
              SAFE HEX INTERNATIONAL - THE COMPUTERS GREENPEACE


Our  organisation  "Safe Hex International", SHI, is a grass roots movement 
which  started  in  1990 with Amiga computers. Today we are an organisation 
with around 600 members who are all more or less involved in our work.

We  now  have  31 virus centres around the world which have free phone help 
lines,  and  where anyone can get the latest Public Domain virus killers on 
disk. These disks have been translated into the relevant languages with all 
imaginable  instructions.  Even  inexperienced users can immediately under-
stand what to do.

The  price of these disks is around $5 US, including disk and postage, i.e. 
a  price  anyone  can  afford. These disks are updated 12 times a year, and 
contain  programs which are generally better than the best commercial virus 
killers!

                        
Our  organisation or our "movement", I should say, does not have the formal
structure  one  normally associates which clubs, associations and the like.
We  are a non-profit making organisation with has a very particular aim, we
try  to  make  active  efforts  which,  in  many  ways,  resemble  those of
Greenpeace.   The  resemblance  to  Greenpeace  is  not  just coincidental.
Greenpeace  works  in the biological environment.  The only difference with
us, is that we work in the data environment.


DATA POLLUTION
I  am  often  asked  the  question " What should I do if I want to be 100 %
secure?   Which  virus  killers  should  I  use,  and  what  should  I do?"
Unfortunately  I  have to disappoint people because the answer is:  "If you
want to be 100 % secure, then don't buy a computer"!

The  situation  is that one can never be 100% secure, especially today with 
all  the  computer viruses which flourish around the world. This insecurity 
is actually much worse than the actual damage one suffers if one's computer 
is attacked by a virus.

Socrates,  the  great  classical Greek philosopher, asked his enemies to be 
compassionate for he said: "Kill me, or let me live, but make up your minds 
up  soon,  I  can't  live  with  this insecurity." The hemlock which he was 
forced to drink put an end to his insecurity, as we know.

Socrates  touched  a  point here which we can all recognize in this day and 
age,  what about our modern data installations: Insecurity and impotence. I 
reckon  that  having  to  live with the continual threat from hacking or an 
attack  by  computer  viruses  is far worse than the actual damage which is 
being  done. Unfortunately we have to live with this insecurity. One cannot 
go back in time.

IS  THERE A REAL THREAT TO OUR DATA ENVIRONMENT? 
Our  work at SHI concentrates on computer viruses.  We work against hacking  
and other forms of destruction  or misuse of data. But, in our opinion, the
greatest  danger  to  our data environment is the explosive increase in new 
computer  viruses. The number of new computer viruses is currently increas-
ing four-fold every year. If  we just look a few years ahead, the number of 
viruses  around will reach monstrous proportions.  As far as PC viruses are
concerned,  we  have  around 3000 viruses today, this will increase to more
than 25,000 in 1996 if development continues at the same rate.

What  is  even  worse  is that the virus types are getting so advanced that
many  experts  today anticipate that we maybe will have to give up, or find
such  involved  procedures  for  finding viruses that the efficiency of our
machines will be severely curtailed.  One possible solution to the majority
of  the  problems is to maybe alter the hardware so that a program does not
get the chance to lie resident in the computer's memory.

It  is  of course, just as apparent as with our biological environment that
one  cannot alter the actual conditions from one day to the next.  But here
and  now  we  can  maybe  alter  the conditions for the generations to come
through  information,  legislation  and  the  like,  so  that the damage is
limited.

DATA SECURITY IS EXPENSIVE BUT NECESSARY. 
Outsiders often find it hard to understand our problems over data security.
What  actually  does it mean if the data environment is polluted by hackers
and  viruses?  Maybe it can be explained when I state that, even now, these
problems  cost  an  awful  lot  of money.  Of course it can't be counted in
dollars  and  cents,  or pounds and pence, but a qualified guess is that it
costs  data  installation  users  between US$ 10 billion and US$ 20 billion
annually.   That  sounds  like  an  astronomical  sum  to  many  ears,  but
corresponds  to  a  cost of between US$ 100 and US$ 200 for each individual
user,  when  assessed against the more than 120 billion computers which are
sold today.

                         
Some  people  will  maintain  that users who only have their computers as a
hobby  do  not have expenses of this size.  But....  honestly, your leisure
time  is  worth  money too, isn't it?  I would reckon my leisure time to be
worth the same as my work time.  But, besides the time itself which is used
for  virus  control  and  back-up  of  programs,  most users have to obtain
special  software  for virus control and back-up, in all a sum of maybe US$
50 to US$ 500 annually.

Paradoxically,  the  actual  damage  caused by virus and hacking costs much 
less  than  the  preventive  measures.  Personally, I think that the damage 
costs  users less than US$ 1 billion annually, but this is of course just a 
calculated guess based on my experience from referrals from a large numbers 
of users.


WHAT CAN ONE DO?
We  at Safe Hex International are so stubborn that we will no longer accept 
a  "polluted"  data environment. The beginning of our organisation was when 
we began to collect computer viruses.

We  sent  them to various clever programmers around the world who then made 
virus  killers.  Since then, our project has torn ahead so fast that we can 
hardly  keep  up with the progress. Here are just a few of the new develop-
ments:

We  write articles for those magazines which do not publish enough informa-
tion  on  data  security.  For  example, several American magazines are two 
years out of date on this matter.

We provide background material for the magazines so that their articles are 
more up to date.

We have made contact with radio and TV, eg, our first programme on our work
on  data  security  and  it  was transmitted by Danish local radio, and the
national TV channel, TV2.

We  have  established a "Virus Test Centre" where all viruses are tested on 
all the virus killers and reports of these tests are published.

We  have the world's largest collection of Amiga viruses. These viruses are 
sent to us by our members.

We  have an "ideas bank" where programmers in our group can get information
and ideas for smart new virus test methods.

We  are  in  the  process  of  constructing  a  standard  program which can
recognize  all  Amiga  viruses  when  it is used as a sub-program  by other
programs.

We  are  in  the  process  of  making  a  special virus program,  which can
automatically  control  viruses  on  "Bulletin  Boards".   These boards are
probably  the  source  of  80%  of  the  virus spread we have today.  It is
therefore very important that something is done here.

We  are  contacting  software  suppliers to get them to use "safety disks".
That  is,  disks which are 100% secure against virus infection because they
cannot  be written on.  Before long all the Danish libraries which lend out
software  will  have  these  disks.   More  and  more of our large software
suppliers  eg "Word Perfect" and IBM have also goneover to the use of these
"Safety Disks".


3 DATA SECURITY PRIZES IN 1992   
Our  work  at  Safe Hex International has been recognized by the public. In 
early  1992 "SHI" was presented with awards 3 times for our worldwide virus 
work:
 
The  first  award  was  presented  on  February 29th by the Danish computer 
trade organization (i. e. the PC organizations). The prize was given at the 
Danish  "Dataforening's",  (Data-society's) annual safety conference at the 
SAS HotelScandinavian.

The  second  award  was presented on March 21st at the annual Amiga Expo in 
Copenhagen, Denmark.

The  third  award  was presented on May 1st by AmiCon in Stockholm, Sweden, 
and  was  given for our worldwide virus work too and we are of course very, 
pleased that our work has been recognized and appreciated. 


NEW ASSIGNMENTS
New  devilishly  thought  out  computer  viruses  will  always be a threat,
regardless of whatever ingenious combatting plans one can design to prevent
data  loss.   One cannot stop this development, whether through legislation
or by utilising virus killers or the like.  SHI has set up a "Reward Fund",
currently  at  US$ 4500.  This money will be paid as a reward to people who
tell  us  the  name  and  address  of the person/people who have made these
viruses.   We  hope in this way to do without a number of viruses, now that
it  is  suddenly  dangerous for the virus makers to boast to their friends.
We have already had the first notification!

                         
Legislation  in  the  data  area  has  been  very  neglected and is totally
happenstance  in  many  countries.   SHI  therefore applied to the European
Parliament  in  Autumn 1991 to get a motion passed on the harmonization and
tightening  up  of  our laws on data security.  Several countries in the EC
have  today  no legislation at all in this area.  On 12th January 1992, our
bill  was  dealt with in the European Parliament, with support from several
members,  including  the Danish EMP's Christian Rovsing and Freddy Blak.  A
committee  will  now be set up where SHI can be influential and, finally, a
law  can be expected to be passed during the next 12 months.  We think that
it  is  reasonable that we get unified rules in the EC.  As known, computer
viruses do not recognise national borders.

We  are  considering  reporting  the Danish telephone company, KTAS, to the 
police for having tapped a telephone line for a long period without a legal 
warrant, involving a case against one of Denmark's largest bulletin boards. 
We consider it an aggravating circumstance that KTAS' barrister has said to 
the court: "We have been doing this for 30 years without a warrant".

Recently  a  large  German  magazine publishing company was reported to the
German  police.   They  organised  a  competition amongst their readers for
someone  who  could  make  the  "best"  computer  virus.   We believe it is
criminal  to  encourage  people to do things which are against the law.  An
aggravating  circumstance is that the magazine in question had even printed
a  short  description as to how to make viruses.  We are shocked about, and
of course condemn, this sort of behaviour.

We  are very dependent upon people supporting our work. I hope particularly 
that  the  media  will  support  us  because you don't get far, these days, 
without public relations. We started up as an Amiga organisation but I hope 
that  we  can  begin this year to set up the first PC virus centre. We have 
already obtained the hardware for it.



                                              YOURS SINCERELY


                                           ERIK LVENDAHL SRENSEN
                                           SAFE HEX INTERNATIONAL

