From: “A. Padgett Peterson, P.E. Information Security” <PADGETT@hobbes.orl.mmc.com>
To: joe_n_turner@amoco.com
Message Hash: e086935c84b027db9218adbd11cefdc0184030cdc4d933272d2333ac02854e89
Message ID: <960131215755.20206719@hobbes.orl.mmc.com>
Reply To: N/A
UTC Datetime: 1996-02-01 03:30:53 UTC
Raw Date: Thu, 1 Feb 1996 11:30:53 +0800
From: "A. Padgett Peterson, P.E. Information Security" <PADGETT@hobbes.orl.mmc.com>
Date: Thu, 1 Feb 1996 11:30:53 +0800
To: joe_n_turner@amoco.com
Subject: RE: More FUD
Message-ID: <960131215755.20206719@hobbes.orl.mmc.com>
MIME-Version: 1.0
Content-Type: text/plain
>"real professionals?" You mean the kind that take meetings to avoid work and
>leave the office by 5:00?
No, those are managers. (Have better equipment at home anyway 8*).
>As far as "virus writers" there are relatively few that I would lump
>into that category, but the ones who do get there are worthy
>of at least a little respect.
The ones I know who could, don't. Is considerably harder to write an
antivirus program that can account for Zenith ZDOS 3.21 or the original
PC-AT BIOS than a virus that blows up if you run it under NW-DOS.
>>True, in early '92 when [Mich] came out things were more difficult - not
>>everyone had 640k in their machine so the user acurally had to have a clue
>>how much memory was supposed to be there. Today is there anyone with 512k ?
>If my memory serves me correctly, by '92 386's were rolling off the assembly
>lines.
You missed my point (and my canary trap). When a Pentium starts up it is
in 8086 "real" mode and is limited to the same 1 Mb basic address space
(know about the 64k - 16 bytes, is different from 8086/8).
What I was referring to was the "640k limit" imposed by 1-2-3 waaaay back
when - is stored in Bios data area (0:400) and CMOS.
>Maybe you should use WordPerfect instead.
Actually I prefer WordStar 7.0. Magazines and the gov like WordPerfect.
>Solution: Get rid of Windows. Upgrade to '95, NT, or go to Linux, even OS/2.
Have been warped. Have Liniux & FreeBSD. As for Win95, why would I want to
degrade my system ?
>>And you tell me that someone is going to spread a virus on the net that will
>>capture keystrokes on any machine it hits without anyone noticing ? It is
>>to laugh (and if they can, they are wasting their time with credit card
>>numbers).
> This sounds like a challange. Is it worth a T-Shirt?
Wasn't a challenge (though getting something to work on a "strange" NCR
notebook like mine might be 8*), never saw a BIOS leave dangling interrupts
following POST before...)
>Not if it is written properly. A lot of viruses become known only when they
>drop their payload. Others are just poorly written, no different from a bad
>software product.
It is not that they are written badly, just that most virus writers lack
experience and their worldview is narrow - the [Mich] we mentioned - is
obvious not that the writer did not know how to handle floppies, rather that
all he/she/it/other knew of were either 360k or 1.2 Mb. "Nightfall" writer
had apparently bever seen a Zenith 248 kit 5 BIOS. Ludwig's LBB boot sector
virus will only work under Dos 3.3 because DOS 4-up leaves different
values in the registers.
>>Fact is that the greatest protection the net has is that no two machines are
>>alike, may even start that way but after six months, no way.
>Ahhhhh.. but your wrong. Granted, the underlying strata may be radically
>different, but I can run an MS-DOS program on an 300 Mhz DEC Alpha (under NT)
>without any problems (except I couldn't get DOOM to run).
No, you can get *some* programs to run and on your machine you may get *all*
your programs to run. But they will not run on *any* machine.
> There is already a
>read-only Filesystem driver for Linux that will read NT. Like TCP/IP, the
>operating systems are going towards interoperability.
Type 7 ? Nothing magic, just different.
>The big computer companies recognize that they have to compete to survive. No
>longer can IBM design a machine and lock in their customers to IBM parts, IBM
>service, and an IBM operating system.
Strength from diversity 8*).
Meanwhile, back at FV, if someone wants to break it badly enough, they'll
buy one (or one of the FV employees) and take it apart at home. No
"professional" would attack anything that she/he did not already know
how to break. A *real* professional would buy two or three just to see
if they were all the same. Is the same problem with the "Sidewinder
Challenge" though it did get a lot of print.
Warmly,
Padgett
Return to February 1996
Return to ““A. Padgett Peterson, P.E. Information Security” <PADGETT@hobbes.orl.mmc.com>”
1996-02-01 (Thu, 1 Feb 1996 11:30:53 +0800) - RE: More FUD - “A. Padgett Peterson, P.E. Information Security” <PADGETT@hobbes.orl.mmc.com>