dosk wrote: > > > > Someone has mentioned here on this list that one can get a virus (or worm, > > > or trojan) just by opening e-mail. This is, I believe, one of the many > > > unfounded, slightly paranoid, rumors about viruses. (Virii?) > > > > I assure you that both the statements made about being able to get > > infected simply by opening mail were true. In fact in one case you > > didn't even need to explicitly open the email - Microsoft Outlook > > would automatically open the last email fetched from the post office. > > I don't spread unfounded, inaccurate rumours. > > Assure me all you want. Just because you say something is true, doesn't make > it so. I have never seen any proof anywhere, or any article, in PC World or > any other such mags, that such sophisticated viruses exist anywhere outside > of anyone's imagination. In fact, there's a website entirely devoted to > denouncing such wild virus rumors (I'll see if I can get it's URL for you if > you want), and they also claim that many of these so called super viruses > are just so much BS.... See http://antivirus.about.com/compute/antivirus/library/weekly/aa121500a.htm (which took me all of 20 seconds to find by going to a websearch site) While most of the viruses discussed there do show up as attachments, the kak.worm doesn't - that's the one that hides in a .signature block. They describe it as 'the most prevalent infector of 2000'. > But you won't be able to show me a virus that comes thru (to Outlook Express > now, mind you) as an .eml or .jpg. The virus creators are not such > super-brains that they can turn just plain viewable data into operational > code... That's exactly the scenario with kak.worm - the virus is in the .signature, not in the body of the email message. And that wasn't subject to the checks. Furthermore, as many others have pointed out, if you have "Hide Extensions for know File Types" turned on (or even if you don't, in some cases), the displayed extension can be .eml, or .jpg, or anything you like. The virus creators don't turn viewable data into operational code - they just disguise operational code so at first glance it appears to be plain viewable data, hoping to trick somebody into clicking on it. > >But you don't do anyone any favours by spreading false > > assurances that "this kind of thing can't happen", > > How dare you put quote marks around a statement like that! Where in the hell > did I say anything like that? I love you people who make up your own > interpretations as to what other people say, and then put quote marks around > them...! So in what way does calling a report an unfounded and paranoid rumo(u)r differ from saying "this kind of thing can't happen" ? It wasn't my interpretation; you made the claim. Or are you objecting on the grounds that I put quotation marks around a paraphrase, not the exact words? > I've been running OE for 4 years, and have caught only one virus. And that > was in the first year, before I had a good virus killer program. (Dr. > Solomon sucked.) Since I've gotten a better one, in the past three years > only one other virus tried to invade my system, and the virus killer program > (InoculateIt) picked it right up and stomped it! (It also, along with the > unpaid help of several InoculateIt telephone consultants, showed me how to > effectively get rid of that first virus that Dr. Solomon completely > missed..) I've never had my home systems infected. At work I've been infected, once, (by the 'monkey' virus, which one of my co-workers spread onto my NT machine by rebooting with an infected floppy in the drive - that was hard to guard against in the days before virus-aware BIOSes, and before you could set the boot order to skip the floppies). Here at SGI I've caught several attempted infections (most frequently Melissa and ILoveYou) which aren't very good at attacking a Unix box running a MIPS port of Netscape. But it does at least let me see how many viruses there are running around trying to mess with my system. > Some people like to emphasize the problems. Others, the solutions... > Skip Odd - that's what I thought *I* was doing, in my earlier postings, until you came along and publicly disagreed. I've provided a link to back up my position. And if you think I'm being paranoid on the subject of email, maybe you are right. I'd rather be paranoid than infected. As for other attacks - take a look at a firewall log, sometime, and see how long it takes for the first breakin attempt when a new node goes online. -- John Francis [EMAIL PROTECTED] Silicon Graphics, Inc. (650)933-8295 2011 N. Shoreline Blvd. MS 43U-991 (650)932-0828 (Fax) Mountain View, CA 94043-1389 Hello. My name is Darth Vader. I am your father. Prepare to die. - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
