User`s guide

ManualsBrandsAMSTRAD ManualsComputer equipmentPC-ECD

/90/$0.00+2.50 This bulletin is available only to qualified subscribers. No part of this publication may be reproduced, stored in a retrieval system, or transmitted

by any form or by any means, electronic, magnetic, optical or photocopying, without the prior written permission of the publishers.

Page 7

VIRUS BULLETINAugust 1991

5th July 1991

Sir,

We certainly do not claim that Knoxcard cannot be reverse

engineered as your reviewer claims (VB, July 1991, p. 39).

Any competent systems programmer should be able to achieve

this. What should be kept in mind, however is that once a

piece of software is unassembled, writing a program to

override it depends on knowing the contents of specific

locations/addresses within the unassembled code. And what

the Knoxcard User’s Guide explains is that these locations are

not common across all Knoxcards and they are mixed to get

an infinite number of combinations, thereby preventing

anybody from writing a common piece of code to override the

Knoxcard virus checks.

Yours sincerely,

SURESH. K.

Knoxware, India

Sir,

Thank you for taking the time to evaluate Trend Micro

Devices PC-cillin Virus Immune System. Apparently, the

outdated version of PC-cillin (V2.95) that Mr. Hamilton

reviewed had a compatibility problem with QEMM and

386

MAX

. This problem prevented Mr. Hamilton from installing

and fully testing PC-cillin against the Virus Bulletin’s viruses,

thereby affecting his results.

On behalf of Trend’s defence, I would like to clarify two very

important points. First, without installing the TSR intelligent

viral traps, PC-cillin would be unable to detect all viruses, as

Mr. Hamilton pointed out. PC-cillin would be limited to

detecting only those viruses contained in the Quarantine or

pre-installation scan. This point emphasizes the importance of

PC-cillin’s traps which search for symptoms of a newly

discovered virus, rather than relying only on a scan pattern

bank of known viruses which will always be (despite the

increasing number of annoying updates) an ineffective and

soon to be obsolete, method of virus protection.

Second, although it is possible to save boot sector data on a

diskette or by using The Norton Utilities, the only way to

achieve automatic, virus-free, boot sector recovery is by using

PC-cillin’s isolated hardware immunizer.

In order to present your readers with an equitable review of

PC-cillin, I feel that a fair representation of both sides should

be addressed. Please consider publishing the above comments

regarding PC-cillin.

Thank you,

Steve Chang

Trend Micro Devices

Mark Hamilton comments:

Mr. Chang’s opening remarks concerning third party memory

managers disguise the fact that PC-cillin had obviously not

been properly tested prior to its release.

More importantly, why did his company, at the end of May,

supply VB with a version for review that had already been

superseded? Is this ill-fated version still being supplied to his

customers?

I would suggest that using a dongle to store essential boot

sector information is considerably less secure than storing it

as a file on an off-line diskette. We are already witnessing the

emergence of viruses that target specific high-profile anti-

virus products and Trend’s dongle could well be within the

virus-writers’ sights. If Trend’s software can read from, write

to and interrogate its own dongle, then so can a virus - how

secure is your boot sector now?

Mr. Chang does make one very important point worthy of

elaboration. Given the spiralling number of viruses, it will

soon cease to be practical to provide every end-user with

virus-specific detection software, as it will impact too heavily

on the PC’s resources. This point has been raised many times

by Virus Bulletin - the search for practicable and secure

generic defences continues unabated.

Finally, I was horrified to see an advertisement for PC-cillin

in a recent issue of PC User magazine which declared that this

product ‘Kills all known viruses. Dead’. It doesn’t.

Referring to the product’s dongle as a ‘Hardware Immunizer’

is daft. The dongle is simply a new use for an existing,

outmoded and unnecessary copy protection device which does

not magically immunise a PC against viruses. What utter tosh!

The advertisement further claims PC-cillin ‘is unique as it

uses both software and hardware components’. It isn’t, what

about Thunderbyte from Novix International or, indeed, the

ill-fated Knoxcard? (VB, July 1991, pp.38-40)

The Advertising Standards Authority should investigate

Trend’s UK distributor’s advertising claims which, in VB’s

opinion, contravene at least two out of the three ASA tenets -

legal, honest and true.

M.H

Fax International +44 235 559935

Fax 0235 559935

LETTERS & FAXES

We welcome letters and faxes. These should be sent to

the VB office no later than the fifteenth of the month.

The ideal VB letter is short, concise, witty, interesting

and controversial and arrives in ASCII readable text on

an IBM PC compatible diskette of any density. Hard

copy can be sent by fax: