Re: Press reports regarding "SB/BadBunny-A" virus



D. Hugh Redelmeier wrote:

| However, the OpenOffice.org community repeats the consistent message from
| security experts that users should never accept files from unknown
| sources.

That is silly advice.

Not really. I think the wording should be modified to read "never accept or
open files unless they are coming from a trusted source". Where "trusted"
means you know the person who sent you the file and you know it came from
that person.

1. dangerous things can come (or appear to come) from known sources.

Only if the recipient is careless. If you get an email from someone that
you know but it is forged you should be able to detect by the content of the
message if it was indeed sent by that person.

All I know is that if someone I know appears to have sent me an email with
an attachment and a quick message saying "Hey, check this out." my guard
would be raised immediately and I'd verify before opening. If they wrote
more than "Hey, check this out." I'm confident the bogus sender would not be
able to mimic the sender I know.

I also know that I rarely open attachments from certain folks that I do know
and do trust since the attachments they send are forwarded from untrusted
sources. But, since I know the person, I trust they are careless. :-)

2. it is common practice to share files and there are good reasons to
do so. (This is more useful than any macro capability.)

I don't think that has much to do with the advice given.

It would appear that the advice is only given to attempt to duck
responsibility.

Not really. It is more of an admission that software cannot be trusted to
be 100% bug free and the brains behind the keyboard should be exercised from
time to time.

The right fix is to the macro feature of Open Office.

Find a bug, fix the bug.

I seem to remember that this kind of vulnerability was observed and
eliminated from troff over 20 years ago.



--
The surest protection against temptation is cowardice.
-- Mark Twain

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list