On Jul 10, 2014, at 5:17 PM, Joe Acquisto-j4 <j...@j4computers.com> wrote:
>>>> On 7/10/2014 at 3:35 PM, "David F. Skoll" <d...@roaringpenguin.com> wrote: >> On Thu, 10 Jul 2014 12:25:50 -0700 >> Ted Mittelstaedt <t...@ipinc.net> wrote: >> >>> Fundamentally I think the problem is with attachments. >> >> No, the problem is not with attachments. An attachment actually included >> in an email is no more dangerous than an attachment downloaded via a link. >> Email attachments are far too convenient; no-one's going to give them up. >> >> The problem is that Windows encodes metadata such as "this is >> executable" in the filename, making it trivial for attackers to get >> their payloads to run. The simple act of renaming a file in Windows >> can be the equivalent of "chmod a+x" in UNIX. A Windows user probably >> does not realize that renaming a file can have dire consequences, whereas >> even a casual UNIX user might pause if asked to chmod a file after >> saving it. >> >> (Note well this article: http://lwn.net/Articles/178409/ which points >> out that some UNIX desktop environments are repeating the mistake made >> by Windows.) >> >> Regards, >> >> David. > > Actually, that goes back to the days of XX-DOS, CP . . err, umm . . . > Lordy, now I do feel old. > > joe a. Long live Multics and ITS! -Philip
