But... > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Chris > Meadors > Sent: Tuesday, March 02, 2004 11:44 PM > To: [EMAIL PROTECTED] > Subject: Re: [Clamav-users] Password-protected .zip file viruses > > > Paul Boven wrote: > > > How about only trying every word in the mail-body as a key to try, > > instead of brute-forcing? The virus(-writer) cannot afford to fudge the > > password in the mail-body: One would hope that the subset of users that > > is clever enough to reconstruct the password, yet stupid enough to use > > that to open it, is small enough to make the virus unviable.
The problem is that the virus could send an HTML message... in an HTML message, character encodings, fonts with small spaces between, etc. could be enough to fool software but not a human: For example (don't take this too literally):: the password is d<small> </small>o<small> </small>gg<small> </small>y will look like doggy m/ ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
