[pmmail-list] newlines in filters? -- Sircam virus/worm - execute vs. view
Dave Hathaway
pmmail-list@blueprintsoftwareworks.com
Mon, 30 Jul 2001 14:12:27 -0500
None of the virus files I have received (20+ of them) look like the
standard data file icons. Most have been .DOC.EXE files. Instead,
Windoze appears intelligent enough to scan the executable (it does
know it is some sort of executable) and to look for the embedded icon.
Not finding one, it displays the "console app" icon. The do not look
like Word or Excel files, at least on my '98 system.
Face it, you are asking for an advanced OS because you are an advanced
user. No one in my office besides me thinks to look at the
attachment. They just click on it, think "oh goody, another gift of
email manna". They count on our virus detectors to save them; I had
to point out that our virus detectors were inoperative because IT had
just been updating the DAT files without updating the scan engines to
a version that could read the DAT files.
Windoze was built for a different purpose than being stable or
preventing security violations. It was built to be closely integrated
with Microsoft applications, and it was built for profit. If you want
something other than what Windows provides, get something other than
Windows (like unix, or better, Linux).
Just my $.02 worth, and it is valued a little less than that. :)
Dave
On Mon, 30 Jul 2001 20:27:56 +0200 (MES), Lueko Willms wrote:
> Now look, the one Sircam infected file I have received had an
>attachment with the name "Betriebsausflug.xls.pif". Windows would
>probably not show the "PIF" extension, probably not even the XLS, but
>the Excel icon. To the regular windows user, this file would look
>like a normal data file or office document;
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
- pmmail-list - The PMMail Dicussion List ---------------------------
To UNSUBSCRIBE, send a message to mdaemon@bmtmicro.com with the first
line of the message body being...
UNSUBSCRIBE pmmail-list@blueprintsoftwareworks.com