From: Aryeh Goretsky (goretsky_at_adelphia.net)
Date: Mon Oct 14 2002 - 03:24:29 EDT
Hello,
No offense taken at all, Mike. I actually was just addressing a
single technical issue without defining or even mentioning the
scope of the problem which, I will be the first to agree, could
make things sound alarmist.
By the way, I think you actually meant that I sounded like an
anti-virus developer fear-mongerer, not a Microsoft fear-mongerer.
It has been my experience that Microsoft downplays security issues,
whereas anti-virus vendors tend to overstate them. It's all a matter
of whether you make your living selling operating systems and
applications or security software.
In order for a DOS or Windows file-infecting virus to run under OS/2
it has to be run in a DOS or Windows session; my apologies if I was
unclear about this. Bear in mind that not all such viruses will
work properly inside a DOS or Windows session, but some will. Others
fail to execute properly.
I also do not believe I said anything about a boot sector or master
boot record virus spreading from a DOS or Windows session under OS/2.
It certainly is still possible to boot up with an infected floppy
diskette in the disk drive. On the floppy diskette the boot code
can been moved to a different location on the diskette so a virus can be
executed before passing control on to the diskette boot sector.
There is a class of virus called 'multipartite' viruses which spread
both via boot sector and file vectors, but the boot code portion of
the virus would stop running as soon as OS/2 switched into protected
mode during the boot process and, of course, the file component would
be unable directly access the hardware in a DOS session.
I remember in some instances, a boot sector virus will make a disk
inaccessible to MS-DOS by writing a corrupt BPB to the boot sector,
invalid entries to the partition table, and so forth. This was done
in order to make it more difficult for the virus to be removed by
anti-virus software. Both IBM DOS and OS/2 ignored such errors
allowing you to correctly access the disk. Which, by the way, could
lead to some interesting situations if you're helping someone remove
a virus remotely and you're running OS/2 and they're not....
You are very fortunate in that you get to work in what sounds like an
almost-exclusively OS/2 environment. Unfortunately, most of us aren't
so lucky: We have to deal with co-workers and clients who use Windows,
MacOS, various flavors of Unix, and so forth. And that means some
minimal amount of safeguards to ensure they don't accidentally infect
us, and we don't accidentally infect them. :-)
Regards,
Aryeh Goretsky
At 06:34 PM 10/13/2002 -0700, Mike Ryan wrote:
>No offense intended but your repsonse is silly Aryeh
>and typical of the Microsoft way of fear mongering.
>Our firm has used OS/2 since its original release -
>some ten years now and we have had hundreds,
>probably thousands, of OS/2 systems running over the
>internet. We send and receive Excel, Access, and Word
>documents (viewed/edited through IBM SmartSuite for
>OS/2 which includes filters for those documents).
>
>Never once has any one of our OS/2 systems ever been
>infected with any type of virus nor have we ever been
>found to or accused of spreading a non-OS/2 virus in
>any attachment. We are an accounting firm and we send
>and receive files and messages like everyone else. We
>do not employ any anti-virus software. What
>difference (to any OS/2 user) would it matter if a
>WinX virus arrived with a file download? Nothing
>because it can't invoke itself in an OS/2 environment
>despite your claims that it could somehow seep into
>the OS/2 boot sector (it can't). An OS/2 system
>doesn't see, recognize nor will it implement or cause
>any harm to OS/2. I have had WinX friends innocently
>and purposely send me documents and files with WinX
>viri, either unknowingly or on purpose, and I've never
>encountered a problem. Don't run Microsoft and you
>won't need anti-virus protection.
>
>
>
>
>=====
>Mike
>
>__________________________________________________
>Do you Yahoo!?
>Faith Hill - Exclusive Performances, Videos & More
>http://faith.yahoo.com
This archive was generated by hypermail 2.1.3 : Thu Jan 23 2003 - 09:59:30 EST