This file is being posted as received from our MINI system msg center
as follows :       (Hal Posey, Sysop, Eagle's Nest, 614-875-1360)

From: mike2@lcuxa.UUCP (M S Slomin)
Newsgroups: comp.sys.ibm.pc
Subject: Unbelievable Trojan -- BEWARE!!!
Keywords: Trojan
Message-ID: <184@lcuxa.UUCP>
Date: 29 Sep 87 13:42:40 GMT
Distribution: usa
Organization: Bell Communications Research
Lines: 131

I received  the following  recently from a  local BBS.  The legal
conclusions  in  it  seem  a   bit  shaky.  Nevertheless,  it  is
reproduced below in its entirety. It seemed worth publicizing.


                      -={ TROJAN PROGRAM ALERT }=-

    The  following has  been posted  on GEnie,  "General Electric
Network  for   Information  Exchange,"   Paragon,  and   the  IBM
Roundtable  BBS. It  is a  special  alert notice!  It seems  that
SOFTGUARD  may be  distributing a  TROJAN "unprotect"  program to
erase  disks  and  bolster   their  "shrinking"  copy  protection
business.

            86Sep19 02:15pm from Andy Meyer
            86Sep18 02:46pm from Ted Mozer @ Brick
            ****  DANGER !!!!  Data Destroying Program !!!

    The File  called SUG.ARC (or  SUG.COM) is purported to  be an
unprotect for  Softgard. It is,  in reality,  a real Worm  of the
worst  magnitude!  This little  Gem  will  ask  you to  put  your
ORIGINAL Softgard protected disk in  the drive, and then BAM!! it
displays this message:

	 "You have violated the license agreement under which you
received the  software. All  your data  has been  destroyed. This
destruction  constitutes prima  facia evidence  of your  criminal
violation. If you attempt to challenge Softguard Systems, Inc. or
the software vendor in court, you will be vigorously counter-sued
for infringement and theft of  services; we believe that our case
will have more merit to it  than yours. If you have any questions
con- cerning this matter, you  are invited to contact our lawyers
at the following address:

	      Softguard   Systems   Incorporated   [address   and
telephone number given].

	 We'll be  happy to explain  to you the  precarious legal
position  you're in.  We wish  you  good luck  in restoring  your
software from backups  and we hope that in the  future you'll act
more like an honest user and less like a thief.

	       Happy Computing."

	   ... AND IT IS SERIOUS!!

    It will look for drives A: &  B: and, get this, a Drive C: or
better!! In  other words, it will  wipe out the FAT  on your hard
disk too, just  to "teach you a lesson".  Attorneys are presently
looking  into  what can  be  done  to  stick  this up  the  lower
abdominal region  of the  person or  persons responsible  for its
existence.

	      .. IF YOU HAVE IT, GET RID OF IT !!!


    Interesting? Here's one from the  the Atlanta PC User's Group
BBS, home of the Lone Victor:

	 Date:  09-03-86 (17:14)  Number:  3265  To: LONE  VICTOR
Refer#: NONE  From: BILL MOSS  Recv'd: YES Subj:  SUG.ARC Sec'ty:
PUBLIC MESSAGE

       Please take a look at  SUG.ARC which purports to unprotect
Softguard, but destroys the diskette by erasing all files but not
the FAT. It appears to be in retaliation for your work. More than
ever we need your help with SOFTGUARD 3.00. The lecture that goes
along with SUG.ARC is too much!!!


    Assuming that  Sofguard really did  create this file,  I have
the following comments.

    First, Softguard's  battle (battle? you might  prefer to call
it terrorism) against protection busters is almost moot, for most
major  software  publishers  have   dropped  the  idea  of  copy-
protection altogether. Perhaps this very fact has put Softguard's
management in a mood bad enough to lash out thus.

    Second, Softguard's legal position  seems quite shakey to me.
Last  year  Vault  corporation announced  a  software  protection
scheme that would, if it detected  a fradulent effort to copy the
software, make "Vietnam look like a birthday party" (or some such
thing) by  planting a worm  that would slowly but  surely destroy
the  user's  files. When  Vault  announced  its worm-based  copy-
protection  scheme,  many   knowledgeable  people  expressed  the
opinion that Vault was likely to  be liable for damages if people
lost valuable data because of the scheme. What Softguard seems to
be  doing is  definitely more  vicious. Add  together a  probably
unenforcible license  agreement (to which Softguard  isn't even a
party as  far as the user  is concerned) and clear  evidence of a
vicious attempt to destroy the user's data, and you have a pretty
good  case against  SUG.ARC's creator.  In fact,  you could  very
easily create a test case  by (a) taking a legally-purchased copy
of Softguard-protected  software; (b)  unpacking it  without ever
reading the "license agreement" in a state other than the handful
(such  as  Lousiana  and  Illinois) that  attempt  to  make  such
agreements enforcible; (c) having  some valuable software on your
hard disk, (d) "accidentally"  destroying any backup copy already
provided, and  (e) trying to make  a backup copy of  the original
with the  help of SUG.ARC.  It would  be interesting to  see what
would happen if you then sued Softguard for damages. Interesting,
but not very surprising.

	 I think  therefore that the Softguard  folks (if SUG.ARC
did indeed originate from them) are relying on the individual not
having the financial resources to sue them or to withstand a long
legal  battle if  they  sue  him. It's  therefore  a strategy  of
intimidation.

	 (As an aside: That such a strategy of intimidation could
be a viable  one demonstrates a major flaw in  this legal system.
Justice costs a lot, sometimes so  much that one can't afford it.
There  are several  reasons  for this,  all  avoidable, but  none
appropriate for discussion in this RT or under this topic.)

	 How do users fight back?

	 Perhaps  we won't  have to.  It may  be enough  that the
presence of this dangerous file be made widely known.

	 Possibly as a result of  the public outcry that followed
its announcement of  the worm scheme, Vault went  into Chapter 11
bankruptcy -- poetic justice, I think. This left Softguard with a
near-monopoly on the  software protection business in  the IBM PC
world.

	 If the SUG.ARC file is indeed Softguard's creation, then
it seems  to me they  are following  Vault down the  Yellow Brick
Road (or is  it the garden path?)  -- and I look  forward to more
poetic justice when the public outcry occurs again.


ement under which you
received the  s                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                