Re: VIRUS: Snow White got my email address

From: Michael M. Butler (butler@comp-lib.org)
Date: Sat Mar 03 2001 - 18:34:33 MST


Eugene.Leitl@lrz.uni-muenchen.de wrote:
>
> "Michael M. Butler" wrote:
> >
> > FYI to the list: it might be making the rounds again. Don't open .exe

> As to authentication by sender, that's bogus, as many worms send themselves
> on automatically, and morever, headers are easily forged, so ackphtphtphtpht.

I did not say "apparently from" or "having a header saying 'from:'"--I
said "from". But I should have worded it even more strongly: don't run
executables. :)

> I suggest using a mailer written in a buffer-overrun-free language, running
> on an OS with decent security, and accept only executables from a trusted
> source, as verified by having a good signature. Though a worm could snarf a
> PGP/GPG passphrase, that threat model is strictly theoretical.

In fact, I am putting FreeBSD on a machine this very weekend. If it
turns out to be fragile, I'll move to OpenBSD.

Mike



This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 08:06:12 MST