Let's see if this reasoning holds water. Imagine your favorite OS, suppose
that I send you
a .pl file (Perl Script). You then make the "mistake" of saving it to the
file system and then
proceed to running the script. What do you think that script can do?. What
will you have to do
to fix your problem?. This is completely analogous to changing the default
selection on the
"Do you want to run this document's macros" dialog from "NO" to "YES".
We have become a society of excuses people, nothing is our fault. It is
WE HAVE TO TAKE RESPONSIBILITY FOR OUR OWN ACTIONS!!!!!!!!!!!!
ps: if I made this stupid mistake, I will immediately check what macros are
included in the
forsaken document and delete them.
From: Doug Sauder [mailto:doug(_at_)broadsoft(_dot_)com]
Sent: Thursday, May 11, 2000 5:55 PM
To: Castro, Edison M. (PCA); ietf(_at_)ietf(_dot_)org
Subject: RE: VIRUS WARNING
From: Castro, Edison M. (PCA)
That is exactly the same way that all Windows virus work. As a Windows
user (as well as other OSes), I can say that people have to be
for their actions. Whenever you receive any Email attachment,
the only way
that attachment can produce any damage is if you run it.
At least in my copy of MS Word anytime I open a word document and it
any macros, Word readily ask me if I want to allow the macro to execute.
Not only that, this version of Word (2000) is configured to only
ask me when
a signed (with a certificate of a trusted party) macro is included.
Suppose you made the mistake of opening a Word document with a VBA (Visual
Basic for Applications) script virus. (I did this once and I am sharing a
real-life experience.) The VBA script turns off the option that disables
automatically running scripts. I kid you not! Next time you open a Word
document that contains a script, you won't be asked whether you want to run
it. If you go into the options settings and set the option to disable
running scripts, you have done nothing, because the virus script runs when
you close the document and turns the option back off again.
At least not allowing macros to disable the don't-run-macros option seems
reasonable to me, but it seemed to have escaped the engineers who created