rumor that they might be infected with viruses. I e-mailed the support
people to describe just imbecilic this was but they didn't rescind the prohibition
for about a week. I don't know what software they were using but it was interesting
to open a web page and not see any graphics.
At 07:48 PM 2/4/04, you wrote:
Robert wrote: > At 06:35 AM 5/02/2004 +1000, you [ uh, Tanya, I think ] > wrote: > > You must realise that sometimes companies overreact. They will ban ALL exe > attachments claiming they are viruses ;-(
That's not that bad an idea. For an ISP to do it would be bad, because in theory somebody might have a legitimate need to ship an EXE, but it does make sense for a company to decide that EXE files are just too risky and too seldom legitimate to be allowed through their mail gateway.
The last time I remember somebody sending my an EXE file on purpose was ... about two years ago, I think. And the time before that was ... somebody who did it on purpose but _shouldn't_have_, because it was a Trojan that he'd gotten fooled by, back before mail worms (viri that automagically re-mail themselves) had come on the scene.
How often do _you_ need to send an EXE that's not just a "hey look at this cute thing I found (which may turn out to be a Trojan)"? Where sending source code wasn't more apropriate? Yeah, it can come up, but not bloody often.
> >I just came online and downloaded 68 emails, and 9 of these were virus > >emails! > > Life on the net is NOT THAT dangerous!
What, not so dangerous that she actually got nine worms out of sixty eight messages?
Or not that dangerous in that it "doesn't matter" if your machine gets infected?
Or that just getting them in your mailbox isn't a big deal as long as you're careful?
The first of these is refutable by direct observation (and if you like, I can give you _my_ numbers, which look much more frightening than hers). The second is a scary thing to hear someone say nowadays. There have already been worms that grab a random document from your machine to include to make themselves look legitimate, thus exposing private or proprietary information to random outsiders, so it's not just "oh you might lose the contents of your hard drive, I hope you have backups" and "gee, you can unwittingly contribute to DDoS attacks!".
The third is accurate but less than useful for some mail programs and basically false for others. It's meaningfully true for some reactionary net.old.farts like myself who use a text-based mail client on a UNIX/Linux system.
> >I know that my system is > >completely virus free, > > no such thing! there is no 100% guarantee against viruses.
She didn't say "100% SAFE FROM viruses." She said "IS completely virus free". She may well be correct today. She may still be correct tomorrow. She may even actually _know_ what she claims to know. She did not say what you're reacting to.
I can say that _my_ system is 100% safe from _email_worms_ unless _I_ screw up. For me to screw up, I would have to go out of my way to invoke a different mail program, one that understands attachments, extract the payload of the worm, and then manually execute it on a different machine ('cause it'll be written for Windows and I'll be reading under Linux). It's possible that I'll get bitten by a Trojan that way if it's convincing enough _and_tempting_enough_. "Look at this cute/dirty screensaver" is not tempting enough (for me). I can say that I am _almost_ certain that my system is virus-free _at_this_moment_, but it's _possible_ that a legitimate web site from which I downloaded software had been compromised by a third party and had a virus inserted into the application I downloaded. It's possible that somebody cracked the Linux box that has the modem in it, got a shell, and attacked my Windows machines and the Mac from there (they're not externally visible due to NAT), but if so they're pretty good at hiding their activity so far. One of these days I'll get around to installing an IDS, and I'll have it monitor outbound as well, to watch for virus activity.
But the worms are still a problem for me. They're each large and they come in large numbers, choking my modem and overflowing my disk quota on the machine at my ISP that hosts my account. Between the spam, the worms, and the bounces from worms that forged my address, it's getting harder and harder to spot the real messages among the chaff when looking at a list of fresh email. And once in a while I find out that the reason I was having so much trouble accessing a particular web site a day earlier is that thousands of infected machines were helping to DoS it without their owners' knowledge. Or that a sysadmin friend had to cancel dinner plans to stay late and clean up the mess from the latest worm, because other employees didn't bother to take proper precautions, or configured a "more convenient" back door into the company network in violation of company policy.
Life on the net _is_ that dangerous these days. We need not panic, but we do need to take it seriously and be careful. Check your machines. If you're not running in quite as safe an environment as I am, check them _often_.
And never run an executable attachment. This rule should be so ingrained that you're incapable of breaking it without serious consideration of just how badly you need to run that program first.
Want to see private correspondence between two people I've never met? A virus sent it to me and I saved it. (The formatting is lost, as I just used the 'strings' command to extract words from it; it wasn't safe to try to open with any Windows program.) But one of them had visited my web site and the virus got my email address out of his web cache and sent me the document randomly. You may not have anything on your home machine so private that you'd blush to have it broadast, but how many files are there on the file server at work that your employers would prefer stay inside the company?
-- Glenn
I drink to make other people interesting.
-- George Jean Nathan
