Re: Press reports regarding "SB/BadBunny-A" virus

On Tue, May 29, 2007 at 07:33:04 +0800,
Ed Greshko <Ed.Greshko@xxxxxxxxxxx> wrote:
D. Hugh Redelmeier wrote:

| However, the OpenOffice.org community repeats the consistent message from
| security experts that users should never accept files from unknown
| sources.

That is silly advice.

Not really. I think the wording should be modified to read "never accept or
open files unless they are coming from a trusted source". Where "trusted"
means you know the person who sent you the file and you know it came from
that person.

And how do you tell that? Viruses pretend to be sent by people you know
as one of their tricks for replication. Are you suggesting you call someone
back on the phone (or email) to confirm every document that was sent to you?

1. dangerous things can come (or appear to come) from known sources.

Only if the recipient is careless. If you get an email from someone that
you know but it is forged you should be able to detect by the content of the
message if it was indeed sent by that person.

And how do you propose to do that? Have a secret nonstandard handshake
that you use with every correspondant? Viruses are capable of send email
from a person's normal email account and attaching themselves to a generic
text message. While these should raise suspicion, for many people these
seem fairly normal.

All I know is that if someone I know appears to have sent me an email with
an attachment and a quick message saying "Hey, check this out." my guard
would be raised immediately and I'd verify before opening. If they wrote
more than "Hey, check this out." I'm confident the bogus sender would not be
able to mimic the sender I know.

Perhaps. Right now they are picking up the low hanging fruit. If viruses
start looking at saved email messages they might be able to do significantly
better.

I also know that I rarely open attachments from certain folks that I do know
and do trust since the attachments they send are forwarded from untrusted
sources. But, since I know the person, I trust they are careless. :-)

I prefer to trust that mail document viewer isn't going to screw me over.
Once upon a time this kind of misfeature was considered a bug. Though
some unix based document viewers have had these misfeatures in the past (e.g.
tex/latex and vi).

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Loading