ietf-smtp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: MyDoom, Sorbig - Actions taken?

2004-02-04 22:26:18
from [Hector Santos] [Permanent Link] 

hmmmmmm,

I understand 100% the attachments issue,  the  "passing executables."   And
I too believe it was UNETHICAL for the "microsofts" of the world to
introduce OLE automation in the name of "feature integration" as well as the
old unix wienies of the past to allow for automa of "data" execution, sort
of like the espilon of APL or LISP where interpreted DATA turns into CODE,
etc.

But that is all besides the point.  If people here (who seem to have a
strong will over what is done or said) really honestly believe there is SMTP
can't help, and the adhering to MIME is the only anwser,  there will never
be a solution.

It is not only about the USER or the SOFTWARE on his end.   UUENCODING was
around for nearly 20+ years, certainly many years before MIME came along.
So it not only about MIME.  Thats just a way to pass the attachments with
much more definition of course, that can help identification.  But isn't the
issue.

Part of the problem and THUS the reason, the Microsoft and the SCO have
$500,000 bounties on the culprits, is the transport system allows for it to
propagate via an exploitation of SMTP's weaknesses.

-- 
Hector Santos, Santronics Software, Inc.
http://www.santronics.com





----- Original Message ----- 
From: <Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu>
To: "Hector Santos" <winserver(_dot_)support(_at_)winserver(_dot_)com>
Cc: <moore(_at_)cs(_dot_)utk(_dot_)edu>; <ietf-smtp(_at_)imc(_dot_)org>
Sent: Wednesday, February 04, 2004 11:27 PM
Subject: Re: MyDoom, Sorbig - Actions taken?

On Wed, 04 Feb 2004 22:39:53 EST, Hector Santos
<winserver(_dot_)support(_at_)winserver(_dot_)com>  said:


I guess the lack of response means people don't feel this is a problem

SMTP

could help address?


What would help this (and a lot of other security issues) a lot more is
if certain vendors actually paid attention to all the warnings about
transporting active content in e-mail ever since RFC1341 came out like
12 years ago.

Your proposal doesn't really do any good - consider that it's quite
possible for a virus to get loose on an Exchange server and ruin several
thousand people's days without ever going anywhere near SMTP (remember
that some are multi-vector, so all it takes is one Exchange user on Kazaa..)

Putting warts onto one protocol because one vendor can't get another
protocol
right is a highly questionable practice at best.  It's the moral equivalent
of reducing the speed limit to 30 on all the interstates because one tire
company had trouble making tires that didn't have the threads fall off at
higher speeds.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: MyDoom, Sorbig - Actions taken?, Hector Santos
Next by Date:  Re: MyDoom, Sorbig - Actions taken?, Keith Moore
Previous by Thread:  Re: MyDoom, Sorbig - Actions taken?, Valdis . Kletnieks
Next by Thread:  Re: MyDoom, Sorbig - Actions taken?, Keith Moore
Indexes:  [Date] [Thread] [Top] [All Lists]