PD ROM 1

home *** CD-ROM | disk | FTP | other *** search

/ PD ROM 1 / PD ROM Volume I - Macintosh Software from BMUG (1988).iso / Electronic Messages / InfoMac Digests / InfoMac Vol. 6 / InfoMac 6.14 < prev next >

Wrap

Text File | 1988-02-19 | 13.5 KB | 411 lines | [TEXT/ttxt]

INFO-MAC Digest Monday, 15 Feb 1988 Volume 6 : Issue 14 Today's Topics: Apple's annual report on HyperCard wanted Problem with Hypercard Phone. Viruses more on Mac/HyperCard virus from CompuServe ---------------------------------------------------------------------- Date: 8 FEB 88 21:40-N From: CZYCHI%CSGHSG52.BITNET@CUNYVM.CUNY.EDU Subject: Apple's annual report on HyperCard wanted Hello, is anybody out there who has apples annual report? I know, I could phone a toll free number, but that doesn't work from my place in Switzerland. Thanks a lot for your help. Gary Gary T. Czychi University of St.Gallen EARN%"CZYCHI@CSGHSG53" ==> "CZYCHI%CSGHSG52.BITNET@wiscvm.wisc.edu" Tel.: --41 / 71 / 27 52 68 --49 / 211 / 46 01 23 ------------------------------ Date: Thu, 11 Feb 88 22:34 EST From: Kang Sun <SUN@VENUS.YCC.YALE.EDU> Subject: Problem with Hypercard Phone. Greetings, I have problems when use the Phone Stack (therefore, the Address Stack) to dial a telephone. No matter what number I put in the box, the modem will only dial the one digit and then stops. My modem is claimed to be 100% Hayes compatible and works fine with MicroPhone. Does anyone have ever had a similar problem? or any one has a clue to this problem? Thank you. -- Kang Sun ------------------------------ Date: Tue, 9 Feb 88 14:00 EDT From: ELIOT@cs.umass.edu Subject: Viruses (1) I think that every hard disk should have a hardware write-lock. I don't know of any that do, but if people started to complain to manufacturers about this it would certainly happen. (2) I think someone could implement a patch to the Mac OS that would disable all disk write operations. The idea is for every disk write (or Open for Write) to put up a dialog box informing the user and asking if it was OK. This should be designed so that it would be very difficult for a program to figure out ahead of time that it was going on. That means any virus which escapes this would be bigger and thus easier to find by other means. It would be a pain, but concerned users could use this patch when testing any new software they have aquired. SYSOPs and user's groups could also screen their programs, as the red cross screens the blood supply. Nothing is perfect, but a general purpose tool to *help* detect viruses is needed. (3) The Macintosh "Locked" file bit seems to be a sham. As far as I can tell the only thing that locking a file does is to prevent the FINDER from trashing it. Any other program can still write to it, or delete it usign the normal Mac Traps. Apple should modify the OS so that a locked file cannot be Deleted, or Opened for Writing (to either fork). A virus could still check for a change the Locked flag. If a specific trap was the only way to change the lock bit, then applications could be scanned for the presence of calls to that trap. Any application which has a call to change Locked bits would be subject to deeper scrutiny. Any virus which does not fiddle with the locks could be stopped by locking the system file. (4) Large computer systems have a number of security features. Most of them are designed to protect confidential information, which is not a concern in personel computers, but some of them also protect the integity of the system. Small computer manufacturers like Apple would do well to learn more abou;t large computer systems. Not just because of viruses, but for many other reasons as well. In th elong run I think the Mac should develop into a proper time-shared virtual memory system. Time sharing doesn't imply multiple users, it just means that a single computer can pretend to be several computers at the same time. As we move from switcher to multifinder to ??? it seems that Apple is being dragged in this direction by customer demands, rather than proceeding by the guidance of its own vision. Chris Eliot [A personal computer is a small box that sits on your desk and must be plugged into your bank account to draw power.] ------------------------------ Date: 10 Feb 88 06:49 EST From: science@nems.ARPA (Mark Zimmermann) Subject: more on Mac/HyperCard virus from CompuServe <<sorry about length of the following -- may want to truncate/synopsize before forwarding ... ^z>> #2558 NewApp.sit "virus" S 1 / Forum Business 7 messages Read? (Y or N) ! y #: 2558 S1/Forum Business 08-Feb-88 00:01:28 Sb: #NewApp.sit "virus" Fm: Bryan McCormick 71600,3710 To: SYSOP (X) Hi. I am curious to know if "NewApp" unpacked under another name. I want to make sure I didn't download and use the file. Thanks./ex 1 Reply *** More *** Read action: #: 2572 S1/Forum Business 08-Feb-88 03:04:37 Sb: #2558-#NewApp.sit "virus" Fm: Richard Reich 76011,1775 To: Bryan McCormick 716x,3710 (X) Also, perhaps somebody with Level 4 microbe containment facilities has disassembled the beast? Billy? I'm curious what the little s__t had in mind for all of us. Related subject: ad in recent New York Times business section promises total de-virusing for a fee. Only gives phone number -- not even an indication of what systems they can handle. This virus thing is gonna flush lots of "quacks" out of the woodwork. -r 2 Replies *** More *** Read action: #: 2619 S1/Forum Business 08-Feb-88 21:38:13 Sb: #2572-NewApp.sit "virus" Fm: Bryan McCormick 71600,3710 To: Richard Reich 76011,1775 (X) Hmm. I'm sure s--t and p-ss for brains had many bad things in mind for all of us. Hope he dumped it by mistake on himself. CNN carried a feature (yes, 30 seconds in TV is now a feature) on computer "worms" and "viruses". IBM is scared s--tless, because, so the story goes, someone poured on of the boogers into one of their larger client's systems--theyhave no idea of how to control the problem either. *** More *** Read action: #: 2620 S1/Forum Business 08-Feb-88 22:06:10 Sb: #2572-#NewApp.sit "virus" Fm: Bryan McCormick 71600,3710 To: Richard Reich 76011,1775 (X) Hello again. I just signed onto GEnie and they had/have a similar "virus" problem. Was the file here (CIS) the new Apple Product stack? If so, then it is the same one they had/have on GEnie. Not to worry. It seems to be an init that is self-installing (activates, once, on March 2nd) and self-removing after one run. I don't know if there are any other effects. The whole story is in a file on the GEnie Mac forum. A message of world peace...? Who are Drew Davidson and Richard Brandow anyway (they are the authors of the init). What is MacMag? 1 Reply *** More *** Read action: #: 2639 S1/Forum Business 09-Feb-88 00:58:23 Sb: #2620-#NewApp.sit "virus" Fm: Richard Reich 76011,1775 To: Bryan McCormick 71600,3710 Yeah, Billy doped out the INIT and Neil chased the perps and found out the same stuff over here. I'd love to hear Wiggo on the subject of what viruses could do to IBM OS's. Gotta be a riot. The Mac is really an easy mark compared to something like VMS, which of late has pretty good CAPABILITY for informing system police of lots of different kinds of infection attempts. But I bet that even VMS is vulnerable. -r 1 Reply *** More *** Read action: #: 2647 S1/Forum Business 09-Feb-88 08:35:52 Sb: #2639-#NewApp.sit "virus" Fm: Bill Cook (Sysop*) 76703,1030 To: Richard Reich 76011,1775 (X) Richard, Without going into specifics, you would win your bet. But... It takes a very good programmer to beat VMS. Doable, yes but... Bill(Deputy Dawg-Cook 1 Reply *** More *** Read action: #: 2658 S1/Forum Business 09-Feb-88 12:59:12 Sb: #2647-NewApp.sit "6irus" Fm: Richard Reich 76011,1775 To: Bill Cook (Sysop*) 76703,1030 (X) Back a couple of years, before I got Mac-ized, I was a very good VMS systems type. The system was not as secure then, and certainly not as aasy to monitor in terms of security. Even so, I really admired the extreme cleverness of the two or three system-busting techniques which became well known at that time. A good person has to spend A LOT of time on an effective VMS killer. The things in the VMS world that diminish security: (1) VMS people insist on being secretive about system holes that they know about. Thus, system managers who would instantly correct the problem on their machines are kept in the dark. (2) Many system managers are just dopes -- see the Sloan-Kettering VAX that was penetrated by a kid who knew the passwords on the RELEASE tape (which DEC tells you in bold caps to change immediately). Btw, DEC fixed this one even though it wasn't their fault in my opinion. -r ----- #: 2588 S1/Forum Business 08-Feb-88 13:25:49 Sb: #The "Virus" Fm: Neil Shapiro 76703,401 To: All After a lot of work on the part of the sysops, we have determined what the "virus" in the NEWAPP.STK HyperCard stack does. Billy Steinberg was able to reverse engineer (disassemble) the INIT that the virus places into System files. The good news is that the virus is harmless. But it _is_ a computer virus. If you have it in your System then on March 2nd it will display the following message: RICHARD BRANDNOW, Publisher of MacMag, and its entire staff Would like to take this opportunity to convery their UNIVERSAL MESSAGE OF PEACE To all Macintosh users around the world. (graphic of a world globe). If you want to see if you have it, set your System clock to March 2, 1988 and reboot. If you want to get rid of it, set your clock to March 3 and it will show itself once and then remove itself from your System. According to Brandnow, who I spoke to, it was not his intention to place it in a HyperCard stack nor to have it on CIS. What he did do was to develop the INIT in December and "left" it on their (MacMag's) own machines with the hope that "it would spread." It appears to have been the uploader who added it to his stack. That person has been locked off the network until we can contact him to speak with him. Mr. Brandnow tried to communicate to me his feelings of pride in this INIT which he said is "non-destructive" and "neat." I am afraid that I cannot bring myself to agree with Richard on this. While the INIT itself is non-destructive I believe it was at least irresponsible for MacMag to have perpertrated this type of problem and to have caused the confusion that they did. I also fear that this could give other people ideas on less peaceful uses of such a virus. I believe that MacMag has opened here a Pandora's Box of problems which will haunt our Community for years. CONTINUED 1 Reply *** More *** Read action: #: 2589 S1/Forum Business 08-Feb-88 13:28:33 Sb: #2588-#The "Virus" Fm: Neil Shapiro 76703,401 To: Neil Shapiro 76703,401 (X) CONTINUED FROM PREVIOUS I hope I am wrong. According to Richard, "It's a difference in culture. Here in Canada we don't own guns. It's the United States that has the nasty people." I think that Richard, and all of us, may find to our distress that nastiness knows no national boundaries. But, hopefully, there will be no repeat of such a thing here or on any other network or BBS. It is my opinion that no one has any right, for any purpose, to fool around with other people's computer systems. Obviously, we will try to guard against this in the future but, as always, we will have to count on the goodwill, and the good SENSE, of most of our membership. Thank you, -- Neil Shapiro (Chief Sysop) 3 Replies *** More *** Read action: #: 2590 S1/Forum Business 08-Feb-88 14:33:46 Sb: #2589-The "Virus" Fm: Ray Sanders 70277,3233 To: Neil Shapiro 76703,401 (X) Neil: I also dis-assembled the stack Sunday night. I encountered it on GEnie and somehow suspected that a Virus (WORM ?) might be lurking. I believe that no stack, application or any other software should modify the System file I am working without my knowledge and express consent. Perhaps what we really need, is an INIT that monitors for resource updates and/or writes to the System file. The user would have to confirm or deny permission. Oh well.... point and counter-point ad-infinitum. --- Ray Sanders --- *** More *** Read action: #: 2595 S1/Forum Business 08-Feb-88 17:30:21 Sb: #2589-The "Virus" Fm: Jeanne DeVoto 76117,2702 To: Neil Shapiro 76703,401 (X) I agree completely. NO PROGRAM should modify a System file without the user's knowledge. It is not a matter of which country "has the nasty people"; it's common courtesy and good sense. (Does Richard know *for certain* that there is no possibility his INIT can cause unforeseen System problems later on? If not (and I don't believe the answer can be a certain "yes"), then he has no business promoting its use in this manner.) I think Richard would be annoyed if I broke into his house in order to leave behind something I consider "non-destructive" and "neat" (but which he might not want). What the stack does is not really different. jeanne devoto *** More *** Read action: #: 2601 S1/Forum Business 08-Feb-88 19:28:58 Sb: #2589-The "Virus" Fm: Shawn Goodin (Sysop) 76703,1034 To: Neil Shapiro 76703,401 (X) The very first virus of a computer variety was for the Apple //! Called "Disease DOS", it propogated itself as disks were passed from user to user in the Chicago area. Unfortunately, its author lost control of it and for a time, he circulated a similar virus killer to eradicate it. Fortunately, it was a DOS 3.3 virus and used to INIT command to get from disk to disk. The author was not proud of the notoriety and I understand that there were many people who wanted to break his arms..... Shawn (this was about 4 or so years ago...) ------------------------------ End of INFO-MAC Digest **********************