The Worms Crawl In 257 From: Klaus Brunnstein brunnstein@rz.informatik.uni-hamburg.dbp.de To: RISKS-LIST@KL.SRI.COM Subject: UNIX InSecurity (beyond the Virus-Worm) [...random security stuff...] While the Virus-Worm did evidently produce only limited damage (esp. ‘eating’ time and intelligence during a 16-hour nightshift, and further distracting activities in follow-up discussions, but at the same time teaching some valuable lessons), the consequence of the Unix euphoria may damage enterprises and economies. To me as an educated physicist, parallels show up to the discussions of the risks overseen by the community of nuclear physicist. In such a sense, I slightly revise Peter Neumann's analogy to the Three-Mile-Island and Chernobyl accidents: the advent of the Virus-Worm may be comparable to a mini Three-Mile Island accident (with large threat though limited damage), but the ‘Chernobyl of Computing’ is being programmed in economic applications if ill-advised customers follow the computer industry into insecure Unix-land. Klaus Brunnstein University of Hamburg, FRG

260