Re: Are We Addressing Cyber Crime Backwards



Karl Levinson wrote:


"Imhotep" <imhotep@xxxxxxxxxx> wrote in message
news:_qOdnSQLWqlbnfvZRVn-gg@xxxxxxxxxxxxxxx

Those viruses almost never come from people you know.

Bull "cookies". They come from anyone who is infected. It could be your
wife, a co-worker, a work mate or an old friend. A lot of those viruses
just simply look at your addressbook and send to everyone in it....

Most email viruses, both of these included, forge the from: address. If
it did come from a friend of yours, you'd never know it.

What kind of "security expert" double-clicks on a .BAT or .ZIP file
attached
to an undeliverable error message that begins "Dear user?" And then
when

1) Where in the article does it say that she killed on a ".bat" file?

Based on the knowledge of how these two email viruses work. I can almost
see clicking on a ZIP file, if the text of the email was not too absurd.
Even then, I can't see an expert security author of ten years doing so
without antivirus installed, then shrugging and going about her business
when nothing happens.

2) Your are missing my point. Ask yourself something. Why couldn't a
mature
OS defend against a virus sent via email?

Any OS with antivirus does. The XP SP2 AES attachment feature does as
well. But no OS is going to prevent you from running a .ZIP file, nor
should it.

I am not talking about the OS preventing the zip/gzip file. I am saying why
should an email application have the ability to shell out and run an
executable that was sent as an attachment. There is not reason for this....

3) Why is it that people like you, consistently blame the users for the
shortcomings of Microsoft products. This is an overused excuse that has
become quite lame....

Windows does exactly what the user tells it to do so. You want Windows to
read the email, figure out whether it is real or fake, and then prevent
the user from opening it, with 100% accuracy?

Not what I am saying. Read my last paragraph...

As I understand it, the main reason why *nix doesn't get infected with
viruses is because you can't double-click to launch email attachments
based
on file extension, you have to save them to disk first. This may be
effective, but it's hardly advanced virus protection. It's probably also
the reason why most homes and businesses in America run Windows and not
*nix.

Not true. First we are talking about email applications not operating
systems. Every email application is different. I use kmail. In kmail you
can send me whatever file you want (even ms file type like .doc, etc) and I
cna click on it and go. However, if you send me a executable it will not
shell out and run the executeable. In other words attachments are input to
other programs but not used as input into a shell. This is they way that it
should be done. Attachments are viewed as data NOT executibles!!!!

One legitimate complaint about Windows that leads to its insecurity is the
magic file type feature, where a virus author can rename a .COM or .WMF
file to .BAT or .PIF or .GIF and it still executes, regardless of the
extension
and the icon being shown to the user. Another one is the feature that
hides file extensions and MIME types from the user, but uses them when
making decisions about executing files.

Absolutely.

But at the same time, software like IE is in some ways coded far more
securely than all other browsers [for example, in its ability to resist
unexpectedly mangled HTML code like the one used by download.ject], and
yet
IE's security suffers by being the most desirable target for attacks. The
point is, even when Microsoft does things right and codes things securely,
people don't notice the thousands of exploits that failed, just the ones
that succeeded.

Well, disagree with you here. IE has been a troubled and neglected product
for years....I certainly would not use it or advise other people to use it.

Second, since the majority of viruses are a Microsoft problem, this
conversation is NOT off topic.

There is a separate newsgroup for viruses. Once again, this newsgroup is
for Microsoft customers seeking help. Most of the people you're talking
to
[including myself] don't work for Microsoft and are here donating their
evenings and weekends to help people. You're not getting through to
Microsoft, or to Microsoft users by posting this stuff here.

I am not trying to get through to MS but, you seem to have *NOT* replied to
my statement! That is ok, we all know that truth even if you choose to
ignore it!

-- Imhotep
.