Re: Possible Virus
On Tue, 2 Nov 1999 15:34:18 -0500, Robert Craig <rds at ATTCANADA.NET> wrote:
>
>Therefore, there is *no virus* in either the clean pdex.exe
>or the "quarantined" version, unless you believe
>that the clean pdex.exe on our site, which has been
>downloaded and used for many months by many
>thousands of people is tainted.
>
>Regards,
> Rob Craig
> Rapid Deployment Software
> http://www.RapidEuphoria.com
In reply to you and Irv and Ralf, my apologies for all the trouble. The only
items tagged by NAV were the files I noted. I did not realize that the
quarantine did what you have noted, but I congratulate you, Rob, on
discovering their formula. Nice piece of code, too. I thought of restoring
the item before sending it to you, but thought that might not be advisable
and did not know that it was necessary to return the code to normal mode.
Live and learn. And no, I did not suspect that the download of Eu was
contaminated. I suspected that a virus might be hidden in one of the bound
and shrouded items in the archive or on one of the user sites pointed to by
the archive. I still feel that Eu is an open invitation to hackers to attack
and I don't believe that current virus checkers are liable to be able to
detect what can be done legitimately from Eu. I will repeat something that I
wrote to Ralf offline.
> In the long run, the only solution to this problem is to have some form of
> approved and really thoroughly checked libraries being the only code
allowed
> for posting on the archive. Pokes outside of these libraries would not be
> allowed in anything posted on the archive. Shrouded or bound code would
have
> to be provided to the librarian in source form, with the shrouded or bound
> version provide by the librarian. Without some controls, this ride could
get
> very rough.
Let me modify that slightly. I don't mean that libraries should be the only
things posted on the archive. What I mean is that code in the archive should
only be based on checked code or checked libraries. I believe that for this
language to grow in use and importance, pokes outside of standard libraries
should not be needed(lots of work and thought necessary to get to this one)
or used except in unusual circumstances or for code clearly marked as
"single platform".
That aside, my last item is the most important. Shrouded or bound code
should not be posted on any archive without the librarian of that archive
having the source in posession. A standard non-disclosure agreement can
handle any problems. If the shrouded or bound object is then created by the
librarian and posted, the rest of us can be certain that intentional damage
is unlikely and easily tracked if found. The use of stamped libraries should
be acceptable. I'm sorry that I don't have Ralf's certainty that no one on
this list would do ill things. I have no concerns about the major library
posters or the major contributors that are active on the list, but there is
much other that seems interesting that is not by these folks.
In answer to the thought that I am the only one with trouble, I have noted
that in recent times many of the major contributors to the list have had to
recreate one or more of their systems. I suppose that all those problems
could be hardware related or due to viruses not acquired from the Eu based
items but it doesn't seem likely. I have downloaded over 5 gigabytes of
items over time and tested most of them and this is the first time that I
have had problems with a virus. In 14 years of PC usage, I have had one true
hard-disk crash and that cost me no data loss. I have helped many others
with both hardware and software caused data loss, so I know that it happens
and I know both it's causes and cures. Prevention and backup are the
sovereign solutions. What I am asking for here is prevention.
Everett L.(Rett) Williams
rett at gvtc.com
|
Not Categorized, Please Help
|
|
