>[EMAIL PROTECTED] writes:
>
>> Yup, looks easy enough to change. I don't recognize the language
>> (something akin to Basic, perhaps), but could probably reverse-engineer
>> enough of it from that code snippet to play with it myself, if I wanted
>> to waste time doing that sort of thing. (IMO it's rather pointless,
>> since users of Microsoft Word already *have* viruses on their system --
>> W95, W98, Word, Office, etc. :)
>
>After reading about it in the press, all day, and on the web, I've come to
>the conclusion that there's no doubt whatsoever that the goal of the
>virus's author was to demonstrate the flawed technical foundation of the
>Windows OS. If the author really had malicious intensions in mind, the
>damage would've been far, far, greater.
Indeed, and thanks to others as well for correcting me. Not long after
I sent my email, I saw a remarkably decent little report (for a TV
news show) on WJAR Channel 10 (Providence), where their "webmaster"
explained that it wasn't just reading/opening the mail *itself* that
caused the problem, but doing that and *then* opening the enclosed
MS Word document, and that only if something she referred to as "Macros"
hadn't been disabled.
In that sense, it isn't too different from a Linux user like myself
reading email via Emacs, seeing a uuencoded, gzip'ed executable,
unpacking it, and then running it, without regard for whether that's
safe. (Except, since it isn't just a few clicks away in that
environment, I'd have to read the docs to know how to set that up,
and thus know enough to not take such chances.)
>The only reason something like this hasn't happened sooner is because MS
>charges prohibitive fees for technical information that's needed in order
>to write applications of this type, and only people who paid hefty sums of
>money for subscriptions to MSDN, and various other MS developer programs,
>would know enough to cook this up.
The media reports I've seen don't tend to focus on the underlying
problems of canned user applications defaulting to settings that make
it easy for users to invite viruses and trojan horses to walk right
in to their systems and do as they please.
Instead, they focus on the fairly simple-minded sorts of filtering
that has been discussed, and appropriately handwaved as an
inappropriate kludge, on this list.
Why do I get the impression all this MS software is set up that way
so that people can get emails containing things like dancing babies
without MS actually having to define a real protocol for animation
(for example)?
tq vm, (burley)
