Archive of UserLand's first discussion group, started October 5, 1998.

Re: PS: Don't open email enclosures, ever.

Author:Dotan Dimet
Posted:5/5/2000; 8:40:45 AM
Topic:Virus from Manila
Msg #:16968 (In response to 16954)
Prev/Next:16967 / 16969

You're right, once someone double-clicked (opened) an attachment, it doesn't really matter what mail client you're using. If the attachement is a program or a script with an associated interpreter, it will run. The point here isn't the insecurity of a mail client, it's the vulnerability of the typical high-tech workplace: Everyone running the same platform (windows), with the same e-mail client (Outlook) open. Everyone has updated Microsoft products with WScript.exe, and the whole thing has a permenant connection to the internet. ILOVEYOU is a pretty lazy hack, done by a bored high-schooler. It looks like something put together by someone with little programming skill from some windows scripting host code samples. And it burned through my workplace like a brushfire. As far as opening attachements, the workplace is the worst offender, with everyone's pals sending them kewl pics, animations, screen savers and whatever. It's Bangkok without condoms, and any high schooler can cut and paste together a new HIV strain in the span of a lazy afternoon.

If there's someone who is left looking stupid after this virus it's Anitvirus software manufacturers. Their software is still looking for boot-sector parasites written by smart assembler hackers, but these are going extinct alongside the floppy disk. Programs that rely on lists of known viruses look ridicilous when the current windows monoculture let's script kiddies write killer worms in 10 minutes.


There are responses to this message:


This page was archived on 6/13/2001; 4:55:04 PM.

© Copyright 1998-2001 UserLand Software, Inc.