RE: Email

["Jos Osborne" <Jos () meltemi co uk>]

> ok ... the click click social engineering vulnerable
> operating system everone seems to target... isnt it
> file extension based ? .... very explotable ...but
> also quite simple to change the extension 
>
> why isnt a "defanger" standard on all mail gateways ?
>
> guess im just not exposed to stupid on a corporate
> scale

Most ISP's wouldn't touch the concept of being responsible for their client's e-mail security with a 10' barge pole. 
Apart from the obvious technical issues - they'd need an AV scanner to check the mail that would have to be capable of 
dealing with serious volumes - there are also issues of liability if anything doesn't work (I'm thinking along the 
lines of the medical court cases that have come up where doctors have been sued for not using the most advanced 
equipment that existed regardless of whether they actually had that equipment available at the time).
Add to this privacy issues - they have to open up the e-mail to scan it - and you end up with a fairly horrible problem.

Security from viruses is a many-layered problem. As regards the current outbreak, we haven't been hit because :

a) I found out about it from several sources early on and uploaded new AV signatures immediately

b) the one copy that came through in a format not recognised by our AV was caught by a user who actually listened to my 
monthly warnings about strange attachments from people you don't know, who forwarded it on to me for checking. Within 1 
hr of my confirming that it was the virus the MD had sent an e-mail around reminding everyone about virus safety.

"Corporate Stupidity" is usually just common human laziness compounded by a reluctance to take responsibility for 
things.

Jos

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html