Fred Cohen – Not all virus writing is a crime Aurélien Cabezon le 24 novembre 2003 à 19h10, dans la rubrique Menaces Commentaires fermés sur Fred Cohen – Not all virus writing is a crime cohen Entretient avec Fred Cohen. Il y a vingt M.Cohen développait et documentait le premier virus informatique dans son laboratoire universitaire. Aujourd’hui consultant en sécurité, Fred Cohen a accepté de répondre à nos questions. M.Cohen, What is a virus ? Formal definition per journal articles. « A program that reproduces » will do for a simplification. You wrote the first « Virus » in 1983, what was your intention at this time ? To learn. Do you think that the Antivirus Solutions are the only protection so far ? The present protections are typically poor at best. Read my papers for my thoughts on this. My papers can be found on my website http://www.all.net What’s your concern about the propagation vector ? Is it more Human or System (such as MS Windows) related in your sense ? A complex question. Windows is not to blame. So who is responsible ? Viruses can exist whever there is sharing, transitive information flow, and general purpose function. Sharing is central to most modern information technology use. Transitivity is limitable but current systems do not do this and it creates a range of problems that are solvable. Limited funtion is something we should and could embrace – things like turning off macros in Word, etc. And limited combinations are worthwhile – like requiring human action to allow sharing between certain programs, etc. But this is not what the computing world is moving toward. Virus writing for profits, believable ? I guess you could try it – but you might end up in jail if they are malicious instead of benevolent or if they go where you don’t want them to go. Where is the « instructive perspective » in virus writing ? For folks who don’t get how they work or how easy they are to write there is value in writing one or two. It teaches students very effectively about just how easy it is. Most of the students I have that do this have never written a program before so there is a lot to learn there as well. As a Virus Expert, how can you descibe a « well coded » virus ? A benevolent virus is one that does useful computation efficiently without harmful side effects in the environment it is designed to operate in. Good and bad are terms that are context relative. What is the most important threat between Hoax or virus ? I don’t fear hoaxes. But then I don’t fear viruses either. Reality is far more dangerous than fantasy in most cases. What’s your concern about Virus Author punishment ? Do you think that Jail is too much ? If they commit a crime they should be punished per the law. Not all virus writing is a crime. Do you think that a Virus can turn off the entire Internet ? Nothing can down the « whole » Internet except perhaps a comet strike or Nuclear Winter. Could a Virus be used as a weapon in electronic war ? It has been. Thank you very much M. Cohen Vous avez aimé cet article? Cliquez sur le bouton J'AIME ou partagez le avec vos amis! Notez L'article Participez ou lancez la discussion!