Abstracts of Recent Articles and Literature

on preventive measures. The second product is Pollcat II + from Western Tclcmatic. The system monitors call records on PBX long distance lines and notifies the user when calls meet certain preset parameters. Typical conditions that would trigger alarms include: an cxccssivc number of short calls trying authorization codes; after-hours or weekend calling or calls made to or from certain locations. Computerworld, April 27, 1992, p. 64.

Enemy Action. This article considers a new and disturbing trend in viruses, the ability to be aware of specific anti-virus programs and evade them or even attack them directly. This has taken a number of anti-virus software developers by surprise and many popular products arc highly vulnerable to attack from such viruses. The viruses concerned include: Antimon, Itti, Peach, Thursday I2th, and Zherkov. The article lists the “five golden rules for virus softwarc”, given from the perspective of the virus writer rather than the anti-virus programmer; the intention being to increase the awareness within the anti-virus community. The article does not cover “stealth” techniques. Virus Bulletin, May 1992, pp. 6- 7.

New Disk Strategies Remove Security Risks, Murk Ferelfi. The benefits offered by removable media in terms of transportability, size and dura- bility, offer an important solution to modern data security concerns. The author considers the pros and cons of the two major contenders in the removable media arena: cartridge-based systems, and removable hard drives. A number of products in the field arc considered from a security view- point, ranging from fairly low capacity systems to 1 Gbyte removable 3.5 inch drives. Computer Tech- nology Review, February 1992, pp. l- 14.

To Catch a “Crimoid”, &tiara North. The writer carries out an interview with Dr. Bruce Baker of SRI International, about the problems and solu- tions in information systems security. The majority of the computer crime threat is posed by internal company employees, therefore user awareness and cmploycc screening arc of paramount importance

when attempting to combat computer abuse. Baker outlines some of the ways in which “crimoids” work, considers some of the new ways technology is combating the criminals; and defines the basic procedures a company should take for checking security. Beyond Computing, premier issue, 1992, pp. 55-56.

Virus-Proof Your PC, Wendy Taylor. This is a long and fairly detailed article concerned with identifying and combating viruses. The author considers: means of infection; risk reduction; prc- vcntion; detection; removal; and immunization of the system. This is followed by the bulk of the article which analyses the effectiveness of the most popular items of anti-virus software. Eleven pieces of software arc described and then compared in a tabular format. The article also includes a nine-step recovery plan to deal with a virus attack. PC Com- puting, February 1992, pp. 122- 13 7.

Power Protection Plays a Vital Role in Network Security, Cheryl Junusz. The author takes an overall look at some of the problems asso- ciated with network security, and then conccn- trams upon the potential hazards posed to a network by electrical problems. Difficulties asso- ciatcd with brownouts, blackouts, and electrical noise arc outlined, and the solution of such prob- lcms through UPS installation on the network is dcscribcd. Computer Technology Review, February 1992,~~. 125-127.

Putting a Stop to Software Piracy, Lucia Withers. The author looks at how the rcccnt spate of legal action carried out by the Business Software Alliance (BSA), has forced organizations to toughen up their attitudes to software piracy. Unauthorized software copying changed from being largely a supplier concern, to a user issue. The BSA cstimatcs that losses through software piracy cost the industry in the region of $12 billion in 1990. One of the worst examples is with Lotus l-2-3, whcrc the company believes that up to 50% of the users arc working with pirated software. The author outlines a couple of user studies where the

490