funsec mailing list archives
RE: RE: funsec Office 2007 has 0 security issues
From: "David Harley" <david.a.harley () gmail com>
Date: Tue, 10 Apr 2007 15:38:26 +0100
I'm actually not convinced that the encrypted zip file technique was ever very successful. There's no way to prove it was. All those worms sent out in this way were also sent out in unencrypted form.
Depends on your definition of success. If anyone ever sent out a mass mailer with the intention of making life difficult for system managers, encrypted zips helped them no end. :-/
I've asked the malware companies about this over the years and never got an answer, and I think it's because they don't know, and they can't know.
That's probably right. Almost by definition, computer users who fall into the malicious attachment trap will be an unreliable source of info, and it would be painful harvesting that info automagically. One thought occurs to me: we - or at any rate I - see comparatively little zip encryption with current mailborne malware. If this matches what people like Nick who are far more hands-on than I are seeing, it suggests that the current crop of malware authors agree with you. -- David Harley Security Author/Editor/Consultant, Antivirus Researcher Small Blue-Green World dharley () smallblue-greenworld co uk New botnet book: http://www.syngress.com/catalog/?pid=4270 Security Bibliography: http://www.smallblue-greenworld.co.uk/pages/bibliography.html Articles: http://watersidesyndication.com/inbusiness/; http://dharley.wordpress.com/
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: funsec Office 2007 has 0 security issues Randall M (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues Richard M. Smith (Apr 10)
- Re: RE: funsec Office 2007 has 0 security issues Valdis . Kletnieks (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues Richard M. Smith (Apr 10)
- Re: RE: funsec Office 2007 has 0 security issues Florian Weimer (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues Larry Seltzer (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues Nick FitzGerald (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues David Harley (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues Larry Seltzer (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues David Harley (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues Nick FitzGerald (Apr 11)
- RE: RE: funsec Office 2007 has 0 security issues Larry Seltzer (Apr 12)
- RE: RE: funsec Office 2007 has 0 security issues Richard M. Smith (Apr 12)
- RE: RE: funsec Office 2007 has 0 security issues David Harley (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues Valdis . Kletnieks (Apr 13)
- RE: RE: funsec Office 2007 has 0 security issues David Harley (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues Valdis . Kletnieks (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues Richard M. Smith (Apr 10)
- Message not available
- RE: RE: funsec Office 2007 has 0 security issues David Harley (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues der Mouse (Apr 13)