On Wed, Oct 02, 2019 at 10:40:34AM +0100, Jeremy Nicoll wrote: > On Wed, 2 Oct 2019, at 10:03, Keith Bainbridge wrote: > > > Details are at > > > > https://www.abc.net.au/news/2019-10-02/anu-cyber-hack-how-personal-information-got-out/11550578 > > https://www.abc.net.au/news/2019-10-02/the-sophisticated-anu-hack-that-compromised-private-details/11566540 > > It seems to me that everything follows from whatever access the initial > 'unclicked email' malware > gave to the hackers. > > But how can malware jump from an email that's not "clicked", into some part > of the university's > systems?
Well, somebody is not telling the truth. Understandable, considering the consequences. > > Unless... the email was being viewed via a webmail system running on a server > not owned by the > university? > > Then... is this just malware of the sort that any website could deliver to > any visitor? > > Even if it was, one might expect the viewer to have been using a desktop PC > of some sort, with - > surely - whatever anti-malware software the university deems appropriate for > their PCs? > > Or... do all their staff use a mish-mash of personal devices, and those don't > have to have any > anti-malware apps on them? > And back to the original question: noexec home directories. No this does not help. It might in a very few cases prevent some damage, but once the code runs on the computer (not launched from the home directory) the damage is pretty much done. Here is one thing which actually make everybody safer: Do NOT (NEVER!) accept files which might include executable code. Office files (MS or OO ) only PDF/A is OK every other PDF, throw it out. No multimedia (movies, mp3). And I hear already the crowds crying, but we need this for work. No you don't! I do not need a powerpoint presentation in my mail. If you want bullet points just use "-" and indentation. You can do that in a text made from ASCII characters only. Excel is shit to begin with. Get rid of it, not only in e-mail. Whatever can be written in Word, can be written just in ASCII text. And you suck at typography anyway, do not even try. -H -- Henning Follmann | hfollm...@itcfollmann.com
