Copy Link
Add to Bookmark
Report
Cris Vol 1 Issue 02
-----BEGIN PGP SIGNED MESSAGE-----
Written and Supported By:
The Cris Staff
CRIS Policy / Procedure Statement
CRIS is a virus information service that started after seeing all of the
politics in the anti virus and virus exchange world. CRIS tries to stay
out of the virus politics between the two sides and prefers to take some
of the middle ground. We here will go into detail on CRIS, what it is
about, rules, regulations, etc.
Virus Research
Cris has seen regular computer users that have little to no computer
knowledge take an interest in viruses, what they can do, how they work
etc. These people, because they do not use debug, have no programming
knowledge, or know the latest virus terms and such, are shunned by the
known AV researchers and AV people. Not in all cases, but for the most
part, what we see is people with a true interest being shunned or told to
go away.
Do these people have a right to learn? There are no computer schools to
teach these people what they want to learn. The av does not have the
time to talk to them, much less help them with anything. This is where
Cris comes in.
AVvX - What it is
Cris will teach anyone that wants to learn. Due to the fact that the AV
community has no set standard for who they will admit, and who they will
reject ( it seems to be a purely political thing... i.e. It's not what
you know but who, and what you can do for them...), we have allot of
respectable people going to the virus exchange bbs's to learn what they
would like to know about viruses. On most of these vx boards they are
exposed to illegal activities, such as "Carding", "Phreaking", and
"Hacking". They are told that the `AV' are the enemy, and the `VX' are
their friends.
Well what it comes down to is that some of the AV and VX are both their
"friends" and "enemies". This separation of AV and VX has been around
long enough, when you look at it the AV are "VX"! The AV virus exchange
amongst themselves, and the `VX' exchange amongst themselves. The only
difference between the two is the "ethics argument". Now we have two
groups in the VX world, one called AV and the other wrongly called VX,
seeing how both sides virus exchange you can not really call the one VX
as a title.
Well it looks like the confusion is already there, both sides are doing
virus exchange but each side is doing it amongst themselves. There
should be a separation here though, one side will give viruses to people
with the knowledge that they are going to take this file and do some
damage to someone's machine. The other side attempts to insure that the
virus will not be made available to anyone except other "accepted
researchers" (define that as you will). So ethics comes in here, one
side has a "Code of Ethics" (though it is often arbitrary in application
of said "Code"), the other has no ethics. So in the virus exchange world
there are currently two titles VX and AV, (one with "ethics", and one
without).
The problem here is that there are allot of VX people that do not fit
into this AV `Click' but still have the "proper ethics". They have no
intention of doing any damage or giving the files to people who do. They
are VX, because they exchange viruses (just as the AV do), but they are
people with "proper ethics", (AVvX) if you will.
AV'ers = Someone that is against viruses doing damage to someone's
machine, against anyone that would attempt to bring about
this act, against anyone that would help aid a person in this
act. Someone that will assist others in the prevention of
this act (ie: AV software).
AVvX'ers = All of the above + Will virus exchange with any interested
person that is to be trusted (in their eyes), AV authors,
programmers, researchers, collectors. But not clear cases of
un-ethical people.
VX'ers = None of the above. Their work is to undermine AV research and
programming, they will assist people attempting to damage
systems, no ethics apply here. Not all but many of these
users are hackers/phreakers/carders, most of this group has
no respect for the law and tend to have an `underground' way
of thinking.
Remember, Virus exchange is not against the law (YET), AV'ers and
AVvX'ers do not want to see this happen, very few in the av group want
to see this happen, most of them are taking a stand against it. (we'll
know more on this after the upcoming hearings...) Only a select few are
pushing for it. we see these as AV_CONFUSED!
AV_Confused = Those individuals in the AV community who want to make it
illegal to own and exchange viruses (or virus code),
UNLESS you are an "approved researcher".
The questions that remain unanswered are: Approved by who? What criteria
would one have to meet? As long as viruses are clearly labeled as such,
who has the right to tell anyone (in a democratic society) what kind of
code they may, or may not, keep on their own personal computer? The only
thing that will happen if viruses are made illegal is that the VX community
will go deeper underground. The above are the reasons why we call the
individuals that want to see viruses made illegal AV_CONFUSED, we fail to
see the benefits of their plan. All we see is people wanting the Government
to tell us what we may or may not possess on our personal computers. This
sets a dangerous precedent.
CRIS BBS Policies and Procedures:
A lot of people have asked us to clearly define the policies and
procedures used on the BBS, hopefully this article will
accomplish this.
Types of access:
1. Regular Access
Regular access is available to anyone who cares to log
on, it includes access to everything except the virus file
areas.
2. Research Access
Research access is available to those with an interest in
"researching" computer viruses. The definition of research is
left to the individual. To apply for research access one
needs to fill out the research application in the cris/info file
area and leave email. After your request is received you will
receive email with a single virus attached to it. You are
expected to research this virus to the best of your ability.
Once you have done this, you should UL your results to the
BBS. After reviewing your work you will receive research
access. This type of access will allow you to DL up to 5
files per day without requiring you to UL. You can maintain
this type of access indefinitely, as long as you continue to
UL your results in a timely manner (No less than once a
month).
Note: this access will go to 10 files after you become regular
with your research.
3. Virus Access
The first thing you will need to do is fill out the virus
access application in the cris/info area and upload it to the bbs.
Virus access is available to those that are curious and want
to learn more about computer viruses. To receive this type of
access one needs to UL at least 50 known viruses to the Virus
Access area. This initial UL is required because this shows
us that you already have access to viruses, and probably came
here to learn more about them. WE HAVE NO INTEREST IN
DISTRIBUTING VIRUSES FOR ANY TYPE OF DESTRUCTIVE ACTIVITY, we
only want to help people learn more about them, and overcome
any irrational fears they may have of them. Once your UL is
verified, this type of access will allow you to DL 5 viruses
for every day.
Seeing you do have access to viruses, we will expect you to help
add to the base here. The five viruses on the daily basis will
continue as long as we see a honest effort on your part of adding
some sort of addition to the bbs, either uploading (viruses or av
software), or posting messages. Before you UL any virus, please
scan it with the latest copy of F-Protect. Note what F-prot calls
the file and do a search with that as the search string. This will
help keep you from sending up files we already have.
Note: Your initial upload can be any known viruses, this is just
to prove you already have access to viruses. It is our view
that if you have access to virus files now, we can hardly do
much harm allowing you access (seeing you have access to the
like files anyway). But remember we need the virus access
application from you and the upload before you will receive
access.
4. Virus Collections
We encourage people to send up their virus collections. Each
collection will be reviewed on a case by case basis, those
that add to the BBS collection will receive more DL credit
than those that do not. If you have any questions on this
policy please leave email. Anyone that wants to DL a
collection MUST obtain permission from the person that sent
it up. Once the staff is positive that you have permission to
DL the collection in question, and you have filled out the required
application, and already have approved virus access, the collection
will be made available to you.
5. The Holding Area
Due to the fact that we allow both virus writers and
anti-virus software authors to access the BBS, there may be
times when someone wants to send up a file but does not want
it made available for DL right away. In this type of
situation you may UL your file into the Holding Area. In the
file description please include a date that it should be made
available for DL. If you don't want to leave a public
description of the file, please leave email telling us what
it is. The file will remain in this area until the date
specified ( no longer than 90 days from the date of
UL). If you want the file to be accessible to certain users
leave email and arrangements can be made.
6. Virus Research
What is virus research here on the Cris BBS? For those that
want to learn more about computer viruses in more of a 'hands
on' type of way, we offer our services in this way.
Virus research falls into three categories. This is done so
that all can get involved without feeling that their work
would not be good enough.
A. The Beginner
A beginning researcher is one that has enough knowledge to
unzip a virus and run some simple tests. These tests would
be scanning the virus with different virus scanners, and
writing down which scanners detected the virus and weather
they were able to clean it. Also maybe they might look up
some info on the virus in vsum or other dbase style programs
and add in some quotes. They will also add a section of
researchers notes.
B. Intermediate
The intermediate level researcher will do all that is above
but he will add in things like source code, screen captures
of the virus in action, he will disassemble the virus if he
can not find source for it and include it in the researched
virus upload. His researchers notes will be a little more
indepth.
C. Expert
The expert researcher will do a Caro style research. This
will include using debug, maybe different interrupt trapping
utilities, this research will be allot more indepth then the
normal research that someone wanting to learn more would
be doing. This is more for those that have been into this
for a while, or have a good programming background. There
are examples of this research both in bulletins on the
bbs, and in text files in the file areas.
There will be three areas on the bbs for these files, we will add
the files to where they belong as we see fit.
We hope that this clears up any confusion anyone may have had
about the types of access available on the BBS, and the criteria
one must meet to receive them.
-----BEGIN PGP SIGNATURE-----
Version: 2.3a
iQBVAgUBLNc3/6M4CDusTF+9AQEcQgH+JAyYPO7aqgqgCQvH8sy+j0aOzya/eu4V
VCtM3WJlk+TbOLzNSLRDS0JHnap+ZXnDZo3mlA1WhWvPBNMvWMC6xA==
=UD3M
-----END PGP SIGNATURE-----