The Technofile Web site has moved.

Technofile is now located at
Please update your links, bookmarks and Favorites.  

Viruses, Part 2: Where the danger really comes from

technofile  by al fasoldt

Columns and commentaries in a life-long dance with technology

Simple gray rule

Viruses, Part 2: Where the danger really comes from

Technofile for June 22, 1997

By Al Fasoldt

Copyright © 1997, The Syracuse Newspapers

My friend John has run anti-virus software on his computers since 1988. He's never caught a virus, and never had a problem that could be traced to a virus.

I've used both Norton and McAfee anti-virus software for the same length of time. A few years ago, a virus that both programs failed to detect crippled a computer I supervised. My own PC was infected twice—and rescued twice by my AV software—in just the past 12 months.

Does this mean John's lucky? No, it means John and I have vastly different computing habits. I'm online a dozen hours a day, sending e-mail, visiting Web sites and downloading software. John isn't concerned about finding the latest software and doesn't even own a modem. He's never found a reason to connect to another computer. And he hasn't ever put a disk containing shareware into his PC's floppy-disk slot.

That, and nothing else, is the secret to understanding the role of anti-virus software. On its own, your computer will never catch an electronic virus. It can't get infected from close contact or from airborne particles or anything like that. Viruses can infect your computer in only two ways—through a floppy disk that came from someplace else or through a connection with another computer.

Let's look at these two sources of virus infections. I'd like to clear up a few misimpressions.

Floppy disks that are used to install regular programs—the kind of disks that come in the box of software—are nearly always safe, as are blank floppies you buy at a store. Disks you get from a club or mail-order outfit that contain collections of shareware (try-before-you-buy software) usually are virus-free as well.

In most cases, the disks that cause trouble come from your friends, relatives and coworkers. You walk past one of the PCs at the office and notice a new screensaver, and your office mate promises to give you a copy of the screensaver on a floppy disk. If that PC is infected, chances are any floppy disks that are put into the computer will become infected. And then yours will be, too, as soon as you stick the disk into your PC.

Because viruses travel so easily on floppies, and because most computer users never question the safety of disks that come from people they know, most of the viruses that are reported at offices and schools are transmitted not by an Internet connection but by the simple act of putting someone else's floppy disk in your computer's drive.

In one sense, this should be good news to computer-system managers. Good anti-virus software will check all floppy disks as soon as they are loaded, and will lock out any floppy that seems to be infected. On the PCs at my office, McAfee AV software makes a thorough check of all floppy disks that are inserted (and continues to check floppies that remain in the drive). If it finds a virus, the program keeps the computer from taking files or other data off the disk, and won't let the drive operate until the floppy is removed or the virus is eradicated. (The AV software can be set up to kill all viruses automatically. We do it manually to make sure we know which PCs have problems.)

But, as you probably know from your own experience, most offices and schools don't take the threat of viruses seriously enough to make sure AV software is running on every computer. This is a huge mistake. Anti-virus software doesn't cost much—it's even given away in many cases—and doesn't take much effort to install.

Unfortunately, the notion of protecting computers from floppy-based viruses gets almost no attention in the press. Most accounts play up the dangers, real or imagined, of viruses that attach themselves to files that are downloaded off the Internet or received in e-mail. One report from a respected news service even asserted that 20 or 30 new macro viruses—the kind that can be sent easily by e-mail—were being uncovered every day. This is pure hokum. (In fact, about 400 new viruses of all types are discovered every month.)

I'm not saying you shouldn't worry about viruses that can slip into your computer through an Internet connection. The danger is real. Businesses, schools and individuals usually know that connections to remote computers can allow viruses to sneak into desktop computers. Many of the computer networks used by corporations and universities are protected by so-called firewalls—passageways that block unwarranted access—and many of the firewall systems have their own virus protection, too.

What you should keep in mind is that the viruses that do get through often arrive on the lowly floppy disk. You probably already know that you should run a virus check on every file you download off the Internet (or set your AV software to run constantly, which will do the same thing. But remember to check every floppy disk, too.

 Image courtesy of Adobe Systems Inc.technofile: [Articles] [Home page] [Comments:]