[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: encrypting virus (KOH)

To: [email protected]
Subject: Re: encrypting virus (KOH)
From: "J. J. Larrea" <[email protected]>
Date: Sun, 15 Aug 1993 23:15:31 -0400 (EDT)
In-Reply-To: <[email protected]> from "Karl Barrus" at Aug 15, 93 05:40:14 pm

Karl Barrus writes:
> I don't see any difference between Stacker 3.0 and its stacked disk
> option that compresses files on a floppy and inserts a small
> decompression routine there as well, and the encrypting "program" I
> posted information on.  Well, besides the fact the Stacker compresses
> and potassium hydroxide encrypts.

I did not save the original potassium hydroxide posting, so I am not sure
whether it truly constitutes a "virus", but I can't let any defense of
"benign" infection mechanisms go unchallenged.

If someone gives me a floppy, and, by running a program contained on it
or booting off of it, some algorithm contained therein is permanently 
incorporated into my system *without my explicit desire and command*,
to me that constitutes a viral ATTACK on my system, by compromising the
sanctity of my data, whether or not the author's intent was benign.

Even if a question like "Compress [Encrypt] drive C: ?" were presented,
I'd be rather perturbed (especially since I use a Mac :-), since the
question would probably be completely outside of the context of what I
was trying to do (eg. run a GIF viewer, checkbook balancer, compiler,
whatever), and would not provide sufficient notification of potential
ramifications from answering in either the negative or the affirmative.
Should that happen to *me*, I'd immediately go for the reboot switch and
never use that floppy again; but most non-hacker computer users I know
would be pretty lost, and feel rather violated if they chose the wrong
option and something bad happened.

Now, if a smart compressor/encryptor wrote itself along with the files
it was treating, and then wrote a nice README file which explained that
files on the floppy were compressed/encrypted, would be automatically
decompressed/decrypted, and that the treatment could, if you wished, be
performed on your hard drives and/or other floppies by making a backup
and then executing the following command, that would be perfectly fine.
Low-pressure sales techniques are far more humane than high-pressure:
one gets time to scratch one's head, think about alternative strategies,
reconsider one's intent.  And a decision to reformat possibly years of
data from a universally-accessible native format to a proprietary format
certainly should not be made in an ad hoc manner.

If a compressor/encryptor has a mode whereby it can automatically compress/
encrypt native-mode floppies when they are first mounted, that's quite a
useful feature.  But in this case I would have first had to have made a 
pro-active decision to install the software on my system, and thus been
apprised of the ramifications.  I would certainly still want and expect
at least a minimal query like the above before anything is changed, otherwise
it would be too easy to forget the mechanism is in place, get a floppy from
a friend, and without knowing it return to them an altered and possibly
unuseable disk.  Not good.

I thought Cypherpunks were all for self-determination?  If there's anything
in the computer world which strips us of that it's a virus or trojan horse,
no?

- JJ

References:
- Re: encrypting virus (KOH)
  - From: Karl Barrus <[email protected]>

Prev by Date: `Stalled' Progress
Next by Date: cyberspace & cybercycles donations!
Prev by thread: Re: encrypting virus (KOH)
Next by thread: Re: encrypting virus (KOH)
Index(es):
- Date
- Thread