Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Virus Proof", Phil Schmauder

Expand Messages
  • Rob Slade, doting grandpa of Ryan and Tr
    BKVRSPRF.RVW 20000711 Virus Proof , Phil Schmauder, 2000, 0-7615-2747-8, U$34.99/C$48.95/UK#32.49 %A Phil Schmauder %C 3875 Atherton Road, Rocklin, CA
    Message 1 of 1 , Oct 23, 2000
      BKVRSPRF.RVW 20000711

      "Virus Proof", Phil Schmauder, 2000, 0-7615-2747-8,
      %A Phil Schmauder
      %C 3875 Atherton Road, Rocklin, CA 95765-3716
      %D 2000
      %G 0-7615-2747-8
      %I Prima Publishing/Jamsa Press
      %O U$34.99/C$48.95/UK#32.49 800-632-8676 www.primapublishing.com
      %P 273 p. + CD-ROM
      %T "Virus Proof: The Ultimate Guide to Protecting Your PC"

      On the very first page of this book we are told that viruses are
      written to steal or destroy "information that resides on your disk."
      (Viruses are written to reproduce.) The text then contradicts itself
      by saying that viruses may just print a message. Then we are told
      that you should never run programs downloaded from the Internet
      (downloading infected program files has always been a relatively
      trivial vector). Along the way we are told such vital information as
      that viruses must get into your computer's RAM in order to do damage
      (*everything* has to get into your computer's RAM in order to do
      anything) and that viruses are exchanged on disks or transferred files
      (that pretty much covers the field of data transport, wouldn't you

      Welcome to "Virus Proof," a collection of mistaken, valid, useless,
      and repetitive information. Sharp-eyed readers will have noted the
      inclusion of "valid" in that list. Unfortunately, you will have to be
      much more acute to pick out the true facts from the volume under
      discussion. As the old saying goes, if you can tell good advice from
      bad advice, you don't need any advice.

      Some of the errors in the book simply show that the author has not
      done his homework. (There is no evidence to suggest that the
      Michelangelo virus was written to "commemorate" the birth of
      Michelangelo the artist. The researcher who first reported the
      existence of the virus learned that the target date of March 6 was
      Michelangelo's birthday, and so used that name as a convenient label.)
      Some of the errors in the book are more seriously misleading. (The
      Michelangelo virus did not "occur" on March 6, 1992. It was,
      fortunately, discovered long before, possibly existed before March of
      1991, and still results in regular computer erasures every March 6th
      to this date.)

      The author does keep telling the reader not to use any data file, or
      run any program, until it has been scanned for viruses. That is good
      advice, as far as it goes. Unfortunately, it isn't very useful
      advice, and the constant repetition of that single injunction is
      likely going to dull the reader to the necessary finer points.

      The directive to scan everything isn't the only thing that gets
      repeated in the book. The first chapter manages to tell us once per
      page that computer programs are lists of instructions. Now, that
      statement is true: programs are sets of commands. But that bald
      assertion provides the normal computer user with no insight that could
      help with virus protection. One would think that the space dedicated
      to this piece of trivia could more helpfully be employed in presenting
      an accurate definition of viruses, or a list of the ways that you are
      more likely to get a virus these days.

      In only four pages, chapter two presents serious misinformation. A
      boot sector does not show up on a list of files on a disk. Boot
      sector infectors can infect non-bootable, and even "blank" disks.
      Trojan horse (or just "trojan") programs do not reproduce. A file
      infecting virus is not referred to as a "Trojan Horse virus." The
      definition given for a worm (if you are making a distinction the term
      "worm virus" makes no sense) clearly contradicts the declaration that
      a worm could also be a file infector. Most macro languages are not
      capable of supporting a successful virus: to date, only those written
      for Microsoft applications have presented any danger.

      And so it goes. Virus writers don't need your password, and system
      security breakers (who dearly love the confusion of the term "hacker")
      don't bother with viruses. Being the first on your block to upgrade
      to new versions of programs can have drastic security risks itself.
      If you are not supposed to run anything you download from the Web, why
      are you supposed to upgrade your software over the Internet? Since
      viruses are appearing at the rate of hundreds per month, keeping up
      with the few that make it into [large AV corporation]'s press releases
      is unlikely to be very useful. Mailing lists and newsgroups are
      recommended without any analysis. Most recent email viruses and worms
      harvest addresses for regular correspondents, so the direction to
      avoid email attachments from someone you don't know is almost
      worthless. Firewalls have nothing to do with viruses. If a virus
      infects a system file, knowing what programs are running on your
      computer is useless. Many loopholes have been found in the security
      of ActiveX controls: restricting operation to signed controls provides
      very little protection. Backups will help you recover if hit, but
      provide no inherent virus protection. Knowing how to break into
      systems will not protect you from viruses, nor will seven pages of C
      source code for a variant of the Crack program. (For those script
      kiddies eager to learn how to break into systems, save your money. It
      doesn't tell you that, either.) Phone phreaking isn't that easy,
      trying the stuff in the book can get you arrested, and it has nothing
      to do with viruses. (And John Draper's own account, given on the site
      illustrated, contradicts the story in the book.) Chernobyl is a
      variant of CIH, and not the other way around. Backing up the Registry
      provides no inherent virus protection. Anonymizers for email and Web
      browsing have nothing to do with viruses. Cookies have nothing to do
      with viruses. (Many of the points made about cookies are incorrect as
      well.) Happy99 used Usenet news, as well as email. Spam has almost
      nothing to do with viruses (and most of the recommended actions are
      not only useless, but will annoy people who have better things to do).
      The material on virus hoaxes is limited, physically hard to read
      (small print), and has no real analysis. Chat has nothing to do with
      viruses. Denial of service attacks have little to do with viruses,
      chapter sixteen has *nothing* to do with viruses, and neither do six
      pages of SYNattack source code. Privacy has nothing to do with
      viruses (and chapter seventeen has little to do with privacy). Email
      encryption has nothing to do with viruses. The Melissa virus was not
      polymorphic. Polymorphic viruses do not change their payloads. Virus
      "families" result from virus writers taking a given virus and making
      very minor changes to it. Digital signatures have little to do with
      viruses, and chapter nineteen does not discuss key management at all.
      JavaScript is not a "cut down" version of Java, and does not have
      Java's security model. E-commerce does not have anything to do with
      viruses. Y2K does not have anything to do with viruses. And,
      fortunately, the code presented in chapter twenty five is nowhere near
      sufficient to create a working virus. (It is enough is create serious
      problems for the person who tries to use it.)

      Now, of course, a number of the items mentioned do have something to
      do with general security. Unfortunately, the level of detail given in
      the book is far from sufficient to protect the user against these
      threats. Indeed, the threats themselves are not described
      particularly well, and I could go through a very similar exercise in
      pointing out the weaknesses in the general security material.

      Given the total size of the book it really isn't a work on viruses.
      It throws together a random assortment of information (and
      misinformation) about a variety of security related topics. Nothing
      is covered in depth, and nothing is covered completely accurately.
      Approximately half of the book is occupied with screenshots of
      miscellaneous Web sites, not always to do with the topic under
      discussion (and a number of which are repeated at random through the
      work) so this detracts even more from the material that could have
      been provided.

      A pamphlet on viruses surrounded by some opining on security issues
      buried within a lot of careless research.

      copyright Robert M. Slade, 2000 BKVRSPRF.RVW 20000711

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... rslade@... slade@... p1@...
      In America, freedom of the press is largely reserved for those
      who own one. - A. J. Liebling
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.