Re: DHL Trojan email
- From: Geoff <geoff@xxxxxxxxxxxxxxx>
- Date: Mon, 26 Apr 2010 16:42:27 -0700
On Mon, 26 Apr 2010 19:25:47 GMT, sfdavidkaye2@xxxxxxxxx (David Kaye)
"Daniel" <noone@xxxxxxxxxxx> wrote:
I just received an email from someone that said it was from
DHL but it contained a Trojan, why did Windows Security Essentials not pick
What is a trojan? A trojan is software that pretends to be something else.
For instance, Weather Bug pretends to give you the weather, but when, for
instance, you enter "Miami" for the Miami weather, you begin getting pop-ups
for hotels in Miami when your browser is open. What they're doing is selling
you stuff under the guise of giving you a weather gadget. So, technically
Weather Bug is a trojan. But most people wouldn't call it a trojan. They'd
just call it annoying.
The problem with trojans is one of social engineering. How do you qualify
what a trojan is if the result is something you may want, even if it's not
portrayed that way?
Another point is that all A-V scanners that depend on definition files
are reactive in nature and always lag behind the threats. New threats
must be suspected, forwarded, analyzed and confirmed before the new
definitions can be propagated. Then you have embarrassing debacles
like the recent McAfee definitions file that caused systems to go into
endless reboot because someone didn't validate the def files properly.
For all A-V systems of this nature you are going to have a window of
vulnerability where a new threat (a zero-day threat) can exploit
unprepared systems. This is why the argument still rages between the
ease-of-use camp and the security-first camp.
Windows CAN be properly secured but it takes some work and some skill
to get it done. Then you have to deal with basic user accounts vs.
running as administrator and all the configuration problems that go
with installing and maintaining programs. Microsoft has decided to
take an incremental approach and move users and developers into the
security-first camp slowly by "evolving" Windows. I can't say I agree
with this, sometimes it's better to just rip that Band-Aid off and get
the pain over with quickly.
I must say I prefer the way OS X / Linux does it. One is running in
user mode by default. When it comes to installation of a new
application you must give the root password to become SU, then the
installation proceeds under that higher privilege. And it is very
clear that you are entering a new level, one you should be conscious
of since if you are suddenly asked for a password that you didn't
deliberately initiate you had better not give it. It also keeps the
kids out of the system if you don't give them the root password and
you "administer" their accounts for them.
I good friend of mine was constantly fixing his PC at home because he
was too lazy to set up individual accounts for his daughters and wife
on their XP system and they kept installing crapware.
- Re: DHL Trojan email
- From: John
- Re: DHL Trojan email
- Prev by Date: Re: Has David Kaye the expertise to check?
- Next by Date: Re: Has David Kaye the expertise to check?
- Previous by thread: Re: DHL Trojan email
- Next by thread: Re: DHL Trojan email