| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: nobody at tatooine.homelinux.net (starwars) Subject: Re: E-Mail viruses Curt Purdy wrote: > Valdis.Kletnieks wrote: > > > So let's see.. the same bozos who read the text part of the > > virus, get the password, and > > use that to unzip the rest of the virus won't read the text > > part, get the rename to do, > > and..... > > > > Color me dubious.... > > Methinks you misunderstand. Only the proprietary extension, i.e. .inc or > .xyz or .whatever, would be allowed through, and since virus writers would > never use this extension, it would eliminate ALL viruses at the gateway. > The nice thing about this approach is that it completely eliminates the need > for any anti-virus on the mail server since all virus attachments are > automatically dropped without the need for scanning. Quite a simple, yet > elegant solution, if I do say so myself. Elegant, indeed. Have an MCSE on that. I wonder why virus writers didn't think of that yet. -------------- Dear Microsoft Windows User, [insert usual "install this patch immediately" here] For security reasons, the upgrade installer has been renamed to update.eex and cannot be executed directly. [insert "this tremendously elegant solution keeps you safe from viruses, because..." here]. To install this critical service pack, save the attachement to disk, rename it to update.exe and double-click it. Thanks for your attention, etc. pp. [attach your favourite update.eex] -------------- Thank your for this inspiration.
Powered by blists - more mailing lists