Secure Coding mailing list archives
Re: User Education Tool?
From: Dave Aronson <securecoding () dja mailme org>
Date: Thu, 04 Mar 2004 22:30:19 +0000
On Thu March 4 2004 10:17, Andreas Saurwein wrote:
Now, doing something really flashy like creating an virus like application as follows: * it is sent as zipped attachment * when opened, it brings a huge, clear message, that the user would now have been infected with a virus. A short, understandable message explaining why and how to avoid it would be appropriate. * it asks the user for permission to forward itself to the users contacts, to help spreading the education. Would that still classify as virus? Or would that pass as something else? Would a measure like this be of any success? What other measure could reach the critical user groups?
Those of us who receive viri, or bounce-reports alleging that we sent one, are in the addressbooks of lusers who open viri. Don't subject us to more of this $#!^ than we already are. Remove the "may I spam your friends" aspect, asking them instead to manually forward it to any of their friends that they think could use the education, and it might be tolerable. Either way (especially if the manual forwarding is done with the help of pulling up the contact list), you can bet some jackass will attach a malicious payload, probably triggered right *after* you spread it. So much for being able to treat it as innocent. Find a way to substitute, for the whole mess, an arm coming out of the computer and bitchslapping the idiot silly while calling his attention to how incredibly stupid he has just been, and you've got something. B-) -- Dave Aronson, Senior Software Engineer, Secure Software Inc. Email me at: work (D0T) 2004 (@T) dja (D0T) mailme (D0T) org (Opinions above NOT those of securesw.com unless so stated!) WE'RE HIRING developers, auditors, and VP of Prof. Services.
Current thread:
- User Education Tool? Andreas Saurwein (Mar 04)
- Re: User Education Tool? Dave Aronson (Mar 04)
- Re: User Education Tool? Andreas Saurwein (Mar 04)
- Re: User Education Tool? Dave Aronson (Mar 05)
- Re: User Education Tool? Andreas Saurwein (Mar 04)
- Re: User Education Tool? George Capehart (Mar 04)
- Re: User Education Tool? Dave Aronson (Mar 04)