04:39am \/To: STEVEN WALLEY (Read 3 times) Subj: Twit SW> Congratulations. Because of your gross stupidity, you have been added SW> to my TWIT filter. Oh my. Isn't that just terrible. I have been added to Little Stevie's twit filter! -Geno --- Maximus 3.01 * Origin: rADiO_fREe_okC NuKe wHQ 405.634.9963! (1:147/69) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E2L00002 Date: 02/15/97 From: CURTIS CANNING Time: 01:51pm \/To: GORDON FREY (Read 3 times) Subj: Warning Hi Gordon GF> But that is a torjen still. It is a virus droper and still must GF> be ran on the triger date, or its a virus droper and after it GF> drops the virus code the virus is active with a trigger date for GF> its payload. But the original program IS NOT a virus. So what you are saying is that the Virus Kit makes up two different programs, one: that activates at a certain time and drops the Virus, and two: the virus it self. Trojan = A separate program that drops a virus or another program. (eg. Bombs or Virus Dropper ). Virus = A program that spreads to other files by executing of a file which is infected. How does that look for my defanishion of a Trojan and a Virus. ,-_|\ / \ \_,-\_/ Regards - CC - v MailiUg AustTalia WidE 97! CYA.. ___ Blue Wave/386 v2.30 --- * Origin: Melbourne PC User Group BBS (3:632/309) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E2L00003 Date: 02/15/97 From: CURTIS CANNING Time: 05:47pm \/To: RICK COLLINS (Read 3 times) Subj: Warning Hi Rick RC> They are simply viruses, not trojans. When they execute, they check RC> the date or time, or whatever for the "trigger" they are programmed RC> to use. They then either execute the "payload" or not. That's not a RC> trojan. I see. RC> altogether from a "logic bomb". There's no need to keep a user RC> "busy" while destroying his system, BTW. That can be done with a RC> handful of instructions which execute in less than a second. Yeah, I heard of these Trojans or bombs that only take less than a second to partly format you hard drives, it formats the center or something. cc> With money, man power and research, I thing that 99% of cc> possibilities are possible. RC> All "possibilities" are "possible", by definition. Other things are RC> _not_ possible - no matter how much money you care to throw at it. RC> There is no need to make programs "virus proof" when this can be RC> accomplished by proper design of the operating system, and a RC> conscientious applied security policy. As long as the OS allows RC> access to low-level structures _no_ program can be "protected" as you RC> are suggesting. You are going to look back in 20 years time, when they have invented a virus proof file and then think of what I have typed about files not getting infected, and then you will realize that nothing is impossible :) CC> Then people would have to resort to programming bombs, instead CC> of viruses. RC> They don't _have_ to resort to anything. CC> They are undetectible aren't they? RC> No, they're not. But you'll have to define the term. Program Bomb or a Batch bomb, are very hard to find, how many scanners do you know which will check you computer for bombs, I know of one, the ANSICHEK series! Version 9.0, it finds hidden ANSI codes which COULD redefine your keyboard to format your hard drive, But is only for ANSI. And also how many people bother scanning for bombs, you can really get someone of there guard, especialy if you disguised a bomb in a BBS advertisement file. ,-_|\ / \ \_,-\_/ Regards - CC - v MailiUg AustTalia WidE 97! CYA.. ___ Blue Wave/386 v2.30 --- * Origin: Melbourne PC User Group BBS (3:632/309)