lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <404B78E6.7660.13C366BE@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: Re: E-Mail viruses

starwars <nobody@...ooine.homelinux.net> to Curt Purdy:

> > Methinks you misunderstand.  Only the proprietary extension, i.e. .inc or
> > .xyz or .whatever, would be allowed through, and since virus writers would
> > never use this extension, it would eliminate ALL viruses at the gateway.
> > The nice thing about this approach is that it completely eliminates the need
> > for any anti-virus on the mail server since all virus attachments are
> > automatically dropped without the need for scanning.  Quite a simple, yet
> > elegant solution, if I do say so myself.
> 
> Elegant, indeed. Have an MCSE on that.
> I wonder why virus writers didn't think of that yet.

What makes you think they haven't?

Oh -- and why (depending on the OS) do you think it is even necessary 
to include the step involving instructions to _rename_ the attachment 
to a .EXE extension??

...

Of course, for folk with _proper_ incoming filetype filters, the 
attachment's (suggested) extension in the MIME headers (and its 
suggested type in the same) is irrelevant.  It has long been known that 
Windows file-typing is dependent on way more things than just a file's 
extension (though Microsoft is rather reluctant to advertise this fact 
or even to explain all the ways that file-typing is achieved -- the 
cynics reckon this is because the folk who wrote the mish-mash of code 
that passes as an OS actually have no collective idea of how all the 
inter-related bit-parts can inetrract so cannot produce a definitive 
list; the less polite explanation questions their collective intellect 
and the effect the historical domination of the marketing objective of 
"make it work regardless" over any other programming and development 
culture (such as "do it well") has had).


Regards,

Nick FitzGerald


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ