I completely agree with Ian.
Just to quote him back -
It's not as if Outlook or any other MUA
automatically launches these viruses - people who evidently live in a
complete vacuum and have never heard warnings about executable content,
blissfully double-click on the clearly-identified package, and it blows
up in their (our) faces
- If only we prevent ourselves opening rather double-clicking the so-called
affected attachments....
Regards,
M.Venkateswar Reddy
--------------------------------------------------------------
Huawei Technologies,
Shenzhen, China
Off : +86 755 6540476/77
Hotel :+86 755 6602222 Room No:540
* The opinions expressed are purely personal*
--------------------------------------------------------------
----- Original Message -----
From: Ian King <[EMAIL PROTECTED]>
To: Randy Bush <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, August 01, 2001 2:45 AM
Subject: RE: Any value in this list ?
> Randy,
>
> People wanted to do more than just exchange text messages, and Microsoft
> (and other companies) built products to help them do that. Microsoft
> also produces a lot of information on how to secure its products. I do
> not have the data at hand, but I have read several times that when
> Microsoft servers are compromised, it is often because they are
> misconfigured. The argument then becomes, "Why aren't they easier to
> configure?" Go back to premise #1, that people want to do more than
> just exchange text messages - they want collaboration and forwarding and
> rich attachments and scheduling and all the rest of it. The bells and
> whistles require lots of knobs and switches....
>
> I would also point out that NONE of this class of viruses can infect
> unless the user executes them! It's not as if Outlook or any other MUA
> automatically launches these viruses - people who evidently live in a
> complete vacuum and have never heard warnings about executable content,
> blissfully double-click on the clearly-identified package, and it blows
> up in their (our) faces.
>
> BTW, internally our mail servers are configured to strip anything that
> looks remotely like an executable. Sometimes this is a pain (I can't
> mail a legitimate script to a colleague), but that's the world in which
> we live - more openness means more opportunity for sabots in the gears.
>
>
> In any event, blaming any one company for viruses because its products
> are abused, seems way too much like e.g. blaming automobile
> manufacturers for reckless driving. Sure, no one really needs a car
> that can do 150 MPH when the limit is 60 or 70, but the majority of
> customers demand a vehicle that *could* do twice the limit, regardless
> of whether they take advantage of the capability -- or those vehicles
> wouldn't sell. Bottom line: blaming the instrumentality is easy, but
> futile. Human beings are responsible for their own actions, although
> some wish to evade or abuse that responsibility.
>
> Again, this is my own opinion, no one else's -- Ian
>
> -----Original Message-----
> From: Randy Bush [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 31, 2001 10:07 AM
> To: Ian King
> Cc: [EMAIL PROTECTED]
> Subject: RE: Any value in this list ?
>
> from the outside, it appears as if microsoft consciously decided to
> distribute software with everything enabled so that their product
> would be perceived as very easy to use. the problem is that this
> means it is also easy to abuse. so the net is now paying for them
> having a more salable product. who gains, who is bearing the cost?
>
> randy
