BKEYESTM.RVW 931019 Gold Eagle/Worldwide 225 Duncan Mill Road Don Mills, Ontario M3B 3K9 "Eye of the Storm" Those who like books with series titles like "The Executioner" will like this book. 'Nuff said. The computer virus is by no stretch of anyone's imagination a major subplot, even in a book which seems to consist only of subplots. Nevertheless, it is interesting to note what it indicates about the popular perception of viral programs. The "virus" is tripped during an attempt to find a tap in a voice (phone and radio) network. Since phone switches are basically computers with special peripherals, this could be realistic. There are viral programs which can "sense" probes into memory or operations, and can then trigger. However, there is no indication of reproduction in the story, and, therefore, the malicious program is either a logic bomb or a trojan horse (or both). Interestingly, the system under attack is protected by a "worm". The theory is proposed that you protect your own computer by shutting down if you detect suspicious activity. (One suspects this was the idea behind the "Immunizer".) Having written the shutdown program, you should know how to recover the system, whereas unknown malicious software can damage your data structure in ways that may take longer to diagnose and rectify. The concept is initially interesting, but somewhat flawed. First of all, the reliability of the system is internally compromised by such protection, and this is not acceptable in all situations. (In the book, communications are shut down at a vital juncture.) Further, the detection of suspicious activity requires a background of known methods of attack. (Interestingly, the protection program in the book is stated to be subject to periodic upgrading.) Given the need for specific knowledge of security loopholes that the malicious software might use, there will probably be better means to deal with the insecurities. Finally, if the attacking program uses an unknown method, the attack may still succeed. In the book, we once again see the myth of a virus (or the defending "worm" in this case) being able to damage hardware. Fuses blow, wires burn out and the power for the entire complex shuts down. Debugging the system involves the "MIS manager" character crawling under desks with a roll of electrical tape. Guess we still have some educating to do. copyright Robert M. Slade, 1993 BKEYESTM.RVW 931019 ====================== DECUS Canada Communications, Desktop, Education and Security group newsletters Editor and/or reviewer ROBERTS@decus.ca, RSlade@sfu.ca, Rob Slade at 1:153/733 Author "Robert Slade's Guide to Computer Viruses" (Oct. '94) Springer-Verlag