[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mutt-users
Subject:    OT: Re: virus
From:       Jan Johansson <janj () wenf ! org>
Date:       2001-03-15 8:10:41
[Download RAW message or body]

On Mon, Mar 12, 2001 at 03:22:58PM +0100, Kai Blin wrote:
>On Wed, 7 Mar 2001, Jan Johansson wrote:
>
>Well, I usually say email is safe and I'm 18, so come on... but,
>on the other hand, you can say email is safe for me (with
>mutt/pine/whatever) because I'm smart enough. This email
>attachment stuff seems like computer darwinism to me :)

pine has problems, I can not find the advisory in the bugtraq
archive now but if I am not misstaken there was something with
executing local code when sending "badly" formatted attachments.
I know there are about 4000 printf bugs waiting to happen.

>> Default is to hide the file extension so that we also get the
>> nice problem of sexygirl.jpg.vbs, is it a nice girl or a
>> virus?
>
>Eudora tells you (or used to tell you, didnt use it for a while)
>that where it saved the file with the full path and name,
>doesn't it?

How about http://www.securityfocus.com/archive/1/12915.

>Anyway, I don't think a luser would refrain opening a file
>called sexygirl.jpg.vbs if a friend of his sent it and said it
>was a nice picture, would he?

Lusers click on anything that is clickable without reading
warnings.


-- 
"OpenBSD put me out of business." - retired cracker

[prev in list] [next in list] [prev in thread] [next in thread]