Security Incidents mailing list archives
Re: Novarg
From: "Jonathan A. Zdziarski" <jonathan () nuclearelephant com>
Date: Wed, 28 Jan 2004 17:38:00 -0500
I completely agree that email clients should never allow you to run vulnerable software, but even if this were never an issue there would be some other way a dumb user could screw up their system by running something they're not supposed to. There are always going to be trojans in one form or another that rely on this form of "social engineering" to propogate, and as long as users remain dumb they will continue to spread. My wife runs a Windows machine (against my wishes) and has not suffered from a single one of these huge email distributions...not because of the virus software (which is rarely updated in time) or because she didn't get thousands of Sobig.F or MyDoom emails, but because she was smart enough not to open the files. She also doesn't use cheezy passwords or run questionable software which are two other ways dumb employees manage to open up their systems. Education and actual security are both important... I believe common sense and education win out in the case of a trojan though. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Novarg sloppy seconds (Jan 28)
- Re: Novarg Jonathan A. Zdziarski (Jan 28)
- Re: Novarg James Riden (Jan 28)
- Re: Novarg Jim Zajkowski (Jan 28)
- Re: Novarg Nick FitzGerald (Jan 29)
- Re: Novarg Greg A. Woods (Jan 28)
- Re: Novarg Jonathan A. Zdziarski (Jan 28)
- best defense (was: Re: Novarg Meritt James (Jan 29)
- Re: best defense (was: Re: Novarg Greg A. Woods (Jan 30)
- Re: Novarg Matt Curtin (Jan 30)
- Re: Novarg Matt Curtin (Jan 29)
- Re: Novarg Jonathan A. Zdziarski (Jan 28)
- RE: Novarg - Stopping .Zip Files Tom Milliner (Jan 28)
- Re: Novarg - Stopping .Zip Files Keith W. McCammon (Jan 28)
- Re: Novarg - Stopping .Zip Files Alvin Mills (Jan 30)
- RE: Novarg - Stopping .Zip Files jamesworld (Jan 28)
- Re: Novarg - Stopping .Zip Files Bill Pennington (Jan 28)
- RE: Novarg - Stopping .Zip Files Timmothy Posey (Jan 30)
- Re: Novarg - Stopping .Zip Files Keith W. McCammon (Jan 28)