Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Misplaced flamewar... WAS: RE: in case nobody else noticed it, there was a mail worm released today

  • From: Patrick W.Gilmore
  • Date: Wed Jan 28 12:18:31 2004 
On Jan 28, 2004, at 11:56 AM, james wrote:


: So?  Had the virii been an application compiled for RedHat and
: everyone ran RedHat instead of Windows and they downloaded it using
: Evolution and double clicked on it, it would suddenly be RH's fault
: instead of MIcrosoft's?

I suspect the skill set/clue of RH users is at least an order
higher that windows users.

The main problem I see is many e-mail readers default to having
the preview plain open and this will then run any app it finds.
No clicking required.
Not sure why that is the case. Web browsers know better than to execute things, or at least to execute them in a sandbox, and there seems to be much more "abuse" capabilities in IE / Netscape than $RandomMailReader.

How hard is it to tell a mail reader "NEVER execute a binary"? If someone really wants to run a program that was e-mailed to them, they can save the attachment and run it outside the mail reader or something. So things like "virus.doc.exe" won't get executed by $luser who thinks it was a word doc.

There are ways around this (copy/paste an executable into a word doc, then type "Click here!" in the Word doc), but it might help.

Might.... :)

--
TTFN,
patrick




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.