-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In <mid:17549403453.20021028015139@;theycallmesimon.co.uk>, Simon [S] wrote:'
S> I might not need it, but not everyone runs TB! and as AV packages S> are not authored solely for TB! I think it is a valid extra, even S> if redundant in this instance. Since you posted your findings to this list, I thought your post which provoked my initial reply was intended for readers of this list who use TB!. I then assumed that we were assessing the soundness of A-V software in the context of a TB! user. I've always replied with TB! as my main focusing point. I did bring up Outlook to demonstrate why crippling a system with a virus scanner may be the only way to protect the system or any other tool that prevents execution of dangerous file-types. Most of the test exploits directly target Outlook users. As a TB! user, you stated your preference of scanners which seemed to be based on the tests you did. This seemed odd since TB! without the use of a scanner can make you pass these test exploits. It is this very positive point in TB!'s favour that made me reply in the first place. It's a good example of how an e-mail application should be designed to help the user prevent his machine from being exploited. I don't know how many of the readers here realize that as TB! users, the results of those tests you did don't really matter, and that checking weeding out dangerous file-types isn't really scanning for viruses. So if your A-V software doesn't support this, not to worry. TB! already does this for you, as it really should. As a TB! user, it's not really valid to choose to use Kapersky over AVG because of how one performs with these tests as opposed to the other. Of course, you later made it clearer that you've had real world experiences with viruses that demonstrated to you that Kapersky is the better product for you and I grant you that. No argument there at all. S> Yeah, but we are talking real world not ideals. I thought we were on-topic, i.e., talking about A-V software in the context of TB! and making decisions on which to use, in the context of a TB! user, and which tests are worth doing or looking at in the context of a TB! user? It would seem that I misunderstood your intent because it wasn't really clear in the original instance. S> OK, so some email clients like TB! are at the forefront, S> providing client based protection, but it isn't a matter of what S> should be but rather what is, and the fact is that not all S> clients do, so extra protection is warranted. I have no argument there. Never did. S> I think the point is one of familiarity. Not every user is S> going to be as familiar with .vbs extensions, for example, as S> they are .com or .exe types. Generally speaking, even the most S> basic of user gets to grips with the dangers of running .com S> and .exe files, as they are commonplace extensions on a Windows S> system, and so understand them as being executable files, Are you sure about this? :) S> but as other executable file extensions aren't commonly used by S> the less advanced users they may be unfamiliar with what they S> are, what they can do, and therefore the dangers they could pose. S> From your position I can see how you can see that it's ridiculous S> though. - From my experience with trying to give advice to novices, I still think so. I have a difficult time speaking about file-types. I get a high incidence of blank faces reluctant to make the effort to understand what I'm saying. They look at me pleading for an easier way to protect themselves. I have greater success talking about attachments being dangerous in general, and there's usually understanding when I advise them to treat all attachments with extreme care, to delete them without prejudice once there's any suspicion about them (they're from unknown senders, not explicitly described in the message body or unexpected). Additionally, even if the attachment passes all these tests, they need to check it with a scanner. Thankfully, most scanners run right out of the box and scheduling updates is easy. If I can't get them to run TB! or some other safe client, I'll remember to recommend Kapersky to them. :))) S> Again, in and ideal world that would be fine. But it aint, and S> users don't and won't do as they should always, and I don't S> think they deserve to get infected because of it. Some people S> might call those types lamers or whatever - a term I hate - S> but it's not their fault that there is a war against Microsoft S> going on and they happened to get caught up in the middle of it. I understand and agree with your sentiments. But what has it got to do with TB! which is what this initial discussion was about, i.e,, testing for e-mail exploits? :) S> I think that the more optional idiot-proof protections there are S> in place the better. It means that all levels of user are S> afforded protection, not just those with plenty of air miles S> behind them. Sure. I agree. This is why TB! is designed the way it is and I agree with that design. - -- Allie C Martin \ TB! v1.62/Beta7 & WinXP Pro (SP1) List Moderator / PGP Key - http://pub-key.ac-martin.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (Win32) - GPGshell v2.60 iD8DBQE9vKMhV8nrYCsHF+IRAiG2AKCUwrZtuEHt7R1rRBPSrHg5x5p2YgCfaM2i slJIbvQ/AV4+OqxBChswRP4= =wfAO -----END PGP SIGNATURE----- ________________________________________________ Current version is 1.61 | "Using TBUDL" information: http://www.silverstones.com/thebat/TBUDLInfo.html
