![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
lostcarparkSeveral new variants of some of the fastest spreading computer viruses have recently appeared. The interesting thing about them is that they're avoiding email virus scanners by hiding in password protected Zip archives, with instructions to open them with the password specified in the body of the message.
Now you'd think that by now users should be suspicious of viruses in attachments, and if a random stranger sends you an encrypted, password protected Zip file asking you to open it, enter the password, and run the executable inside, you might think twice about it.
But if the amount of virus email I've been getting in the last couple of days is anything to go by, it would seem that the message still isn't getting through to an awful lot of users. Network managers and administrators have been trying to drum into their users "don't open attachments", but clearly when told to do something by an email message, far too many of us will blindly follow.
We can be critical of Microsoft for leaving holes in Windows, but in this case the blame falls solidly at the feet of users (and managers for not getting through to their users).
I'm sure it won't take virus scanners long to catch up, and will learn how to find passwords in message bodies, but until the end users learn not to trust anything in an email attachment, the virus writers will always have the advantage.
Now you'd think that by now users should be suspicious of viruses in attachments, and if a random stranger sends you an encrypted, password protected Zip file asking you to open it, enter the password, and run the executable inside, you might think twice about it.
But if the amount of virus email I've been getting in the last couple of days is anything to go by, it would seem that the message still isn't getting through to an awful lot of users. Network managers and administrators have been trying to drum into their users "don't open attachments", but clearly when told to do something by an email message, far too many of us will blindly follow.
We can be critical of Microsoft for leaving holes in Windows, but in this case the blame falls solidly at the feet of users (and managers for not getting through to their users).
I'm sure it won't take virus scanners long to catch up, and will learn how to find passwords in message bodies, but until the end users learn not to trust anything in an email attachment, the virus writers will always have the advantage.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2004-03-04 02:46 am (UTC)First of all, the biggest portion of blame rests with the virus writers. if there is a hell, I'm sure there is a particularly appropriate punishment being prepared for them.
Some of the blame must be shared by the architects of email, for not anticipating how it could be abused. But the internet was a very entity a quarter of a century ago, and it would be hard to anticipate these problems. Current efforts to prevent email address spoofing should go some way to preventing this, but will have an affect on the way we use the internet, since any of us who send email from a different location to where our domain is located are probably using address spoofing without realising it.
It's hard to blame the virus scanner writers. Password protected Zips are encrypted, so it's impossible to see inside them without the correct password. I'm sure they'll be quickly updated to look for that password in the message body, which will stem the flow until the virus writers find a new trick. However, having a scanner installed can lure people into a false sense of security. Scanners can only find things they know about, and new viruses spread so fast the scanners can't keep up. And unfortunately there are still too many people who practice "unsafe surfing".
Some of the blame definately rests with the software industry, largely for making things too easy. There was a time when to receive a binary by email you had to download the text from a bunch of messages (because a lot of servers couldn't handle messages over 64K), run them through a program called UUDecode (which was a command line utility), which produced the binary file. This was difficult enough that you had to have a good idea of what you were doing, and you had to have a good idea that it was going to be worth the effort.
It is definately the fault of the industry, whether it be publishers, retailers, network managers, support staff, or whoever the end user's point of contact with the industry is, that the message isn't getting through to the users. You're right, many users have difficulty understanding what attachments are, but the general message needs to be that email must be treated with suspicion until you're sure of the identity and intentions of the sender.
So the user is at the end of the chain, but they are a vital link in that chain. It is up to us to educate them, but as long as there are people who will open attachments without being sure of what they are, the virus writers will find new ways of spreading the seeds of their damaged minds.
no subject
Date: 2004-03-04 04:20 am (UTC)eg. If you get an email from someone you don't know, be suspicious of what it says. If you get an email from someone you know that doesn't sound like them, be suspicious(1). When in any doubt at all, ask someone who knows more than you do(2).
(1) None of the people I know ever email me with an attachment that says anything like "Your bill" or "Check this out!" - they address me first, usually, have some pleasantries, then tell me what is being attached, and sign their name. I expect in the future virus writers will get better at faking this kind of thing, but at the moment, it's a good acid test.
(2) Of course the danger here is that the people who know more than them actually don't know very much at all. I'm thinking of those friends of my mother's who "know everything about computers".
no subject
Date: 2004-03-04 04:33 am (UTC)I'm expecting that we'll get viruses soon that can read through your email folders and use its AI to write a convincing email in the style of the person it's immitating. Maybe I should make this post friends-only in case I'm giving virus-writers ideas.