[3112] in WWW Security List Archive
Re: New and destructive word macro virus
daemon@ATHENA.MIT.EDU (mol@ecmwf.int)
Fri Sep 27 23:32:42 1996
From: mol@ecmwf.int
To: www-security@ns2.rutgers.edu (www-sec)
Date: Sat, 28 Sep 1996 03:02:45 +0100 (BST)
Errors-To: owner-www-security@ns2.rutgers.edu
In a previous mail , Bill Casti wrote :
>
> If it was not your intent, then why didn't you just send to the poster
> and to the list moderator and let it go at that? I don't think macro
> virus postings are inappropriate here, since Word docs are frequently
> obtainable through websites.
>
> Regards.
> Bill
>
> On Thu, 26 Sep 1996 P.Parmentier@ecmwf.int wrote:
>
> > Hope I am not going to start a flame war, this is not my intention.
> >
I did not for these reasons:
1-) There is no such thing as a list moderator for that this list is not
moderated (there is obviously an administrator, but he's not moderating
this list). I wish it were !
2-) For some time now, there is quite a lot of "noise" on that list with
irrelevant postings (and mine was admittidly adding some noise). This is an
extract of the list charter:
> The www-security list is intended for the discussion of World Wide
> Web security proposals, enhancements and issues. This is the working
> list of the proposed IETF HTTP Security working group.
I do not think the original posting, as quite a lot of others, was
geared towards a discussion on security in http transactions.
As far as I know "word" is not an internet protocol, it is just
one particular application. There are humpteenth of agreed mime-types,
each of them bound to have security implications when exchanged between
computers, but this still does not make discussion on their problems
an http issue per se.
Word docs may be "frequently obtainable through websites", but the fact,
that they may contain viruses has nothing to do with security enhancements
or discussions about http.
A lot of other applications have security weaknesses, and can be served
through http, but their security problem does not pertain to http either.
For instance numerous other internet protocols are known to have, or
having had, security weaknesses, but the www-security list is not the
place where they are dicussed, or alerts are sent to.
This list is definitly not a general security discussion list,
but a www one.
There are procedures to deal with discovery of internet threats (like CERT,
FIRST etc) and it is better to stick with them more than sending mails at
random.
Having said that, I knew when answering to the posting through the
mailing lits too that this may trigger a lot of mails (to me or to the list),
--
Philippe Parmentier E-mail : P.Parmentier@ecmwf.int
Snail : ECMWF, Shinfield Park, Reading, Berkshire RG2 9AX, U.K.
