The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #161 [Re: some points to make with the media] (1 message, 983 bytes)
NOTICE: recognises the rights of all third-party works.


From: Steven Bellovin <hector!smb>
To: phage
Date: Sun 22:51:18 06/11/1988 EST
Subject: Re: some points to make with the media
References: [Thread Prev: 132] [Thread Next: 164] [Message Prev: 083] [Message Next: 082]

Not to split hairs, but...  This can be called a virus at a different
level.  That is, a worm is a network virus.  An ordinary virus lives
on a computer, and uses programs to infect other programs; this one
lives on a network and uses computers to infect other computers.  And
while it's hard to write a program virus on UNIX because of the MMU
and the file system (though not impossible; I know of one that Tom
Duff did), our network lacks similar protection.  Thus, the network
elements -- computers -- try to distrust their environment, in way that
programs on a PC perhaps should.

Your second point is too strong; while only Sun-3s and VAXen were
susceptible to this particular incarnation, there is clearly no reason
to think that any UNIX system on the net couldn't have been targeted.
All it would have taken was a few more .o files, or even source if
the author had wanted to expose the code.

On point 4, it's worth stressing that the military has such regulations
precisely because they do not trust the current state of the art of
computer security.  That is, they employ procedural safeguards to make
up for technical shortcomings.  If there was such a thing as an A3-level
system (verified secure at the object level, maybe, with cryptographic
checksums at execution time?), there'd be no reason to keep such a machine
off the Internet; more or less by definition it would be about as safe
as any other way the government stores stuff.