Yeah, I'd think that is pretty lame that a virus scanner would just parse text in an email and declare the "sky is falling" and not actually look for a documented signature. -b On Wed, 2004-03-24 at 20:59, Paul Schmehl wrote: > --On Wednesday, March 24, 2004 4:06 PM -0500 Valdis.Kletnieks@xxxxxx wrote: > > > > *yawn* So some bozo who reads full-disclosure has a virus, and it scraped > > the listname and Paul's name. Death of Internet Predicted. Film at 11. > > False assumption. No one on this list has to be infected for this list to > get a virus. All it takes is someone who is infected and has the email > address of a list member on their hard drive - in an addressbook, in their > browser cache, in a text file they saved from a website, and the virus can > send email "from" them. Then all that is left is to have the address of > the list as well, and the virus can send mail to the list. > > However, in this case, *I* sent the "virus". I had the word "t e x t . p i > f" in the body of my message (without the spaces, of course), and the > poorly configured AV scanners "detected" a virus. > > If you give that some brief thought, it should appall you that people > actually *paid* for that software when grep could do the same thing. > > Paul Schmehl (pauls@xxxxxxxxxxxx) > Adjunct Information Security Officer > The University of Texas at Dallas > AVIEN Founding Member > http://www.utdallas.edu > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html -- "Save yourself from the 'Gates' of hell, use Linux." -- The_Kind @ LinuxNet
Attachment:
signature.asc
Description: This is a digitally signed message part