On Wed, Jan 28, 2004 at 07:37:09PM -0800, [EMAIL PROTECTED] said:
>
> Scott Francis <[EMAIL PROTECTED]> wrote:
> > I've been wondering lately, after about 10 years of email worms spreading in
> > exactly the same manner with every incarnation ... why do you think people
> > haven't learned not to
On Fri, 30 Jan 2004, Iljitsch van Beijnum wrote:
> Actually IMO putting all their crap in their own dir is a feature
> rather than a bug. I really hate the way unix apps just put their stuff
> all over the place so it's an incredible pain to get rid of it again.
Putting all crap in the working
On 30-jan-04, at 7:20, Alexei Roudnev wrote:
Second problem is directory structure. In Unix, when I configure IDS
(osiris
or Tripwire or Intact), I can just be sure, that 'bin' and 'etc' and
'sbin'
and 'libexec' directories does not have any variable files - all
non-static
files are in /var (So
If I install code, I'd like to know, when installation is trying to make
_administrative_ change, explicitly - so that I have a chance to say YES or
NO. In Windows, it is not implemented in installations - you _must_ begin
installation as admin.
Another big problem is permission system and direct
In-line...
> Christopher Bird wrote:
> Please pardon my ignorance, but I am
> *mightily* confused.
>>> Vivien M. wrote:
>>> and ISTR one patch for Outlook 2000 that blocked
>>> your ability to save executables was released)
>> Michel Py wrote:
>> It default in Outlook XP and Outlook 2003, which
> [EMAIL PROTECTED] wrote:
> But, regardless, Win2K and WinXP do have restricted-user
> modes that tie this stuff down quite well. They tend to
> be used in corporate environments.
Indeed, and the one reason being that the last thing the IT staff wants
is users installing apps, because even if t
On Thu, 29 Jan 2004 07:41:20 -0500 (EST), you wrote:
>...
>When NTFS came out an ordinary user could not write the system directory
>tree Hence most users are running as Administrator or equivalent so that
>they can write into the system tree. This was a bad design decision by
>MS _and_ applicat
Christopher Bird wrote:
> Please pardon my ignorance, but I am *mightily* confused.
> In a message from Michel Py is the following:
>
>>
>>
>>> and ISTR one patch for Outlook 2000 that blocked
>>> your ability to save executables was released)
>>
>> It default in Outlook XP and Outlook 2003, whic
Please pardon my ignorance, but I am *mightily* confused.
In a message from Michel Py is the following:
>
>
> > and ISTR one patch for Outlook 2000 that blocked
> > your ability to save executables was released)
>
> It default in Outlook XP and Outlook 2003, which has prompted large
> numbers
On Wed, 28 Jan 2004, Alexei Roudnev wrote:
>
>
> >
> > Most Windows boxes are running with administrative privledges. That makes
> > Windows a willing accomplice. The issue isn't that people click on
> > attachments, but that there are no built in safeguards from what happens
> > next.
> Thi
>
> Most Windows boxes are running with administrative privledges. That makes
> Windows a willing accomplice. The issue isn't that people click on
> attachments, but that there are no built in safeguards from what happens
> next.
This is problem #1. Unfortunately, Windose is too complex and hav
> I suspect the skill set/clue of RH users is at least an order
> higher that windows users.
really, based on experience that would be surprising, rh is now so easy to get
and install, securing it is still problematic for most users
> The main problem I see is many e-mail readers default to hav
> Vivien M. wrote:
> Someone made the argument to me privately that the
> problem is that MS lets you run attachments from
> Outlook, while other clients would require you to
> save the files to disk. That's not a solution: if
> these people are like my parents used to be, they'd
> dutifully save
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Roger Marquis
> Sent: January 28, 2004 11:31 PM
> To: [EMAIL PROTECTED]
> Subject: RE: in case nobody else noticed it, there was a mail
> worm released today
>
> >
On Wed, 28 Jan 2004, Vivien M. wrote:
> And, care to tell me why, as someone else pointed out, if I were to switch
> to Evolution on your random GNU/Linux distribution, someone couldn't write a
> similar worm.
Rhetorical questions illustrate a lack of technical rational, thanks.
But do re-read th
At 11:05 PM 1/28/2004 -0500, Vivien M. wrote:
Let me put it this way: if you know one bank has 100 million dollars in the
vault, and another has 5000 dollars, wouldn't you expect most of the bank
robbers to focus on robbing the first bank, irrelevant of whether the first
bank's fault is better prot
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Roger Marquis
> Sent: January 28, 2004 10:37 PM
> To: [EMAIL PROTECTED]
> Subject: Re: in case nobody else noticed it, there was a mail
> worm released today
>
>
>
Scott Francis <[EMAIL PROTECTED]> wrote:
> I've been wondering lately, after about 10 years of email worms spreading in
> exactly the same manner with every incarnation ... why do you think people
> haven't learned not to open unexpected attachments yet?
Blaming it on end users is one way to look
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> james
> Sent: Wednesday, January 28, 2004 4:02 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Misplaced flamewar... WAS: RE: in case nobody else noticed
> it, there was
: What's that got to do with today?
I might be reaching here, but I understand some people never upgrade or patch.
>>: Also, for reference to other people - the preview pane does *not*
>>allow
>>: the execution of attachments unless they're double-clicked on and
>>: acknowledged. Again - we're not talking about another OS or Outlook
>>: exploit, only a stupid user exploit.
>The "feature" has been fixed but
: Also, for reference to other people - the preview pane does *not* allow
: the execution of attachments unless they're double-clicked on and
: acknowledged. Again - we're not talking about another OS or Outlook
: exploit, only a stupid user exploit.
The "feature" has been fixed but it **did** a
On Wednesday 28 January 2004 08:37, Dave Temkin wrote:
>> So? Had the virii been an application compiled for RedHat and
>> everyone ran RedHat instead of Windows and they downloaded it using
>> Evolution and double clicked on it, it would suddenly be RH's fault
>> instead of MIcrosoft's?
>If Re
Unfortunately, Microsoft products seem to have a default which is set to hide
file extensions and to make it very difficult to see 'multiple extensions' like
the '.doc.pif' in the current worm, it is somewhat easier to dress
a vampire in gerbil clothing in these systems than in others.
--
-=[L]=
On Wed, Jan 28, 2004 at 12:07:36PM -0500, Patrick W.Gilmore said something to the
effect of:
>
> On Jan 28, 2004, at 11:56 AM, james wrote:
> Not sure why that is the case. Web browsers know better than to
> execute things, or at least to execute them in a sandbox, and there
> seems to be muc
RedHAT do not allow to run an attachment, even if attachment wish to be
runned - it uses 'x' flag which is not attachment's attribute. Linus useers
are niot Administrator's, so virus can not infect the whole system,... Etc
etc
(Why RedHAT? It is the worst Lunux amongs all. Use SuSe or Mandrak
On Jan 28, 2004, at 11:56 AM, james wrote:
: So? Had the virii been an application compiled for RedHat and
: everyone ran RedHat instead of Windows and they downloaded it using
: Evolution and double clicked on it, it would suddenly be RH's fault
: instead of MIcrosoft's?
I suspect the skill set/
It's not completely the fault of anything except the end-user. It's like
the Jimmy Buffet song says:
Evolution is mean, there's no dumbass vaccine
scott
On Wed, 28 Jan 2004, Dave Temkin wrote:
: >>> : They rate of it is quite surprising. By the description, the trick
: >>>
: So? Had the virii been an application compiled for RedHat and
: everyone ran RedHat instead of Windows and they downloaded it using
: Evolution and double clicked on it, it would suddenly be RH's fault
: instead of MIcrosoft's?
I suspect the skill set/clue of RH users is at least an order
hig
Dave Temkin wrote:
So? Had the virii been an application compiled for RedHat and
everyone ran RedHat instead of Windows and they downloaded it using
Evolution and double clicked on it, it would suddenly be RH's fault
instead of MIcrosoft's? Or is it sendmail's fault because it was
listening on p
>>>
>>>
>>>
>>> : They rate of it is quite surprising. By the description, the trick
>>> /
>>> : method of infection does not seem all that different than past worms
>>> : viri. Makes me wonder how many people in a room would reach into
>>their
>>> : purse/pocket on hearing, "Wallet inspector"
At 07:17 AM 1/28/2004 -0800, Scott Francis wrote:
I've been wondering lately, after about 10 years of email worms spreading in
exactly the same manner with every incarnation ... why do you think people
haven't learned not to open unexpected attachments yet? It would seem to me
that even the most cl
Anyone heard/seen press coverage that labeled it "A Microsoft worm"
vice "computer worm.."???
NPR, nyet; pcworld.com, nyet; NYT, nyet.
WashPost buried it 75% of the way in:
The virus was written to run on Windows software, and the
worm could not be launched by users of other ope
>I've been wondering lately, after about 10 years of email worms spreading in
>exactly the same manner with every incarnation ... why do you think people
>haven't learned not to open unexpected attachments yet? It would seem to me
>that even the most clueless user would modify his/her behavior aft
On Mon, Jan 26, 2004 at 09:00:40PM -0500, [EMAIL PROTECTED] said:
>
>
> We are seeing 2 wide spread worms right now, mydoom and dumaru.*
>
> NAI has info at
>
> http://vil.nai.com/vil/content/v_100983.htm
>
> and
>
> http://vil.nai.com/vil/content/v_100980.htm
>
> They rate of it is quite su
>
>
>
> : They rate of it is quite surprising. By the description, the trick /
> : method of infection does not seem all that different than past worms
> : viri. Makes me wonder how many people in a room would reach into their
> : purse/pocket on hearing, "Wallet inspector"
>
>
> Every sin
: They rate of it is quite surprising. By the description, the trick /
: method of infection does not seem all that different than past worms
: viri. Makes me wonder how many people in a room would reach into their
: purse/pocket on hearing, "Wallet inspector"
Every single person that still
> This lovely little worm will start beating on the door at www.sco.com come
> Feb 1/04. Interesting huh?
Wonder if we should all be proactive to prevent the DoS attack,
and drop the A records for www.sco.com now? Just in case any
customers' clocks are set forward ;-)
This virus, so far, has be
This lovely little worm will start beating on the door at www.sco.com come
Feb 1/04. Interesting huh?
At 09:01 PM 26/01/2004 -0500, Wojtek Zlobicki wrote:
The worm is being talked about on news.com and all the major virus vendors
already have advisories on their websites. The worm in my case mas
The worm is being talked about on news.com and all the major virus vendors
already have advisories on their websites. The worm in my case masqueraded
as a Mailer Daemon bounce. Source email address appeared to be valid and
matching a domain of a website I visited recently (but have not for a long
We are seeing 2 wide spread worms right now, mydoom and dumaru.*
NAI has info at
http://vil.nai.com/vil/content/v_100983.htm
and
http://vil.nai.com/vil/content/v_100980.htm
They rate of it is quite surprising. By the description, the trick /
method of infection does not seem all that diff
Paul Vixie [1/27/2004 7:22 AM] :
my copies (500 or so, before i filtered) are in a ~7MB gzip'd mailbox file
called http://sa.vix.com/~vixie/mailworm.mbox.gz (plz don't fetch that unless
you need it for comparison or analysis). there's a high degree of splay in
the smtp/tcp peer address, and the
42 matches
Mail list logo