[59152] in North American Network Operators' Group
Re: Mobile code security (was Re: rr style scanning of non-customers)
daemon@ATHENA.MIT.EDU (William Allen Simpson)
Mon Jun 16 13:22:15 2003
Date: Mon, 16 Jun 2003 11:38:57 -0400
From: William Allen Simpson <wsimpson@greendragon.com>
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
"Christopher L. Morrow" wrote:
> yea, if my sister in-law (who barely knows what 'computer' means most
> times) can come to the conclusion that:
> 1) all email viruses of note are outlook targetted
> 2) everyone with outlook gets viruses
>
> therefore
>
> 3) why would anyone ever run outlook
>
> why can't multibillion dollar companies figure that out? it does mystify
> me :)
>
When I visited for my birthday last week, I discovered my 15-year-old
niece's Comcast attached machine was infected wih multiple things, one
of which (I never figured out how) would even prevent the machine from
being shutdown (turned it into restart). From the activity lights, it
was pretty clearly sending a lot of traffic, sitting in the basement
unattended, with the screen blanked.
As far as I could tell, the vector was AOL IM. So, it's not only M$
and outlook. Why oh why are vendors shipping with defaults like no
restrictions on "buddy" downloads and execution?
--
William Allen Simpson
Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
