lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200308201509.h7KF9wg8003951@turing-police.cc.vt.edu>
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Administrivia: Testing Emergency Virus Filter.. 

On Wed, 20 Aug 2003 09:39:21 CDT, "Schmehl, Paul L" said:
>
> Do you really believe this?  I don't.  One only has to look at the Sobig
> outbreak yesterday to realize that some subset of the 100% of users out
> there will execute an attachment *despite* being repeatedly warned about
> the dangers.  My God, when all you have to do is put "See attached file"
> in the body and people *still* execute the virus, it becomes self
> evident that *no* amount of education is going to completely solve the
> problem.

Have to admit that mimail did a good social engineering job - when it gets sent
from 'admin@<yourdomain', and says "Your account is about to expire, see the
attachment for details", a lot of otherwise clued people will bite.

Of course, the *average* e-mail user doesn't understand the distinction between
"internet" and "web", even after you point out that e-mail isn't web....

In April 1951, Galaxy published C.M. Kornbluth's "The Marching Morons".
The intervening years have proved Kornbluth right.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030820/5144309c/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ