RE: VIRUS WARNING

That is exactly the same way that all Windows virus work. As a Windows 
user (as well as other OSes), I can say that people have to be responsible 
for their actions.  Whenever you receive any Email attachment, the only way
that attachment can produce any damage is if you run it.

At least in my copy of MS Word anytime I open a word document and it
contains
any macros, Word readily ask me if I want to allow the macro to execute. 
Not only that, this version of Word (2000) is configured to only ask me when
a signed (with a certificate of a trusted party) macro is included.

-----Original Message-----
From: Steven M. Bellovin [mailto:smb(_at_)research(_dot_)att(_dot_)com]
Sent: Thursday, May 11, 2000 7:40 AM
To: Stef(_at_)NMA(_dot_)COM
Cc: Brant Knudson; ietf(_at_)ietf(_dot_)org
Subject: Re: VIRUS WARNING


In message <13901(_dot_)958019788(_at_)nma(_dot_)com>, Einar Stefferud writes:


The first of these "worm/virus/addressbookmailers" was the IBM PROFS
"Chrismas Card" caper that occurred some time in the early 1990's,
long before MS willfully adopted the design.


It was in December, 1987.


Seems to me that this beloved "feature" (giving root privs to random
EMail messages) should (by now) now be fully discredited, and should
be destined for extinction, if only the customers will accept its
disappearance in trade for an absence of a continuing flood of these
$6,000,000,000 economic loss episodes.


See http://catless.ncl.ac.uk/Risks/5.80.html#subj1 for details on how 
it worked -- but it didn't involve any analog to 'root' privileges.

When the recipient got a copy, there was an included (or attached; I 
don't quite remember) REXX file.  (REXX was a scripting language for VM/
CMS.)  The message told you that it would display a Christmas card if 
you ran it; most users did just that, since the note appeared to come 
from someone they knew.  And then the file replicated itself; you all 
know the rest.

Note the two crucial points -- it ran with the user's permissions, and 
it was explicitly run by the user, rather than by any automatic 
mechanism.

                --Steve Bellovin

<Prev in Thread]	Current Thread	[Next in Thread>
Re: VIRUS WARNING, (continued) Re: VIRUS WARNING, Steven M. Bellovin RE: VIRUS WARNING, Ian King Re: VIRUS WARNING, Greg Skinner Re: VIRUS WARNING, Keith Moore Re: VIRUS WARNING, chris d koeberle RE: VIRUS WARNING, Jim Stephenson-Dunn RE: VIRUS WARNING, Michael B. Bellopede RE: VIRUS WARNING, Tim Salo Re: VIRUS WARNING, Steven M. Bellovin Re: VIRUS WARNING, Einar Stefferud RE: VIRUS WARNING, Castro, Edison M. (PCA) <= Re: VIRUS WARNING, Valdis . Kletnieks RE: VIRUS WARNING, Scot Mc Pherson Re: VIRUS WARNING, Dennis Glatting RE: VIRUS WARNING, Doug Sauder RE: VIRUS WARNING, Vernon Schryver RE: VIRUS WARNING, Lillian Komlossy Re: VIRUS WARNING, John Stracke RE: VIRUS WARNING, Scot Mc Pherson Re: VIRUS WARNING, Valdis . Kletnieks RE: VIRUS WARNING, Vernon Schryver