lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <050401c3eced$cec69170$0b330a0a@ntdomain.devilsplayground.net>
Date: Fri, 6 Feb 2004 13:12:42 -0700
From: "Dave Warren" <dave.warren@...ilsplayground.net>
To: "Thor Larholm" <thor@...x.com>, <bugtraq@...urityfocus.com>
Subject: Re: getting rid of outbreaks and spam


Thor Larholm wrote:
>> 2. In a broader view, notifications ARE currently the
>> problem rather than a solution.
>
> I think we all recognize the fundamental truth that AV notifications
> are pure marketing. They contain no instructions on removing the
> virus and only serve to spread FUD. Somewhere sometime, a marketer at
> an AV company thought "hey, let's get new customers by notifying
> people that send the virus!", implemented it and everybody followed
> suit since "everybody is doing it, we might as well also".

Think back to the beginning.  Before viruses emailed themselves out, back
when viruses attached themselves to otherwise legitimate EXEs, DOCs(macro
viruses), etc.  In those days when I implemented a virus scanner, I didn't
notify people initially (long story, it was a hacked together solution), I
started getting complaints that email with attachments wasn't making it
through.

In this context, virus notifications were a positive thing.

Next in the evolution we had viruses that emailed themselves out, wasn't
Melissa one of the first?

At any rate, in the beginning, viruses emailed out with a legitimate "MAIL
FROM" address, so even then, notifications typically went to the correct
sender, although in this case notifying the recipient wasn't very effective.

-- 
Dave Warren,
 Email Address:  dave.warren@...ilsplayground.net
 Cell: (403) 371-3470         Fax: (403) 371-3471
 Toll free: (888) 371-3470 Vonage: (817) 886-0860
 ICQ: 17848192  AIM: devilspgd  Yahoo!: devilspgd
 MSN/PASSPORT:   dave.warren@...ilsplayground.net




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ