Re: [gentoo-user] viruses

[Collins Richey]

On Tue, 3 Feb 2004 21:09:58 +0200
Sami Näätänen <[EMAIL PROTECTED]> wrote:

> On Saturday 31 January 2004 00:41, Collins Richey wrote:
> > On Fri, 30 Jan 2004 16:37:46 -0500
> >
> > Peter Wu <[EMAIL PROTECTED]> wrote:
> > > As an etiquette on a public mailing list, can you please configure
> > > your mailer to set width of your posts? Not every user, esp. UNIX
> > > user, can read lines longer than 80 characters.
> >
> > I'm not sure what the problem is.  My line wrap is set to 72
> > characters, and this has always worked in the past.
> 
> And besides the RFC says that the wrapping is up to the reader not 
> sender, which is by the way the right way. This way everyone can read 
> the mails in their desired width.
> 

RFC or no, many (on this and other mailing lists) prefer to use
(moderately broken? IMO) character-oriented mail readers that can't
handle long lines very well, so I am only too happy to adjust my sending
settings as needed.  I normally run with line length set to 72, but I
must have slipped up the last time I installed sylpheed-claws.

-- 
Collins - Denver Area - 
Gentoo stable kernel 2.6.2-rc1

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Sami Näätänen]

On Saturday 31 January 2004 00:41, Collins Richey wrote:
> On Fri, 30 Jan 2004 16:37:46 -0500
>
> Peter Wu <[EMAIL PROTECTED]> wrote:
> > As an etiquette on a public mailing list, can you please configure
> > your mailer to set width of your posts? Not every user, esp. UNIX
> > user, can read lines longer than 80 characters.
>
> I'm not sure what the problem is.  My line wrap is set to 72
> characters, and this has always worked in the past.

And besides the RFC says that the wrapping is up to the reader not 
sender, which is by the way the right way. This way everyone can read 
the mails in their desired width.


--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Jan Groenewald]

Hi

On Sun, Feb 01, 2004 at 10:55:48AM +, Fred Labrosse wrote:
> P.S.  This is getting REALLY OT, isn't it.
I agree.

Jan


-- 
In our society a person might frequently have to choose between what he thinks
is practical and what is ethical.  He might choose the practical, and as a
result he disintegrates as a human being.Philip K Dick

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Stroller]

On Feb 1, 2004, at 6:52 am, Collins Richey wrote:

On Sat, 31 Jan 2004 20:26:43 -0500
Peter Wu <[EMAIL PROTECTED]> wrote:
On Sat, Jan 31, 2004 at 10:38:42PM +, Stroller wrote:

On Jan 31, 2004, at 7:57 am, jkw wrote:
[...]
... how can we prevent
gentoo-user from being archived on google, or stop google from
making email addresses public information?
Sorry to sound unsympathetic, but it really clogs my mailbox when
people complain about this issue. I can't see any way to resolve it,
so don't want to hear about it unless you have suggestions for doing
so.
How does Google archive the gentoo mailing list?

Google doesn't.  A couple of mailing list archivers archive the gentoo
lists, and google harvests the data just like it does any other data on
the web...
*cough* Google Groups *cough* recently *cough*.

Stroller.

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Mike Williams]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sunday 01 February 2004 16:01, Peter Wu wrote:
> > Google doesn't.  A couple of mailing list archivers archive the gentoo
> > lists, and google harvests the data just like it does any other data on
> > the web. Anything in the archives, of course, can be harvested by
> > malicious spammers.  I'm surprised that my address is not harvested more
> > often than it is.
>
> Can anyone from Gentoo.org to talk to Gentoo so that the email address is
> masked when gated to the newsgroup archive on Google?

Gentoo.org IS gentoo.
And no, they can't, they don't operate the mail -> news gateway.
It's also totally irrelevant anyway, as there is little doubt that spammers 
are subscribed to the group. There are also at least 2 mail -> web gateways 
archiving the list, and not munging addresses.

I hate spam as much as the next guy, but once they've got your address there 
is little you can do, either ignore it, or filter it.

- -- 
Mike Williams
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAHSZ2InuLMrk7bIwRAkswAJ91qYntbHuhe6KqVaLtnqvUJS2IQwCfa/wY
WE6lUO0DR3C2r1EBW+itl0w=
=XYeD
-END PGP SIGNATURE-

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Peter Wu]

On Sat, Jan 31, 2004 at 11:52:23PM -0700, Collins Richey wrote:

> On Sat, 31 Jan 2004 20:26:43 -0500
> Peter Wu <[EMAIL PROTECTED]> wrote:
> 
> > On Sat, Jan 31, 2004 at 10:38:42PM +, Stroller wrote:
> > 
> > > On Jan 31, 2004, at 7:57 am, jkw wrote:
> > > [...]
> > > >... how can we prevent
> > > >gentoo-user from being archived on google, or stop google from
> > > >making email addresses public information?
> > > 
> > > Sorry to sound unsympathetic, but it really clogs my mailbox when 
> > > people complain about this issue. I can't see any way to resolve it,
> > > so don't want to hear about it unless you have suggestions for doing
> > > so.
> > 
> > How does Google archive the gentoo mailing list?
> > 
> 
> Google doesn't.  A couple of mailing list archivers archive the gentoo
> lists, and google harvests the data just like it does any other data on
> the web. Anything in the archives, of course, can be harvested by
> malicious spammers.  I'm surprised that my address is not harvested more
> often than it is.

Can anyone from Gentoo.org to talk to Gentoo so that the email address is
masked when gated to the newsgroup archive on Google?

-- 
   ,,,
  (o o)   Peter Wu
---ooO-(_)-Ooo--- Powered by Gentoo Linux 2.4.22


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Peter Wu]

On Sun, Feb 01, 2004 at 04:06:31PM +0200, Rumen Yotov wrote:

> On ??, 2004-02-01 at 15:56, Jakub Krajcovic wrote:
> > > So let me make a conclusion ...
> > > 
> > > If viruses can/can't infect users account is not a question
> > > of users education, but application weakness.
> > > 
> > > noro
> > 
> > >From how i look at it, it does not necessary have to have anything to do
> > with application strenghts/weaknesses. It's the way that you identify
> > executables in the OS.
> > 
> > Imagine what a Linux user would have to do to get infected by a virus
> > that spreads by email... he would have to 
> > a) save the file on his drive
> > b) give it exetutable persmissions
> > c) intentionally run it.
> > 
> > And even then, the virus could infect only the user files, because it
> > would be ran as a process started by the given user. So unless this
> > action is taken by root, i think that the issue linux and viruses is not
> > an issue...
> Sorry may be OT but your signature can't be verified and you write it's
> on pgp.mit.edu.

It works fine for me.

[-- PGP output follows (current time: Sun Feb  1 10:11:00 2004) --]
gpg: Signature made Sun Feb  1 08:56:52 2004 EST using DSA key ID 8825672D
gpg: Good signature from "Jakub Krajcovic <[EMAIL PROTECTED]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:  There is no indication that the signature belongs to the
owner.
Primary key fingerprint: 831F C33C 087F B5EA 8A12  025D EEEA 9147 8825
672D
[-- End of PGP output --]


-- 
   ,,,
  (o o)   Peter Wu
---ooO-(_)-Ooo--- Powered by Gentoo Linux 2.4.22


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Peter Wu]

On Sun, Feb 01, 2004 at 10:55:48AM +, Fred Labrosse wrote:

> Peter Wu writes:
>  > 
>  > Microsoft creates features that customers demand so that they can
>  > sell their products and make money. 
>  > 
> 
> I did not follow the thread at all, but when I read that, I jump.  No,
> Microsoft does not create features that customers demand.  They create
> features and work very hard at  convincing their customers that they need
> the features.

Well, features are demanded by customers. Otherwise, why does Microsoft
invest so much money on some features that nobody will buy in?

> How many "features" of Word does a regular user use?  Never thought that
> the singing and dancing dog (i'nit cute ;-) in the "search" application was
> just a waste of time and resource.  And so on, and so on...

How many features in your VM and XEmacs does a regular user use? 


-- 
   ,,,
  (o o)   Peter Wu
---ooO-(_)-Ooo--- Powered by Gentoo Linux 2.4.22


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Rumen Yotov]

On нд, 2004-02-01 at 15:56, Jakub Krajcovic wrote:
> > So let me make a conclusion ...
> > 
> > If viruses can/can't infect users account is not a question
> > of users education, but application weakness.
> > 
> > noro
> 
> >From how i look at it, it does not necessary have to have anything to do
> with application strenghts/weaknesses. It's the way that you identify
> executables in the OS.
> 
> Imagine what a Linux user would have to do to get infected by a virus
> that spreads by email... he would have to 
> a) save the file on his drive
> b) give it exetutable persmissions
> c) intentionally run it.
> 
> And even then, the virus could infect only the user files, because it
> would be ran as a process started by the given user. So unless this
> action is taken by root, i think that the issue linux and viruses is not
> an issue...
Sorry may be OT but your signature can't be verified and you write it's
on pgp.mit.edu.
-- 
Rumen Yotov <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Re: [gentoo-user] viruses

[Jakub Krajcovic]

> So let me make a conclusion ...
> 
> If viruses can/can't infect users account is not a question
> of users education, but application weakness.
> 
> noro

>From how i look at it, it does not necessary have to have anything to do
with application strenghts/weaknesses. It's the way that you identify
executables in the OS.

Imagine what a Linux user would have to do to get infected by a virus
that spreads by email... he would have to 
a) save the file on his drive
b) give it exetutable persmissions
c) intentionally run it.

And even then, the virus could infect only the user files, because it
would be ran as a process started by the given user. So unless this
action is taken by root, i think that the issue linux and viruses is not
an issue...

-- 


GPG public keys available at pgp.mit.edu


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Norbert Kamenicky]

Andrej Kacian wrote:

AFAIK Linux users are trained mostly themself.


And *that's* precisely why linux users have better computer knowledge - most
windows users only know how their favorite application works and *refuse* to
look "under the hood" of the computer, unlike average linux user.
Andrej,
can u tell me, how long time it takes to average linux beginner
to become linux guru if he is learning himself only?
I would like to say "few weeks", but I am afraid I have to say
"some years"!
Reading this ML I learned there is plenty of linux beginners,
but probably no one of them has virus infected linux account.
So let me make a conclusion ...

If viruses can/can't infect users account is not a question
of users education, but application weakness.
noro





--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Fred Labrosse]

Peter Wu writes:
 > 
 > Microsoft creates features that customers demand so that they can
 > sell their products and make money. 
 > 

I did not follow the thread at all, but when I read that, I jump.  No,
Microsoft does not create features that customers demand.  They create
features and work very hard at  convincing their customers that they need
the features.

How many "features" of Word does a regular user use?  Never thought that
the singing and dancing dog (i'nit cute ;-) in the "search" application was
just a waste of time and resource.  And so on, and so on...

Just my 2p.

Fred

P.S.  This is getting REALLY OT, isn't it.


--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Andrej Kacian]

On Sun, 01 Feb 2004 12:31:51 +0100
Norbert Kamenicky <[EMAIL PROTECTED]> wrote:

> Peter Wu wrote:
> Guy, tell me why unix users don't do that ? (working as root) snip
> >>>Because most Unix users have good computer knowledge while most Windows
> >>>users do not know how computers work at all.
> 
> This is total demagogy !
> 
> AFAIK *nobody* is borning as linux guru and every user has
> to pass beginners days.
> 
> I am not familiar with situation in other countries, but
> in Slovakia M$hit becomes official state religion.
> (Our government signed some stupid agreement with M$hit
> Big Devil last days.)
> 
> Windblowz users are trained at schools and
> nearly every employee is training its stuff
> as well.
> 
> AFAIK Linux users are trained mostly themself.

And *that's* precisely why linux users have better computer knowledge - most
windows users only know how their favorite application works and *refuse* to
look "under the hood" of the computer, unlike average linux user.

-- 
/~\ The ASCIIAndrej "Ticho" Kacian 
\ / Ribbon Campaign  GnuPG public key ID: 7CD93FE2 (pgp.mit.edu)
 X  Against HTML Key fingerprint:
/ \ Email!   E87D 9DEF 2A23 6FFB 7AD9 542F 4253 3A46 7CD9 3FE2


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Norbert Kamenicky]

Peter Wu wrote:
Guy, tell me why unix users don't do that ? (working as root)
snip
Because most Unix users have good computer knowledge while most Windows
users do not know how computers work at all.
This is total demagogy !

AFAIK *nobody* is borning as linux guru and every user has
to pass beginners days.
I am not familiar with situation in other countries, but
in Slovakia M$hit becomes official state religion.
(Our government signed some stupid agreement with M$hit
Big Devil last days.)
Windblowz users are trained at schools and
nearly every employee is training its stuff
as well.
AFAIK Linux users are trained mostly themself.

howgh, noro



--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Collins Richey]

On Sat, 31 Jan 2004 20:26:43 -0500
Peter Wu <[EMAIL PROTECTED]> wrote:

> On Sat, Jan 31, 2004 at 10:38:42PM +, Stroller wrote:
> 
> > On Jan 31, 2004, at 7:57 am, jkw wrote:
> > [...]
> > >... how can we prevent
> > >gentoo-user from being archived on google, or stop google from
> > >making email addresses public information?
> > 
> > Sorry to sound unsympathetic, but it really clogs my mailbox when 
> > people complain about this issue. I can't see any way to resolve it,
> > so don't want to hear about it unless you have suggestions for doing
> > so.
> 
> How does Google archive the gentoo mailing list?
> 

Google doesn't.  A couple of mailing list archivers archive the gentoo
lists, and google harvests the data just like it does any other data on
the web. Anything in the archives, of course, can be harvested by
malicious spammers.  I'm surprised that my address is not harvested more
often than it is.

-- 
Collins - Denver Area - 
Gentoo stable kernel 2.6.2-rc1

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Peter Wu]

On Sat, Jan 31, 2004 at 10:38:42PM +, Stroller wrote:

> On Jan 31, 2004, at 7:57 am, jkw wrote:
> [...]
> >... how can we prevent
> >gentoo-user from being archived on google, or stop google from
> >making email addresses public information?
> 
> Sorry to sound unsympathetic, but it really clogs my mailbox when 
> people complain about this issue. I can't see any way to resolve it, so 
> don't want to hear about it unless you have suggestions for doing so.

How does Google archive the gentoo mailing list?

-- 
   ,,,
  (o o)   Peter Wu
---ooO-(_)-Ooo--- Powered by GNU/Linux 2.4.22


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Stroller]

On Jan 31, 2004, at 7:57 am, jkw wrote:
i *NEVER* received spam before signing up on gentoo-user, and now i
receive about *1 MB* of spam/viruses each day. therefore it's obvious
that gentoo-user is the source of the spam and viruses.
This is an OLD thread. Yes, the list IS harvested for addresses by 
spammers. But it also gets pretty old pretty quick hearing about it 
every few weeks from people who appear to think they've discovered 
something new when they post on this subject.

now, guess what? go to google groups (dejanews, whatever) and
look at the group linux.gentoo.user. i believe that's where and how
the spam/virus programs harvest addresses.
Google Groups has only started carrying this list recently - the 
spam-to-list-addresses problem predates that. There are at least 2 
other archives of the list that I am aware of, so spammers could be 
harvesting these, or simply have subscribed to the list themselves.

... how can we prevent
gentoo-user from being archived on google, or stop google from
making email addresses public information?
Sorry to sound unsympathetic, but it really clogs my mailbox when 
people complain about this issue. I can't see any way to resolve it, so 
don't want to hear about it unless you have suggestions for doing so.

Just get a Bayesian mail-filter like everyone else, and stop whining.

$ esearch -Sc spam
[MN] crm114 (20030920):  A powerful text processing tools, mainly used 
for spam filtering
[ N] Mail-SpamAssassin (2.60-r1):  Perl Mail::SpamAssassin - A program 
to filter spam
[ N] pyzor (0.4.0-r1):  Pyzor is a distributed, collaborative spam 
detection and filtering network
[ N] bmf (0.9.4):  A fast and small Bayesian spam filter
[ N] tmda (0.92):  Python-based SPAM reduction system
[ N] disspam (0.12):  A Perl script that removes spam from POP3 
mailboxes based on RBLs.
[ N] razor (2.12):  Vipul's Razor is a distributed, collaborative spam 
detection and filtering network
[ U] bogofilter (0.13.7.3):  Bayesian spam filter designed with fast 
algorithms, and tuned for speed.
[ N] spamass-milter (0.2.0):  A Sendmail milter for SpamAssassin
[MN] spampd (2.11-r1):  spampd is a program used within an e-mail 
delivery system to scan messages for possible Unsolicited Commercial 
E-mail content.
[ N] mailfilter (0.4.0):  Mailfilter is a utility to get rid of 
unwanted spam mails
[ N] popfile (0.21.1):  Anti-spam filter

Stroller.

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[jkw]

On Jan 31, 2004, at 6:55 AM, Bob Hentges wrote:

[snip]

I have noticed this problem as well on other mailing lists ( f.i. the 
debian-user list, which is a high volume mailing list... ). The 
archive google is keeping up to date is in the first position 
absolutely respectable.
Actually mailing lists have been kept archived for some years. ( note 
for instance the original newsgroup post of Linus Torvalds. Now those 
posts have been kept in the purpose of serving people searching for 
information. Neither you nor me want to answer all the time the same 
questions, nor am I interested in asking a question similar to the one 
somebody asked already on the list / on the net. There are certainly 
more and more people not searching for information / help before they 
post on a list, but at least for those who keep up the good manors, 
let's give them a chance to find what they are searching for.
Now certainly email addresses haven't to be published in the archives, 
to transmit the information. But if you would like to ask somebody who 
replied to the question/mail, or add some feedback, you will be glad 
to be able to put your hands on the persons email address, i am sure 
about that.
Even if the spam problem can't be ignored, it 's definetly not 
google's fault to "publish" the emails with the archives. Actually, 
the biggest problem concerning the reign of the spam ( who is 
representing about 40% of all the emails ) is for instance the address 
book on windows, and the unawareness of windows users on the list. 
Outlook ( Express ), as most serious mail clients do as well, is 
keeping book of all the emails the user get s email from. Those 
collected addresses are like waiting for a ( mostly windows-user, we 
must admit it ) to get spy ware, which is fairly easily achieved. Now 
this spy ware can "read" the list of mail addresses and sends them 
back to their home server ( E.T. phenomena ).
I guess, thought I am absolutely not sure, that this is the problem 
where the spam "servers/senders/whatever" get their mail addresses 
from.

Just blaming one crawler, in this case google, to be responsible for 
all the spam people might get is naive, IMO.
I can be totally wrong thought, but that's my point of view, and my 
0.02€ to the topic.
you're right--it's not google's fault for publishing email addresses, 
it's the harvesters' fault for using google's published addresses for 
evil, instead of good. i think of it like the mail relay 
problem--nowadays, it's not a good idea to set up an open mail relay, 
and yet there's nothing inherently wrong with the open relay.

of course my implication of google is speculation. it would be 
interesting to have real data to determine whether the main culprit is 
google, outlook, or something else.

j.

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Peter Wu]

On Sat, Jan 31, 2004 at 02:32:38PM +0100, Norbert Kamenicky wrote:

> Peter Wu wrote:
> 
> >>
> >>Guy, tell me why unix users don't do that ? (working as root)
> >
> >
> >Because most Unix users have good computer knowledge while most Windows
> >users do not know how computers work at all.
> >
> >Do you admit this fact?
> >
> 
> Not at all, I personally maintain some Linux PCs, where
> users know nothing more as to use mail client, OOo
> and bookkeeping programs. Still no virus problem.

How much percentage of the users that know nothing more as to use mail
client are using Windows?

> >>>I really doubt switching to Linux can stop virii from spreading. 
> >>
> >>Ok Tom, how many viruses have been infecting your linux box ?
> >>I only read about them.
> >
> >
> >Because those viruses were written specially against Windows. Well, you
> >would say 'because Windows is very vulnerable'. I have been using Windows
> >and Linux/FreeBSD for more than 10 years, Windows being my major working
> >operating system at office while Linux/FreeBSD is my leisure hour hobby. I
> >have never had any virus ruining my Windows box.
> >
> 
> Common, u have them, but they were hidden :-).

You have them on your Linux box, too. You'll sooner or later receive
security alerts from some authorities. I guarantee you.

> >Windows and Linux both have vulnerabilities and it is the appropriate
> >administration that helps avoid disasters. 
> >
> 
> Yes, I agree, but u must be blind if not see these facts:
> 
> 1. It's much easier to search vulnerabilities in source code
>like to debug application/system.

If you mean it's easier to search for vulnerabilities than to debug the
application/system, can you elaborate more on it?

> 2. If one small vulnerability on Linux occures (no exploit yet)
>there are found minimum 10 fatal vulnerabilities on M$hit
>(exploits widely spreaded already).

I don't know if 'small' is proper to describe a vulnerability. If a
vulnerability is found and made use of by some malicious user, the system
will be vulnerable. Even 1 very 'small' vulnerability can bring the system
down.

> 3. Patches on Linux are available very soon, M$hit patches
>after some months if ever.

This is the only part I agree with you. However, it is not the whole
story. If you are a premium customer of Microsoft and you are
experiencing a 'big' security hole, Microsoft is committed to releasing a
security patch within days or even shorter. 

Again, I'd like to emphasize that Microsoft is a commercial company not a
charity group. Its goal is to earn money while Linux sets a different
goal. Microsoft creates features that customers demand so that they can
sell their products and make money. 

Being a desktop software vendor, Microsoft did not pay enough attention to
the security when writing code and that's why Bill Gates kicked off the
Trustworthy Computing. 

There are already so many debates between Open Source & Closed Source.

-- 
   ,,,
  (o o)   Peter Wu
---ooO-(_)-Ooo--- Powered by GNU/Linux 2.4.22


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Bob Hentges]

jkw wrote:
On Jan 29, 2004, at 7:49 PM, lukas wrote:

Hi folks,

since I'm posting to this list, I receive more and more viruses every
day. A few minutes ago, I received a bounced virus-mail reputedly
sent by me.


the only mailing list i am subscribed to at this address is gentoo-user.
i have never posted this address on the internet anywhere.
i *NEVER* received spam before signing up on gentoo-user, and now i
receive about *1 MB* of spam/viruses each day. therefore it's obvious
that gentoo-user is the source of the spam and viruses.
now, guess what? go to google groups (dejanews, whatever) and
look at the group linux.gentoo.user. i believe that's where and how
the spam/virus programs harvest addresses.
it is incredibly naive on google's part to do such a stupid thing as not
hide email addresses, like mail-archive does. how can we prevent
gentoo-user from being archived on google, or stop google from
making email addresses public information?
j.

I have noticed this problem as well on other mailing lists ( f.i. the 
debian-user list, which is a high volume mailing list... ). The archive 
google is keeping up to date is in the first position absolutely 
respectable.
Actually mailing lists have been kept archived for some years. ( note 
for instance the original newsgroup post of Linus Torvalds. Now those 
posts have been kept in the purpose of serving people searching for 
information. Neither you nor me want to answer all the time the same 
questions, nor am I interested in asking a question similar to the one 
somebody asked already on the list / on the net. There are certainly 
more and more people not searching for information / help before they 
post on a list, but at least for those who keep up the good manors, 
let's give them a chance to find what they are searching for.
Now certainly email addresses haven't to be published in the archives, 
to transmit the information. But if you would like to ask somebody who 
replied to the question/mail, or add some feedback, you will be glad to 
be able to put your hands on the persons email address, i am sure about 
that.
Even if the spam problem can't be ignored, it 's definetly not google's 
fault to "publish" the emails with the archives. Actually, the biggest 
problem concerning the reign of the spam ( who is representing about 40% 
of all the emails ) is for instance the address book on windows, and the 
unawareness of windows users on the list. Outlook ( Express ), as most 
serious mail clients do as well, is keeping book of all the emails the 
user get s email from. Those collected addresses are like waiting for a 
( mostly windows-user, we must admit it ) to get spy ware, which is 
fairly easily achieved. Now this spy ware can "read" the list of mail 
addresses and sends them back to their home server ( E.T. phenomena ).
I guess, thought I am absolutely not sure, that this is the problem 
where the spam "servers/senders/whatever" get their mail addresses from.

Just blaming one crawler, in this case google, to be responsible for all 
the spam people might get is naive, IMO.
I can be totally wrong thought, but that's my point of view, and my 
0.02€ to the topic.

--
Bob Hentges   | .''`.
http://bob.hentges.lu/|: :'  :
--|`. `'`
ASCII Ribbon Campaign |  `-
Say No to HTML in EMail and News  |  proud Debian
--| user and admin
--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Thomas T. Veldhouse]

Collins Richey wrote:


2. No one with a lick of sense (except maybe Lindows users) processes mail as root.  Almost all viruses rely on the wide open nature of windows to inflict their harm.  Converting to linux (or even to Apple OS X or BSD) will eliminate 99% of the problems.

These worms don't require root or administrative rights.  They only 
require themselves to be executed by somebody with the right to send 
email, presumably with outlook products.  So, lack of administrative 
rights is no real protection.

Tom Veldhouse

P.S.  Please fix the length of the lines in your messages ... to under 
80 characters.


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Thomas T. Veldhouse]

Peter Wu wrote:

On Fri, Jan 30, 2004 at 12:15:06PM +0100, Norbert Kamenicky wrote:

What if root on a Linux box open an attachment to a mail he receives today
and that attachment happens to be some executable that can ruin the
system? 

I really doubt switching to Linux can stop virii from spreading. 

Most Linux users don't read email as a priveledged users.  So, switching 
to Linux would definitely help.  But in the case of email worms, a 
non-priveledged user can send email, so a non-priveledged user can 
execute the worm effectively.  The problem is not the platform of choice 
 in any event, it is the rights of the executing user.  Microsoft needs 
to work on getting its users to use their machines as non-Administrative 
users, and currently, there are too many requirements made on users that 
require Administrative rights (and no simple ability to "su") to allow this.

Tom Veldhouse


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Norbert Kamenicky]

Peter Wu wrote:

Guy, tell me why unix users don't do that ? (working as root)


Because most Unix users have good computer knowledge while most Windows
users do not know how computers work at all.
Do you admit this fact?

Not at all, I personally maintain some Linux PCs, where
users know nothing more as to use mail client, OOo
and bookkeeping programs. Still no virus problem.

I really doubt switching to Linux can stop virii from spreading. 
Ok Tom, how many viruses have been infecting your linux box ?
I only read about them.


Because those viruses were written specially against Windows. Well, you
would say 'because Windows is very vulnerable'. I have been using Windows
and Linux/FreeBSD for more than 10 years, Windows being my major working
operating system at office while Linux/FreeBSD is my leisure hour hobby. I
have never had any virus ruining my Windows box.
Common, u have them, but they were hidden :-).


Windows and Linux both have vulnerabilities and it is the appropriate
administration that helps avoid disasters. 

Yes, I agree, but u must be blind if not see these facts:

1. It's much easier to search vulnerabilities in source code
   like to debug application/system.
2. If one small vulnerability on Linux occures (no exploit yet)
   there are found minimum 10 fatal vulnerabilities on M$hit
   (exploits widely spreaded already).
3. Patches on Linux are available very soon, M$hit patches
   after some months if ever.
noro

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Spider]

begin  quote
On Sat, 31 Jan 2004 12:21:59 +
Peter Ruskin <[EMAIL PROTECTED]> wrote:


 
> Three questions:
> 
>   Why would these idiots target Gentoo?

They probably just google for mail + archives in some automated way.

> 
>   Why does Gentoo allow (or make it easy for) this to happen?
We don't.   There are no Gentoo official archives that keep mailaddress'

 
>   Does this not reflect badly on Gentoo's image?

its a pretty common occurance with any more popular list.  Inofficial
archives appear, and users get spammed. :/
 


The virus though, thats all the *BLEEP* people on the lists that have
Outlook.  

//Spider

-- 
begin  .signature
This is a .signature virus! Please copy me into your .signature!
See Microsoft KB Article Q265230 for more information.
end


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Peter Ruskin]

On Saturday 31 Jan 2004 07:57, jkw wrote:
> the only mailing list i am subscribed to at this address is
> gentoo-user. i have never posted this address on the internet
> anywhere.
>
> i *NEVER* received spam before signing up on gentoo-user, and now i
> receive about *1 MB* of spam/viruses each day. therefore it's obvious
> that gentoo-user is the source of the spam and viruses.
>
> now, guess what? go to google groups (dejanews, whatever) and
> look at the group linux.gentoo.user. i believe that's where and how
> the spam/virus programs harvest addresses.
>
> it is incredibly naive on google's part to do such a stupid thing as
> not hide email addresses, like mail-archive does. how can we prevent
> gentoo-user from being archived on google, or stop google from making
> email addresses public information?
>
I couldn't agree more.  It's plain to me too that the gentoo list 
archives are the source.  It's all very well everyone talking about 
anti-spam solutions but this is the very first time I've been forced 
into having an interest in them.

Three questions:

  Why would these idiots target Gentoo?

  Why does Gentoo allow (or make it easy for) this to happen?

  Does this not reflect badly on Gentoo's image?

Peter
-- 
==
Gentoo Linux: Portage 2.0.49-r20kernel-2.6.2-rc2-sparc
i686 AMD Athlon(tm) XP 3200+KDE: 3.1.5 Qt: 3.2.3 gcc(GCC): 3.2.3
==


--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[LJN]

On Fri, 2004-01-30 at 22:15, Peter Wu wrote:
> If I write a shell script and attach to an email sent to you, then you
> save the attached shell script and run it when you happen to have the
> roott privilege?
> 
> IIRC, any binary files can be attached to an email. Correct me if I am
> wrong.

if you send me a shell script i'll of course read AND understand it
before even chmodding it.


--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[LJN]

On Fri, 2004-01-30 at 20:43, Peter Wu wrote:
> On Fri, Jan 30, 2004 at 12:15:06PM +0100, Norbert Kamenicky wrote:
> 
> Well, some of the recent worms are activated by end users open an
> attachment, which could be an vbs or an executable. It is the executable
> that infects the system as most Windows users log in as an Administrator
> role.
> 
> What if root on a Linux box open an attachment to a mail he receives today
> and that attachment happens to be some executable that can ruin the
> system? 
> 


then he don't deserve root access and if he have to have it he deserve
to get his machine trashed.

don't open attatchments you don't know exactly what are and never with
root/administrator before testing with a normal user.


--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[jkw]

On Jan 29, 2004, at 7:49 PM, lukas wrote:

Hi folks,

since I'm posting to this list, I receive more and more viruses every
day. A few minutes ago, I received a bounced virus-mail reputedly
sent by me.
the only mailing list i am subscribed to at this address is gentoo-user.
i have never posted this address on the internet anywhere.
i *NEVER* received spam before signing up on gentoo-user, and now i
receive about *1 MB* of spam/viruses each day. therefore it's obvious
that gentoo-user is the source of the spam and viruses.
now, guess what? go to google groups (dejanews, whatever) and
look at the group linux.gentoo.user. i believe that's where and how
the spam/virus programs harvest addresses.
it is incredibly naive on google's part to do such a stupid thing as not
hide email addresses, like mail-archive does. how can we prevent
gentoo-user from being archived on google, or stop google from
making email addresses public information?
j.

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Rumen Yotov]

On пт, 2004-01-30 at 23:37, Peter Wu wrote:
> On Fri, Jan 30, 2004 at 01:55:36PM -0700, Collins Richey wrote:
> 
> > On Fri, 30 Jan 2004 14:43:58 -0500
> > Peter Wu <[EMAIL PROTECTED]> wrote:
> > [...] 
> > > > Today viruses stimulate ppl switch to linux, and
> > > > therefore are BIG catalysator for linux growth.
> > > 
> > > I really doubt switching to Linux can stop virii from spreading. 
> > > 
> > 
> > BS.
> 
> Sorry to hear this acronym...
> 
> > 1. No one has any objection to a software company making money.  People have 
> > objection to M$ because of the crappy (but user friendly) virus-prone product and 
> > the monopolistic techniques they employ.
> 
> As an etiquette on a public mailing list, can you please configure your
> mailer to set width of your posts? Not every user, esp. UNIX user, can
> read lines longer than 80 characters.
> 
> Back to your remark, well, you have choice not to use it. It is your
> right. Maybe you are a UNIX guru but most people that have money may not
> know any much computer knowledge than you do. You may be smart enough to
> detect a virus just by your experience but other people do not. They may
> open an attached executable, which could be a worm virus, and the plague
> starts from there.
> 
Thats 100% true, finally all security depend on the people using it.
> Well, Microsoft started as a software company that aims at desktop and at
> home users. Most of those users know much less than you do. The
> technologies Microsfot employ may not be the best but must be the most
> popular ones, which has been proven for years.
> 
> Few people never touch Windows but many people never see Linux.
> 
> > 2. No one with a lick of sense (except maybe Lindows users) processes mail as 
> > root.  Almost all viruses rely on the wide open nature of windows to inflict their 
> > harm.  Converting to linux (or even to Apple OS X or BSD) will eliminate 99% 
> > of the problems.
> 
> Forget about Windows 9x, which is simply obsolete and quite crappy. Let's
> look at the Windows NT/2000/XP/2003 series.
> 
> I do not know whether you have ever used this series. If you don't, then
> I'd like to let you know that on those Windows products, you have an
> Administrator account, which is equivalent to the root in UNIX, and,
> surely, you can create your own account, say joe, on the machine with less
> privileges. 
> 
Also true.
> You do not have to log in as Administrator all the time but log in joe to
> check your email. It's all the same as you do every day on Linux/UNIX.
> 
> If a normal user, joe, on the Linux happens to run a script that can send
> tons of junk mails to others by looking up joe's address book, that joe
> would be a source of virus, too. I do not think the OS is the culprit in
> this case.
> 
> Sure, we must admit that Windows has a lot of security problems, some of
> which were made use of before. However, AFAIK, some Linux distros had such
> miserable experiences, too. Say, the holes in Debian some days ago that
> brought many sites down or unavailable.
> 
> People play a more important role to make computer systems secure.
Overall this things are true, but there is one VERY important thing.
Windows code is closed, while Linux is opensource. Not checked but think
that there have been months to patch Win-holes, in the opensource world
/Debian-case/ it took two-three days and everyone could see or help do
it, MS even don't want such things to be announced while they take
months to patch it if at all.
Other important thing is that in Linux programs are done in order to
solve a problem or add a feature mainly by professionals to meet their
needs. In Windows the market and the need for more and more automation
so the user could do it by just reading and clicking in an wizard-box is
main driving-force.
Just my opinion.
-- 
Rumen Yotov <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Re: [gentoo-user] viruses

[Rumen Yotov]

On пт, 2004-01-30 at 23:15, Peter Wu wrote:
> On Fri, Jan 30, 2004 at 10:47:12PM +0200, Rumen Yotov wrote:
> 
> > On ??, 2004-01-30 at 21:43, Peter Wu wrote:
> > > On Fri, Jan 30, 2004 at 12:15:06PM +0100, Norbert Kamenicky wrote:
> > > 
> > > > lukas wrote:
> > > > >On Friday 30 January 2004 05:02, Canek Pel??ez Vald??s wrote:
> > > > 
> > > > >It's sad that the internet is troubled by some weirdos who are
> > > > >thinking that programming (or spreading) a virus is a real cool
> > > > >thing.
> > > > >
> > > > 
> > > > Ooo yes, everything bad is good for something.
> > > > 
> > > > One of virus purposes was to force M$hit to improve
> > > > their crappy pseudo systems. We learned M$ is
> > > > totally immune to such forces and really don't care
> > > > about security and stability at all.
> > > > (Only one thing is important INCOME.)
> > > 
> > > Well, as a commericial company, Microsoft was founded to make money. So
> > > do other companies, don't they?
> > > 
> > > > This situation really forced ppl to do something
> > > > with it ... and linux was born :-).
> > > 
> > > Well, some of the recent worms are activated by end users open an
> > > attachment, which could be an vbs or an executable. It is the executable
> > > that infects the system as most Windows users log in as an Administrator
> > > role.
> > > 
> > > What if root on a Linux box open an attachment to a mail he receives today
> > > and that attachment happens to be some executable that can ruin the
> > > system? 
> > > 
> > As far as i know attachments in Linux are not executable, unless u made
> > them such.
> 
> If I write a shell script and attach to an email sent to you, then you
> save the attached shell script and run it when you happen to have the
> roott privilege?
> 
> IIRC, any binary files can be attached to an email. Correct me if I am
> wrong.
Yes thats so, but before running it, you have to make it executable
/chmod +x SCRIPT/ in order to run it. Windows scripting is much more
vulnerable by allowing some auto-exec features.
-- 
Rumen Yotov <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Re: [gentoo-user] viruses

[gabriel]

On January 30, 2004 09:10 pm, Peter Wu wrote:
> On Fri, Jan 30, 2004 at 06:01:26PM -0500, gabriel wrote:
> > On January 30, 2004 05:24 pm, Peter Wu wrote:
> > > That is the problem. Many Windows users are told in the email how to
> > > open and run the executable virus. Sometimes, the viral emails disguise
> > > themselves as if they were sent from Microsoft Support Team.
> >
> > an o/s can't protect against stupidity.  that said, it doesn't have to
> > encourage it either.  outlook was coded so badly that it has in some
> > cases allowed the execution of attached files just by reading the email. 
> > i don't know of any linux client that does this.  so ok, you can't
> > protect against stupidity, but you can make it hard to do something
> > stupid.
>
> No, this is not stupidity but lack of computer knowledge.

< snip >

> Can you explain to me why Linux still has vulnerabilities while it is
> designed secure by default?
>
> What would be the difference between an unpatched Linux network and an
> unpatched Windows network?
>
> Again, you prove my idea that the administration of the
> network/application is more important than the network/application
> itself.


you missed the point.  windows programs are not designed with security in 
mind.  they build features in that are inherently insecure (like the one 
mentioned above) and are therefore, by definition, less secure.

the difference then is this:  both o/s's have holes.  but the linux ones get 
patched.  not burried and/or intentionally not fixed in hopes that no one 
will notice:

  http://www.securityfocus.com/news/7807

microsoft is not "working very hard" to do anything but keep its hold on the 
market.  where are you getting this stuff?

*and* even when comparing completely un-patched systems, the linux world still 
makes sense due to its mass diversity.  even the kernels are different from 
computer to computer so the spread of any viri is far more difficult.  
filesystems, binary locations, availability of services -- all different.  
this by it's own nature leaves the linux world less of a breeding ground for 
problems like this.

in closing ('cause i'm not posting to this thread again)

- allowing people to physically break their systems is not a vulnurability.  
that's like saying that all cars are vulnerable because the drivers can be 
morons and drive them into walls.  if you don't know how to drive, don't 
blame honda when you wreck your car.

- linux is more secure to mass virus attacks because of it's diversified 
nature.

- windows is more vulnerable to mass attacks because (a) it's built with 
features, and not security in mind, (b) built by a company that doesn't care 
about making good software, only software that sells and holds marketshare, 
and (c) every windows box is the same, and therefore a perfect breeding 
ground for worms and viri.

-- 
the revolution will not be right back after a message about
a white tornado, white lightning, or white people.
you will not have to worry about a dove in your bedroom,
a tiger in your tank, or the giant in your toilet bowl.
the revolution will not go better with coke.
the revolution will not fight the germs that may cause bad breath.
the revolution will put you in the driver's seat.
the revolution will not be televised, will not be televised,
will not be televised, will not be televised.
the revolution will be no re-run brothers;
the revolution will be live.
- gil scott heron

--
[EMAIL PROTECTED] mailing list

OT: Re: [gentoo-user] viruses

[Norberto Bensa]

Peter Wu wrote:
> On Sat, Jan 31, 2004 at 02:42:57AM +0100, Norbert Kamenicky wrote:
> > Guy, tell me why unix users don't do that ? (working as root)
>
> Because most Unix users have good computer knowledge while most Windows
> users do not know how computers work at all.

This is getting offtopic. Can we let this thread die?

Thanks,
Norberto

-- 
Linux 2.6.1-mm5 Pentium III (Coppermine) GenuineIntel GNU/Linux
 23:34:19 up 1 day,  1:54,  1 user,  load average: 0.00, 0.03, 0.06


pgp0.pgp
Description: signature

Re: [gentoo-user] viruses

[Eric Paynter]

Peter Wu said:
> 3. marked by or resulting from unreasoned thinking or acting

I've seen very intelligent people act this way with a computer, so I
think it is stupidity ;-)

-Eric

-- 
arctic bears - email and name services
25 email [EMAIL PROTECTED] CA$11.95/month
DNS starting at CA$3.49/month - domains from CA$25.95/year
for details contact [EMAIL PROTECTED] or visit
http://www.arcticbears.com




--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Peter Wu]

On Sat, Jan 31, 2004 at 02:42:57AM +0100, Norbert Kamenicky wrote:

> Peter Wu wrote:
> >
> >Well, some of the recent worms are activated by end users open an
> >attachment, which could be an vbs or an executable. It is the executable
> >that infects the system as most Windows users log in as an Administrator
> >role.
> 
> Fine, if it is a problem of the last windblowz version, I say OK, but
> AFAIK it's a problem of all M$hit versions ...
> Do you know, *.DOC file can contain any executable ?
> It is executed if "text" file is opened ...
> Do u know about something more stupid/dangerous ?
> 
> Guy, tell me why unix users don't do that ? (working as root)

Because most Unix users have good computer knowledge while most Windows
users do not know how computers work at all.

Do you admit this fact?

> >What if root on a Linux box open an attachment to a mail he receives today
> >and that attachment happens to be some executable that can ruin the
> >system? 
> [...]
> >I really doubt switching to Linux can stop virii from spreading. 
> Ok Tom, how many viruses have been infecting your linux box ?
> I only read about them.

Because those viruses were written specially against Windows. Well, you
would say 'because Windows is very vulnerable'. I have been using Windows
and Linux/FreeBSD for more than 10 years, Windows being my major working
operating system at office while Linux/FreeBSD is my leisure hour hobby. I
have never had any virus ruining my Windows box.

Windows and Linux both have vulnerabilities and it is the appropriate
administration that helps avoid disasters. 

-- 
   ,,,
  (o o)   Peter Wu
---ooO-(_)-Ooo--- Powered by GNU/Linux 2.4.22


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Phil Sexton]

On Fri, 2004-01-30 at 20:42, Norbert Kamenicky wrote:

> Ok Tom, how many viruses have been infecting your linux box ?
> I only read about them.

Some references for you.

The Virus Writing HOWTO:
http://www.lwfug.org/~abartoli/virus-writing-HOWTO/_html/

Should I get anti-virus software for my Linux box?
http://linuxmafia.com/~rick/faq/#virus

-- 
Phil
Our 2nd CD: http://www.cdbaby.com/naomisfancy
Naomi's Fancy performances: http://naomisfancy.virtualave.net/schedule.html


--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Peter Wu]

On Fri, Jan 30, 2004 at 06:01:26PM -0500, gabriel wrote:

> On January 30, 2004 05:24 pm, Peter Wu wrote:
> > That is the problem. Many Windows users are told in the email how to open
> > and run the executable virus. Sometimes, the viral emails disguise
> > themselves as if they were sent from Microsoft Support Team.
> 
> an o/s can't protect against stupidity.  that said, it doesn't have to 
> encourage it either.  outlook was coded so badly that it has in some cases 
> allowed the execution of attached files just by reading the email.  i don't 
> know of any linux client that does this.  so ok, you can't protect against 
> stupidity, but you can make it hard to do something stupid.

No, this is not stupidity but lack of computer knowledge.

According to Merriam-Webster, the English word, stupid, has the following
meanings:

1. slow of mind 
2. dulled in feeling or sensation
3. marked by or resulting from unreasoned thinking or acting 
4. lacking interest or point 

If one does not know how to do something, can he or she be considered stupid?

Anyway, you prove my idea that human beings play a more important role
when we talk about securing a computer system.

> > Well, as I said in another post, on Windows, you can choose to run under a
> > user without root privilege. Also, I know there are many new Linux users
> > that like to use root instead of a normal account to do something
> > dangerous. They do not like to su to root when perform some potential
> > dangerous jobs.
> 
> i'd just write them off as darwinism.  again, you can't protect your box if 
> you're an idiot.

Again, idiot is not an appropriate word for such case.

You cannot protect yourself from diseases. Therefore, once you get some
problems, you go to see doctors. Does this mean you are an idiot?

> the common myth is that all viruses propogate through windows networks because 
> no one applies the patches.  but the real issue is the inherrent insecurity 
> in micros~1 apps.  they're built for features first, and security a distant 
> third (after marketshare).  is linux more secure? yes.  more idiotproof?  to 
> a point.  but given the diversity of linuxes and the bazaar-style 
> construction, the software produced is more stable and secure as a result.

Microsoft Windows is a commercial product that implements the features
demanded by customers. Of course, this cannot be an excuse for creating
insecure code. Anyway, Microsoft is working very hard to fix those
security holes in its applications, including Windows, Office.

Some days ago, Linux's kernel got some vulnerability that promptly was
patched by a new version. Also, I also keep receiving some security alert
from Gentoo Security to ask us either upgrade to the latest version or
patch the existing applications.

Can you explain to me why Linux still has vulnerabilities while it is
designed secure by default?

What would be the difference between an unpatched Linux network and an
unpatched Windows network?

Again, you prove my idea that the administration of the
network/application is more important than the network/application
itself.

-- 
   ,,,
  (o o)   Peter Wu
---ooO-(_)-Ooo--- Powered by GNU/Linux 2.4.22


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Norbert Kamenicky]

Peter Wu wrote:
Well, some of the recent worms are activated by end users open an
attachment, which could be an vbs or an executable. It is the executable
that infects the system as most Windows users log in as an Administrator
role.
Fine, if it is a problem of the last windblowz version, I say OK, but
AFAIK it's a problem of all M$hit versions ...
Do you know, *.DOC file can contain any executable ?
It is executed if "text" file is opened ...
Do u know about something more stupid/dangerous ?
Guy, tell me why unix users don't do that ? (working as root)

What if root on a Linux box open an attachment to a mail he receives today
and that attachment happens to be some executable that can ruin the
system? 
Let's try it, and u'll see it's easy to say, but hard to do.

If u open infected attachement in good written application
nothing happens. If u save it to file, u have to set up
exec permissions before running it. Do you thing, some diletant
is able to make it ? I think not.
U must be pretty skilled admin to setup everything let
some virus in attachement is activated by opening the email.
(FYI on qmail root have no maildir/mbox.)


I really doubt switching to Linux can stop virii from spreading. 

Ok Tom, how many viruses have been infecting your linux box ?
I only read about them.
noro

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[lukas]

On Saturday 31 January 2004 00:21, Collins Richey wrote:

> > Maybe it's only set to 72 chars for your viewer, but not for your
> > editor?
>
> All 3 settings - wrap quotations, wrap on input, wrap before sending
> - are set.  This is the first complaint I've had, and I've been using
> Sylpheed for years.

Sylpheed is a good program. I have used it for a while.
Now your lines are not too long, maybe it was an other error.
I always make the wrapping by pressing the enter-key, because
if I wanna post a link or something like that, it's not a good thing,
to wrap all lines. :)

cu

lukas

-- 
** PGP-key available on keyserver pgp.mit.edu **

3261 D27B D604 8B8A D6BF  74ED D0E8 99D7 D3B9 F7CE

Please don't sign your public mail unless your
PGP-key is available for everyone!




pgp0.pgp
Description: signature

Re: [gentoo-user] viruses

[Collins Richey]

On Fri, 30 Jan 2004 23:55:19 +0100
lukas <[EMAIL PROTECTED]> wrote:

> On Friday 30 January 2004 23:41, Collins Richey wrote:
> 
> > > As an etiquette on a public mailing list, can you please configure
> > > your mailer to set width of your posts? Not every user, esp. UNIX
> > > user, can read lines longer than 80 characters.
> >
> > I'm not sure what the problem is.  My line wrap is set to 72
> > characters, and this has always worked in the past.
> 
> Maybe it's only set to 72 chars for your viewer, but not for your
> editor?
> 

All 3 settings - wrap quotations, wrap on input, wrap before sending
- are set.  This is the first complaint I've had, and I've been using
Sylpheed for years.


-- 
Collins - Denver Area - 
Gentoo stable kernel 2.6.2-rc1

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[gabriel]

On January 30, 2004 05:24 pm, Peter Wu wrote:
> That is the problem. Many Windows users are told in the email how to open
> and run the executable virus. Sometimes, the viral emails disguise
> themselves as if they were sent from Microsoft Support Team.

an o/s can't protect against stupidity.  that said, it doesn't have to 
encourage it either.  outlook was coded so badly that it has in some cases 
allowed the execution of attached files just by reading the email.  i don't 
know of any linux client that does this.  so ok, you can't protect against 
stupidity, but you can make it hard to do something stupid.

> Well, as I said in another post, on Windows, you can choose to run under a
> user without root privilege. Also, I know there are many new Linux users
> that like to use root instead of a normal account to do something
> dangerous. They do not like to su to root when perform some potential
> dangerous jobs.

i'd just write them off as darwinism.  again, you can't protect your box if 
you're an idiot.

the common myth is that all viruses propogate through windows networks because 
no one applies the patches.  but the real issue is the inherrent insecurity 
in micros~1 apps.  they're built for features first, and security a distant 
third (after marketshare).  is linux more secure? yes.  more idiotproof?  to 
a point.  but given the diversity of linuxes and the bazaar-style 
construction, the software produced is more stable and secure as a result.

-- 
a man who feels the winds of change should build not a windbreak,
but a windmill.
- mao tse tung


--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[lukas]

On Friday 30 January 2004 23:41, Collins Richey wrote:

> > As an etiquette on a public mailing list, can you please configure
> > your mailer to set width of your posts? Not every user, esp. UNIX
> > user, can read lines longer than 80 characters.
>
> I'm not sure what the problem is.  My line wrap is set to 72
> characters, and this has always worked in the past.

Maybe it's only set to 72 chars for your viewer, but not for your
editor?

cu

lukas

-- 
** PGP-key available on keyserver pgp.mit.edu **

3261 D27B D604 8B8A D6BF  74ED D0E8 99D7 D3B9 F7CE

Please don't sign your public mail unless your
PGP-key is available for everyone!


pgp0.pgp
Description: signature

Re: [gentoo-user] viruses

[Collins Richey]

On Fri, 30 Jan 2004 16:37:46 -0500
Peter Wu <[EMAIL PROTECTED]> wrote:


> As an etiquette on a public mailing list, can you please configure
> your mailer to set width of your posts? Not every user, esp. UNIX
> user, can read lines longer than 80 characters.
> 

I'm not sure what the problem is.  My line wrap is set to 72 characters,
and this has always worked in the past.

-- 
Collins - Denver Area - 
Gentoo stable kernel 2.6.2-rc1

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Peter Wu]

On Fri, Jan 30, 2004 at 04:52:26PM -0500, gabriel wrote:

> On January 30, 2004 04:15 pm, Peter Wu wrote:
> >
> > If I write a shell script and attach to an email sent to you, then you
> > save the attached shell script and run it when you happen to have the
> > roott privilege?
> >
> > IIRC, any binary files can be attached to an email. Correct me if I am
> > wrong.
> 
> you're not wrong, but your logic is.  yes, you can attach any filetype to an 
> email, even a small bash script with the following contents:
> 
>   #!/bin/bash
>   rm -rf ~/
> 
> the question is whether or not a user can accidentally break their computer 
> with this.  see, if i send you the above, it'll come to you as an 
> *non-executable* attachment.  it doesn't matter if it's executable on my box, 
> when i send it to you, you'll have to save it locally and when you do, it's 
> got 0644 permissions (unless you're doing something funky with your umask).  
> you'd have to chmod u+x the file and run it to do any damage.

You're right in this sense. I cannot directly run the script.

> the exception of course is a tarball.  you can extract stuff from a tarball 
> and it'll retain it's permissions, but that still requires the enduser to be 
> an idiot and unpack then manually run the script.  that's no different from 
> telling them to run the above commands manually.

That is the problem. Many Windows users are told in the email how to open
and run the executable virus. Sometimes, the viral emails disguise
themselves as if they were sent from Microsoft Support Team.

> in the end it's in the lap of the end user anyway.  i'll say it now: if you're 
> running your desktop as root, you're asking for it.  why use a multi-user o/s 
> that protects you from windows-esque problems if you're going to circumvent 
> them anyway?

Well, as I said in another post, on Windows, you can choose to run under a
user without root privilege. Also, I know there are many new Linux users
that like to use root instead of a normal account to do something
dangerous. They do not like to su to root when perform some potential
dangerous jobs.

-- 
   ,,,
  (o o)   Peter Wu
---ooO-(_)-Ooo--- Powered by GNU/Linux 2.4.22


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[gabriel]

On January 30, 2004 04:15 pm, Peter Wu wrote:
>
> If I write a shell script and attach to an email sent to you, then you
> save the attached shell script and run it when you happen to have the
> roott privilege?
>
> IIRC, any binary files can be attached to an email. Correct me if I am
> wrong.

you're not wrong, but your logic is.  yes, you can attach any filetype to an 
email, even a small bash script with the following contents:

  #!/bin/bash
  rm -rf ~/

the question is whether or not a user can accidentally break their computer 
with this.  see, if i send you the above, it'll come to you as an 
*non-executable* attachment.  it doesn't matter if it's executable on my box, 
when i send it to you, you'll have to save it locally and when you do, it's 
got 0644 permissions (unless you're doing something funky with your umask).  
you'd have to chmod u+x the file and run it to do any damage.

the exception of course is a tarball.  you can extract stuff from a tarball 
and it'll retain it's permissions, but that still requires the enduser to be 
an idiot and unpack then manually run the script.  that's no different from 
telling them to run the above commands manually.

in the end it's in the lap of the end user anyway.  i'll say it now: if you're 
running your desktop as root, you're asking for it.  why use a multi-user o/s 
that protects you from windows-esque problems if you're going to circumvent 
them anyway?

-- 
giving it up would mean...  it would mean that all along they'd been wrong. it 
would mean that they'd never known how to rule the world. it would mean... 
relinquishing their pretensions to godhood.
  - Daniel Quinn's "ishmael"


--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Peter Wu]

On Fri, Jan 30, 2004 at 01:55:36PM -0700, Collins Richey wrote:

> On Fri, 30 Jan 2004 14:43:58 -0500
> Peter Wu <[EMAIL PROTECTED]> wrote:
> [...] 
> > > Today viruses stimulate ppl switch to linux, and
> > > therefore are BIG catalysator for linux growth.
> > 
> > I really doubt switching to Linux can stop virii from spreading. 
> > 
> 
> BS.

Sorry to hear this acronym...

> 1. No one has any objection to a software company making money.  People have 
> objection to M$ because of the crappy (but user friendly) virus-prone product and 
> the monopolistic techniques they employ.

As an etiquette on a public mailing list, can you please configure your
mailer to set width of your posts? Not every user, esp. UNIX user, can
read lines longer than 80 characters.

Back to your remark, well, you have choice not to use it. It is your
right. Maybe you are a UNIX guru but most people that have money may not
know any much computer knowledge than you do. You may be smart enough to
detect a virus just by your experience but other people do not. They may
open an attached executable, which could be a worm virus, and the plague
starts from there.

Well, Microsoft started as a software company that aims at desktop and at
home users. Most of those users know much less than you do. The
technologies Microsfot employ may not be the best but must be the most
popular ones, which has been proven for years.

Few people never touch Windows but many people never see Linux.

> 2. No one with a lick of sense (except maybe Lindows users) processes mail as root.  
> Almost all viruses rely on the wide open nature of windows to inflict their harm.  
> Converting to linux (or even to Apple OS X or BSD) will eliminate 99% of the 
> problems.

Forget about Windows 9x, which is simply obsolete and quite crappy. Let's
look at the Windows NT/2000/XP/2003 series.

I do not know whether you have ever used this series. If you don't, then
I'd like to let you know that on those Windows products, you have an
Administrator account, which is equivalent to the root in UNIX, and,
surely, you can create your own account, say joe, on the machine with less
privileges. 

You do not have to log in as Administrator all the time but log in joe to
check your email. It's all the same as you do every day on Linux/UNIX.

If a normal user, joe, on the Linux happens to run a script that can send
tons of junk mails to others by looking up joe's address book, that joe
would be a source of virus, too. I do not think the OS is the culprit in
this case.

Sure, we must admit that Windows has a lot of security problems, some of
which were made use of before. However, AFAIK, some Linux distros had such
miserable experiences, too. Say, the holes in Debian some days ago that
brought many sites down or unavailable.

People play a more important role to make computer systems secure.

-- 
   ,,,
  (o o)   Peter Wu
---ooO-(_)-Ooo--- Powered by GNU/Linux 2.4.22


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Peter Wu]

On Fri, Jan 30, 2004 at 10:47:12PM +0200, Rumen Yotov wrote:

> On ??, 2004-01-30 at 21:43, Peter Wu wrote:
> > On Fri, Jan 30, 2004 at 12:15:06PM +0100, Norbert Kamenicky wrote:
> > 
> > > lukas wrote:
> > > >On Friday 30 January 2004 05:02, Canek Pel??ez Vald??s wrote:
> > > 
> > > >It's sad that the internet is troubled by some weirdos who are
> > > >thinking that programming (or spreading) a virus is a real cool
> > > >thing.
> > > >
> > > 
> > > Ooo yes, everything bad is good for something.
> > > 
> > > One of virus purposes was to force M$hit to improve
> > > their crappy pseudo systems. We learned M$ is
> > > totally immune to such forces and really don't care
> > > about security and stability at all.
> > > (Only one thing is important INCOME.)
> > 
> > Well, as a commericial company, Microsoft was founded to make money. So
> > do other companies, don't they?
> > 
> > > This situation really forced ppl to do something
> > > with it ... and linux was born :-).
> > 
> > Well, some of the recent worms are activated by end users open an
> > attachment, which could be an vbs or an executable. It is the executable
> > that infects the system as most Windows users log in as an Administrator
> > role.
> > 
> > What if root on a Linux box open an attachment to a mail he receives today
> > and that attachment happens to be some executable that can ruin the
> > system? 
> > 
> As far as i know attachments in Linux are not executable, unless u made
> them such.

If I write a shell script and attach to an email sent to you, then you
save the attached shell script and run it when you happen to have the
roott privilege?

IIRC, any binary files can be attached to an email. Correct me if I am
wrong.

-- 
   ,,,
  (o o)   Peter Wu
---ooO-(_)-Ooo--- Powered by GNU/Linux 2.4.22


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Collins Richey]

On Fri, 30 Jan 2004 14:43:58 -0500
Peter Wu <[EMAIL PROTECTED]> wrote:

> On Fri, Jan 30, 2004 at 12:15:06PM +0100, Norbert Kamenicky wrote:
> 
> > lukas wrote:
> > >On Friday 30 January 2004 05:02, Canek Pel??ez Vald??s wrote:
> > 
> > >It's sad that the internet is troubled by some weirdos who are
> > >thinking that programming (or spreading) a virus is a real cool
> > >thing.
> > >
> > 
> > Ooo yes, everything bad is good for something.
> > 
> > One of virus purposes was to force M$hit to improve
> > their crappy pseudo systems. We learned M$ is
> > totally immune to such forces and really don't care
> > about security and stability at all.
> > (Only one thing is important INCOME.)
> 
> Well, as a commericial company, Microsoft was founded to make money. So
> do other companies, don't they?
> 
> > This situation really forced ppl to do something
> > with it ... and linux was born :-).
> 
> Well, some of the recent worms are activated by end users open an
> attachment, which could be an vbs or an executable. It is the executable
> that infects the system as most Windows users log in as an Administrator
> role.
> 
> What if root on a Linux box open an attachment to a mail he receives today
> and that attachment happens to be some executable that can ruin the
> system? 
> 
> > Today viruses stimulate ppl switch to linux, and
> > therefore are BIG catalysator for linux growth.
> 
> I really doubt switching to Linux can stop virii from spreading. 
> 

BS.

1. No one has any objection to a software company making money.  People have objection 
to M$ because of the crappy (but user friendly) virus-prone product and the 
monopolistic techniques they employ.

2. No one with a lick of sense (except maybe Lindows users) processes mail as root.  
Almost all viruses rely on the wide open nature of windows to inflict their harm.  
Converting to linux (or even to Apple OS X or BSD) will eliminate 99% of the 
problems.


-- 
Collins - Denver Area - 
Gentoo stable kernel 2.6.2-rc1

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Rumen Yotov]

On пт, 2004-01-30 at 21:43, Peter Wu wrote:
> On Fri, Jan 30, 2004 at 12:15:06PM +0100, Norbert Kamenicky wrote:
> 
> > lukas wrote:
> > >On Friday 30 January 2004 05:02, Canek Pel??ez Vald??s wrote:
> > 
> > >It's sad that the internet is troubled by some weirdos who are
> > >thinking that programming (or spreading) a virus is a real cool
> > >thing.
> > >
> > 
> > Ooo yes, everything bad is good for something.
> > 
> > One of virus purposes was to force M$hit to improve
> > their crappy pseudo systems. We learned M$ is
> > totally immune to such forces and really don't care
> > about security and stability at all.
> > (Only one thing is important INCOME.)
> 
> Well, as a commericial company, Microsoft was founded to make money. So
> do other companies, don't they?
> 
> > This situation really forced ppl to do something
> > with it ... and linux was born :-).
> 
> Well, some of the recent worms are activated by end users open an
> attachment, which could be an vbs or an executable. It is the executable
> that infects the system as most Windows users log in as an Administrator
> role.
> 
> What if root on a Linux box open an attachment to a mail he receives today
> and that attachment happens to be some executable that can ruin the
> system? 
> 
As far as i know attachments in Linux are not executable, unless u made
them such.
Linux is much more security oriented by design.
My opinion.
> > Today viruses stimulate ppl switch to linux, and
> > therefore are BIG catalysator for linux growth.
> 
> I really doubt switching to Linux can stop virii from spreading. 
-- 
Rumen Yotov <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Re: [gentoo-user] viruses

[Peter Wu]

On Fri, Jan 30, 2004 at 12:15:06PM +0100, Norbert Kamenicky wrote:

> lukas wrote:
> >On Friday 30 January 2004 05:02, Canek Pel??ez Vald??s wrote:
> 
> >It's sad that the internet is troubled by some weirdos who are
> >thinking that programming (or spreading) a virus is a real cool
> >thing.
> >
> 
> Ooo yes, everything bad is good for something.
> 
> One of virus purposes was to force M$hit to improve
> their crappy pseudo systems. We learned M$ is
> totally immune to such forces and really don't care
> about security and stability at all.
> (Only one thing is important INCOME.)

Well, as a commericial company, Microsoft was founded to make money. So
do other companies, don't they?

> This situation really forced ppl to do something
> with it ... and linux was born :-).

Well, some of the recent worms are activated by end users open an
attachment, which could be an vbs or an executable. It is the executable
that infects the system as most Windows users log in as an Administrator
role.

What if root on a Linux box open an attachment to a mail he receives today
and that attachment happens to be some executable that can ruin the
system? 

> Today viruses stimulate ppl switch to linux, and
> therefore are BIG catalysator for linux growth.

I really doubt switching to Linux can stop virii from spreading. 

-- 
   ,,,
  (o o)   Peter Wu
---ooO-(_)-Ooo--- Powered by GNU/Linux 2.4.22


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Canek Peláez Valdés]

That's weird. Sure you run the --ham in the ham boxes and the --spam
boxes? Because for your description, your behavior is the opposite of
that the one you are looking for.

Canek

On Fri, 2004-01-30 at 02:58, raptor wrote:
> from the time i done sa-learn ham&spam
> 
> I get all the spam into my inbox, one on every ~50 goes to spam folder..
> i have deleted ~/.spamassasin dir... and done sa-learn again..
> but nope 
> 
> 
> |emerge Mail-SpamAssassin
> |
> |Read
> |
> |http://support.ximian.com/cgi-bin/ximian.cfg/php/enduser/std_adp.php?p_sid=bYySnE2h&p_lva=&p_faqid=329&p_created=1039628948&p_sp=cF9ncmlkc29ydD0mcF9yb3dfY250PTImcF9zZWFyY2hfdGV4dD1zcGFtYXNzYXNzaW4mcF9wYWdlPTE*&p_li=
> |
> |Run every two or three weeks:
> |
> | sa-learn --showdots --spam --mbox [your SPAM box]
> | sa-learn --showdots --ham --mbox [your other boxes]
> |
> |At the beginning is not perfect; the more you train the Bayesian filter,
> |the better it gets. 
> |
> |Canek
> |
> |On Thu, 2004-01-29 at 21:49, lukas wrote:
> |> Hi folks,
> |> 
> |> since I'm posting to this list, I receive more and more viruses every
> |> day. A few minutes ago, I received a bounced virus-mail reputedly
> |> sent by me.
> |> I wan't to advert, that mails with my sender-address that are not
> |> signed with my pgp-key are not originate from me!
> |> What are your experiences with posting to this list and the amount
> |> of viruses you get?
> |> 
> |> cu
> |> 
> |> lukas
> |--
> |You can rent this space for only $5 a week.
> |
> 
> --
> [EMAIL PROTECTED] mailing list
--
"I'm not a god, I was misquoted."
-- Lister, Red Dwarf


signature.asc
Description: This is a digitally signed message part

Re: [gentoo-user] viruses

[Canek Peláez Valdés]

For me it works. And actually, I run the sa-learn command only when a
SPAM mail gets to my HAM accounts or viceversa (which happens every two
or three weeks... maybe more).

If you don't gent false positives nor false negatives, then the Bayesian
filter IS WORKING. If ain't break, don't fix it.

But it could be that I receive less SPAM than you; I don't know. The
thing is, the whole idea of the Bayesian approach is to PERSONALIZE the
SPAM detection. So probably some guys (like me) needs to do it every 2
or 3 weeks, and other guys (like you) needs to do it every couple of
hours.

Canek

On Fri, 2004-01-30 at 07:33, Thomas T. Veldhouse wrote:
> Canek Peláez Valdés wrote:
> 
> > emerge Mail-SpamAssassin
> > 
> > Read
> > 
> > http://support.ximian.com/cgi-bin/ximian.cfg/php/enduser/std_adp.php?p_sid=bYySnE2h&p_lva=&p_faqid=329&p_created=1039628948&p_sp=cF9ncmlkc29ydD0mcF9yb3dfY250PTImcF9zZWFyY2hfdGV4dD1zcGFtYXNzYXNzaW4mcF9wYWdlPTE*&p_li=
> > 
> > Run every two or three weeks:
> > 
> > sa-learn --showdots --spam --mbox [your SPAM box]
> > sa-learn --showdots --ham --mbox [your other boxes]
> > 
> > At the beginning is not perfect; the more you train the Bayesian filter,
> > the better it gets. 
> > 
> > Canek
> > 
> 
> Every two or three weeks?  I process spam a few times per hour.  I have 
> a script that checks a couple of Maildir folders for the false negatives 
> or the false positives that I drag into them and then bayes is updated. 
> My wife sees a lot more spam because she is not as diligent and only 
> updates her bayes every few days.  I suspect that doing this every few 
> weeks would be nearly completely ineffective [from a bayes approach] 
> with the way spam changes.
--
The only thing necessary for the triumph of evil is for good men to do nothing.
- Edmund Burke


signature.asc
Description: This is a digitally signed message part

Re: [gentoo-user] viruses

[lukas]

On Friday 30 January 2004 12:15, Norbert Kamenicky wrote:

> lukas wrote:
> > On Friday 30 January 2004 05:02, Canek Peláez Valdés wrote:
> >
> > It's sad that the internet is troubled by some weirdos who are
> > thinking that programming (or spreading) a virus is a real cool
> > thing.
>
> Ooo yes, everything bad is good for something.
>
> One of virus purposes was to force M$hit to improve
> their crappy pseudo systems. We learned M$ is
> totally immune to such forces and really don't care
> about security and stability at all.
> (Only one thing is important INCOME.)
>
> This situation really forced ppl to do something
> with it ... and linux was born :-).
>
> Today viruses stimulate ppl switch to linux, and
> therefore are BIG catalysator for linux growth.
>
> IMHO viruses are really cool thing :-).

I never seen it from this angle. :)

cu

lukas

-- 
** PGP-key available on keyserver pgp.mit.edu **

3261 D27B D604 8B8A D6BF  74ED D0E8 99D7 D3B9 F7CE

Please don't sign your public mail unless your
PGP-key is available for everyone!


pgp0.pgp
Description: signature

Re: [gentoo-user] viruses

[Thomas T. Veldhouse]

Canek Peláez Valdés wrote:

emerge Mail-SpamAssassin

Read

http://support.ximian.com/cgi-bin/ximian.cfg/php/enduser/std_adp.php?p_sid=bYySnE2h&p_lva=&p_faqid=329&p_created=1039628948&p_sp=cF9ncmlkc29ydD0mcF9yb3dfY250PTImcF9zZWFyY2hfdGV4dD1zcGFtYXNzYXNzaW4mcF9wYWdlPTE*&p_li=

Run every two or three weeks:

sa-learn --showdots --spam --mbox [your SPAM box]
sa-learn --showdots --ham --mbox [your other boxes]
At the beginning is not perfect; the more you train the Bayesian filter,
the better it gets. 

Canek

Every two or three weeks?  I process spam a few times per hour.  I have 
a script that checks a couple of Maildir folders for the false negatives 
or the false positives that I drag into them and then bayes is updated. 
   My wife sees a lot more spam because she is not as diligent and only 
updates her bayes every few days.  I suspect that doing this every few 
weeks would be nearly completely ineffective [from a bayes approach] 
with the way spam changes.


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Thomas T. Veldhouse]

lukas wrote:
Hi folks,

since I'm posting to this list, I receive more and more viruses every
day. A few minutes ago, I received a bounced virus-mail reputedly
sent by me.
I wan't to advert, that mails with my sender-address that are not
signed with my pgp-key are not originate from me!
What are your experiences with posting to this list and the amount
of viruses you get?
cu

lukas

Viruses are usually sent by somebody you know originally and then your 
address is passed on to other virus infect machines and you get more and 
more of these things.  I run a mailing list that has suddenly been 
targetted by an infected members computer infestation and now the 
address is spreading all over the place and more and more viruses are 
being sent to that list.  So far, clamav is keeping up with the 
definitions and all is well.


pgp0.pgp
Description: PGP signature

Re: [gentoo-user] viruses

[Norbert Kamenicky]

lukas wrote:
On Friday 30 January 2004 05:02, Canek PelÃez ValdÃs wrote:

It's sad that the internet is troubled by some weirdos who are
thinking that programming (or spreading) a virus is a real cool
thing.
Ooo yes, everything bad is good for something.

One of virus purposes was to force M$hit to improve
their crappy pseudo systems. We learned M$ is
totally immune to such forces and really don't care
about security and stability at all.
(Only one thing is important INCOME.)
This situation really forced ppl to do something
with it ... and linux was born :-).
Today viruses stimulate ppl switch to linux, and
therefore are BIG catalysator for linux growth.
IMHO viruses are really cool thing :-).

noro

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[raptor]

from the time i done sa-learn ham&spam

I get all the spam into my inbox, one on every ~50 goes to spam folder..
i have deleted ~/.spamassasin dir... and done sa-learn again..
but nope 


|emerge Mail-SpamAssassin
|
|Read
|
|http://support.ximian.com/cgi-bin/ximian.cfg/php/enduser/std_adp.php?p_sid=bYySnE2h&p_lva=&p_faqid=329&p_created=1039628948&p_sp=cF9ncmlkc29ydD0mcF9yb3dfY250PTImcF9zZWFyY2hfdGV4dD1zcGFtYXNzYXNzaW4mcF9wYWdlPTE*&p_li=
|
|Run every two or three weeks:
|
|   sa-learn --showdots --spam --mbox [your SPAM box]
|   sa-learn --showdots --ham --mbox [your other boxes]
|
|At the beginning is not perfect; the more you train the Bayesian filter,
|the better it gets. 
|
|Canek
|
|On Thu, 2004-01-29 at 21:49, lukas wrote:
|> Hi folks,
|> 
|> since I'm posting to this list, I receive more and more viruses every
|> day. A few minutes ago, I received a bounced virus-mail reputedly
|> sent by me.
|> I wan't to advert, that mails with my sender-address that are not
|> signed with my pgp-key are not originate from me!
|> What are your experiences with posting to this list and the amount
|> of viruses you get?
|> 
|> cu
|> 
|> lukas
|--
|You can rent this space for only $5 a week.
|

--
[EMAIL PROTECTED] mailing list

RE: [gentoo-user] viruses

[senectus]

As much as I hate to admit it..
I subscribe all my mail lists to the one account in hotmail.. and I setup
the built in anti spam.. and I nearly NEVER get spam.. If I do it's always
dumped into my junk folder..

I hate to admit it but hotmail rocks for my purposes..

-Original Message-
From: Collins Richey [mailto:[EMAIL PROTECTED] 
Sent: Friday, 30 January 2004 2:02 PM
To: [EMAIL PROTECTED]
Subject: Re: [gentoo-user] viruses

On Fri, 30 Jan 2004 04:49:36 +0100
lukas <[EMAIL PROTECTED]> wrote:

> Hi folks,
> 
> since I'm posting to this list, I receive more and more viruses every
> day. A few minutes ago, I received a bounced virus-mail reputedly
> sent by me.

I've been a subscriber for something like three years, including a few
resubscribes, and I've never associated any spam with this list.  A couple
of other lists, maybe.  However, most of the spam I get I can date to being
harvested more than a year ago (change in email address).

-- 
Collins - Denver Area - 
Gentoo stable kernel 2.6.2-rc1

--
[EMAIL PROTECTED] mailing list


--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[Collins Richey]

On Fri, 30 Jan 2004 04:49:36 +0100
lukas <[EMAIL PROTECTED]> wrote:

> Hi folks,
> 
> since I'm posting to this list, I receive more and more viruses every
> day. A few minutes ago, I received a bounced virus-mail reputedly
> sent by me.

I've been a subscriber for something like three years, including a few resubscribes, 
and I've never associated any spam with this list.  A couple of other lists, maybe.  
However, most of the spam I get I can date to being harvested more than a year ago 
(change in email address).

-- 
Collins - Denver Area - 
Gentoo stable kernel 2.6.2-rc1

--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[rd]

I *never* received spam before subscribing to this list!  Gentoo-User
list is great, don't get me wrong, but the spam was a *very* high price
to pay for the information

Now, use S/A and turn on all of the options like razor, etc.  I gets all
of my spam and no false positives.  S/A rocks!

-TJ

On Thu, 2004-01-29 at 21:49, lukas wrote:
> Hi folks,
> 
> since I'm posting to this list, I receive more and more viruses every
> day. A few minutes ago, I received a bounced virus-mail reputedly
> sent by me.
> I wan't to advert, that mails with my sender-address that are not
> signed with my pgp-key are not originate from me!
> What are your experiences with posting to this list and the amount
> of viruses you get?
> 
> cu
> 
> lukas
-- 
It is vital to remember that information is not knowledge; that
knowledge is not wisdom; and that wisdom is not foresight.
  - Arthur C Clarke


--
[EMAIL PROTECTED] mailing list

Re: [gentoo-user] viruses

[lukas]

On Friday 30 January 2004 05:02, Canek Peláez Valdés wrote:

> emerge Mail-SpamAssassin

I've already installed SpamAssassin and also amavis and a
scanner. The viruses don't harm my machine. They can only
confuse some other users which receive virus-mails pretending
that I was the sender.
It's sad that the internet is troubled by some weirdos who are
thinking that programming (or spreading) a virus is a real cool
thing.

cu

lukas

-- 
** PGP-key available on keyserver pgp.mit.edu **

3261 D27B D604 8B8A D6BF  74ED D0E8 99D7 D3B9 F7CE

Please don't sign your public mail unless your
PGP-key is available for everyone!




pgp0.pgp
Description: signature

Re: [gentoo-user] viruses

[Canek Peláez Valdés]

emerge Mail-SpamAssassin

Read

http://support.ximian.com/cgi-bin/ximian.cfg/php/enduser/std_adp.php?p_sid=bYySnE2h&p_lva=&p_faqid=329&p_created=1039628948&p_sp=cF9ncmlkc29ydD0mcF9yb3dfY250PTImcF9zZWFyY2hfdGV4dD1zcGFtYXNzYXNzaW4mcF9wYWdlPTE*&p_li=

Run every two or three weeks:

sa-learn --showdots --spam --mbox [your SPAM box]
sa-learn --showdots --ham --mbox [your other boxes]

At the beginning is not perfect; the more you train the Bayesian filter,
the better it gets. 

Canek

On Thu, 2004-01-29 at 21:49, lukas wrote:
> Hi folks,
> 
> since I'm posting to this list, I receive more and more viruses every
> day. A few minutes ago, I received a bounced virus-mail reputedly
> sent by me.
> I wan't to advert, that mails with my sender-address that are not
> signed with my pgp-key are not originate from me!
> What are your experiences with posting to this list and the amount
> of viruses you get?
> 
> cu
> 
> lukas
--
You can rent this space for only $5 a week.


signature.asc
Description: This is a digitally signed message part

[gentoo-user] viruses

[lukas]

Hi folks,

since I'm posting to this list, I receive more and more viruses every
day. A few minutes ago, I received a bounced virus-mail reputedly
sent by me.
I wan't to advert, that mails with my sender-address that are not
signed with my pgp-key are not originate from me!
What are your experiences with posting to this list and the amount
of viruses you get?

cu

lukas

-- 
** PGP-key available on keyserver pgp.mit.edu **

Please don't sign your public mail unless your
PGP-key is available for everyone!


pgp0.pgp
Description: signature