At 8:55 AM -0600 7/26/01, Daniel J. Mitchell wrote:
I was of the understanding that those poor individuals using
Micro$oft-supplied email-programs were suffering from the
fact that said
program (as of factory default) would execute attachments when
opening the mail - without the user explicitly accessing the
attachment?
Nope, not so. Any time the attachment has been run, it's because a user has
launched it.
This is not quite true. Among the security problems typical of MSFT programs
is the fact that the default settings are generally to open attachments,
run executables etc automatically. This makes things marginally easier for
unsophisticated users, who would otherwise have to take extra steps to see
that picture of aunt ethel, but it makes the software easier a much easier
target for malicious code.
The reason Outlook can be exploited to send mail like this is because it
provides more functionality than most mailers. If you use a bare-bones
mailer like (say) pine, the chances of having issues with this sort of virus
are smaller. Not, by any means, impossible -- it would be easy enough to
write a pine virus (executable-in-disguise, same as with Outlook; open
.pinerc, find the addressbook, open a socket, send mail out to everyone
containing your executable).
Also not true. Although a mail program such as pine (or heavens, even elm)
can easily be scripted, its default configurations (not to blindly run/open
anything that comes in) and the default configurations of the systems it
typically runs on (not to let any random piece of code have access to any
file it wants) make virus/worm propagation much more difficult. (Those
default settings have been honed by 20 years of experience, most of which
our big brother in bellevue has ignored.)
paul
--
Paul Wallich pw@xxxxxxxxx
< This message was delivered via the Olympus Mailing List >
< For questions, mailto:owner-olympus@xxxxxxxxxxxxxxx >
< Web Page: http://Zuiko.sls.bc.ca/swright/olympuslist.html >
|