News of the Week

for SDI and has wavered on the SSC. As for the tax credit, it has approved it only through one- or two-year extensions rather than making it permanent. Bush has said that he wants to be the education president and has endorsed pro­grams to upgrade math and science education, particularly at the pre-college level. That's an idea that Congress, which has more than dou­bled the National Science Founda­tion's science and engineering edu­cation budget over the past four fiscal years, should find attractive.

The problem for science educa­tion and all the other federal R&D programs will be money. During his campaign, Bush repeatedly vowed that there would be "no new taxes" and no cuts in Social Security pay­ments. But the money needed to reduce the $150 billion-plus deficit, not to mention retiring the trillion-dollar national debt, is going to have to come from somewhere. So the future may not only be growthless, but also call for actual retrenchment in federal R&D programs.

Wil Lepkowski and Janice Long

Computer virus boosts network security efforts The recent assault by a computer virus on the Internet system of de­fense and research computers has forced a re-evaluation of network vulnerabilities. It has also sparked debate on the tradeoffs involved in implementing better protection measures.

The latest virus did not destroy data and so was relatively benign. Nevertheless, the incident raised considerable anxiety in the user community and forced systems per­sonnel to waste valuable time re­starting the shut-down network, checking files for damage, and clos­ing software "holes."

A computer virus is a program that enters a computer system, re­produces itself, and initiates un­authorized operations, ranging from display of on-screen messages to destruction of files. This virus was allegedly sent out on Nov. 2 from Cornell University by computer sci­ence graduate student Robert T.

Morris Jr. Cornell is a backbone site on NSFnet, a part of Internet that connects over 200 research facilities.

From Cornell, the virus spread across Internet, infecting VAX and Sun computers that use specific ver­sions of the Unix operating system. An alert message sent out on the network's electronic mail system on Nov. 2 read: "We are currently un­der attack from an Internet virus— •Removing [files it creates] is not enough as they will come back in the next wave of attacks."

According to Charles Catlett, man­ager of networking at the National Center for Supercomputing Appli­cations (NCSA) in Champaign, 111., "The virus used three security holes in Unix that were well known, but that nobody thought anybody would try to use." Many computing cen­ters have since reconfigured Unix to address these security gaps.

The Chemistry Division of the Na­tional Science Foundation says that major chemical research facilities do not appear to have been seriously affected by the virus. Chemical Ab­stracts Service in Columbus, Ohio, a division of the American Chemi­cal Society that is tied into a num­ber of networks, was also spared. "We were concerned about a possi­ble spread through Bitnet, but that did not happen," says CAS director Ronald L. Wigington. "Even if it had, we would not have been af­fected because of security steps we had taken."

Wigington adds that "this partic­ular incident was in one way fortu­nate, in that it was profound enough to get widespread attention but did not do serious damage. Some orga­nizations have not taken the com­puter security issue fully seriously. There are many reasons why they haven't—mostly not understanding that it's important that they do."

Measures are available to imple­ment higher degrees of security, but they can be costly and tend to re­strict system access, making it less convenient for users.

But some feel there will be little choice in the matter. "You can't afford to have nets brought down to their knees," says Charles F. Bender, director of the Ohio Super­computer Center and director of research computing at Ohio State

University. "We'll have to harden security. But this means it will be more difficult to access the comput­ers. Ultimately, the users will bear the brunt of the problem."

St u Borman

Du Pont bites into high-tech snack venture When Kraft last year pulled away from a marketing arrangement with DNA Plant Technology for the bio­technology company's VegiSnax brand of packaged vegetable snacks (C&EN, July 6,1987, page 16), many analysts practically wrote off the Cinnaminson, N.J.-based company.

But last week, Du Pont came along with a bid to rescue VegiSnax and perhaps DNAP in the process. DNAP, which has a merger pend­ing with Advanced Genetic Sciences of Oakland, Calif., had hoped to commercialize the snack food to raise cash to fund its other biotech­nology efforts. VegiSnax are carrots and celery engineered through tis­sue culture and breeding techniques for crispness and long shelf life.

The agreement between Du Pont and DNAP calls for a joint venture to commercialize high-value-added fresh fruits and vegetables and in­troduce new generations of prod­ucts over the long term. Du Pont also will become an equal partner with DNAP in commercializing VegiSnax. Once commercialized, all VegiSnax activities, including pat­ents and technology, will be trans­ferred to the joint venture company. The agreement is contingent upon the completion of the pending merger of DNAP and Advanced Ge­netic Sciences and the negotiation of a definitive agreement between DNAP and Du Pont.

In addition, Du Pont will acquire 1.5 million shares of DNAP at $4.50 per share. This will give Du Pont a 10% stake in the venture resulting from combination of DNAP and Ad­vanced Genetic Sciences. Also, Du Pont will contribute initial funding of about $7.5 million to complete the R&D work needed to launch the joint venture and to commer­cialize VegiSnax.

William Storck

8 November 14, 1988 C&EN