A warning to all authors.

[Guest]

I recently recieved feedback on one of my stories that made me a little uneasy. On the same day this person also sent me some kind of file that was infected with a virus. I'm not saying he did it on purpose, but I can't be sure. If you get feedback from 'Albert Tembo', or from the address nmc@coppernet.zm, be very careful about opening it.

Mark.

 

[daughter]

Mark--

As a rule, I do not open attachments from people I don't know. Thanks for the heads up.

Peace,

daughter

 

[enslaved lioness]

yes, thank you for the warning

 

[Mickie]

Thanks for the heads up. Just to put a note on it -- it's very possible that the virus was sent unknown by the addressee on the email. A lot of viruses send themselves to whoever is in the address book. It might be a kind warning to send a message telling this guy that he has a virus infecting his own system. I had the SirCam one, and it sent infected messages to half the people I know before I found a fix for it that actually did the entire job. (McAffee is worthless, as far as I'm concerned.)

Yes, never, but never open an attach you don't know is coming, even from someone you trust. I've even sent messages back to my mother asking her to please identify something she sent without a tag message. It pays to be careful.

Mickie

 

[lil16v]

Actually, Mickie, McAfee is not worthless. It is about the best virus scan/detection you can get. The SirCam virus was cleverly written. When detected and deleted by ANY software, it left a file in the registry of your computer. This file told your computer if you don't see Sircam.exe then don't run what ever *.exe program you were trying to run.

Sophi

 

[CRaZy]

I had the SirCam virus. It rendered all virus detection software useless because it was programmed to attack them first. I too, unwittingly sent hundreds of emails to everyone in my address book courtesy of this charming little virus. By some miracle of God it wasn't a pornographic file. That would have gone down well with the Principal at the school where I work! I can see the headline - "Deviant Teacher Outted By SirCam" ~shudders at the thought~ Anyway, it took forever to delete it and in the process my whole system crashed. The virus actually came through our business email. I never open any attachments now. I make people post them in the body of emails.

 

[GuyJD]

Thanks for the heads up. I've received a few letters that ask for advice. The first one that I fell for inserted a virus. Fortunately, my Norton caught it before it could be downloaded. As suggested by daughter earlier, never accept a download from someone that you are unfamiliar with.

 

[garyblue]

embedded evil

There has been a lot of good advice here. I would make a couple of points myself:

1. 95% of all virii/worms/trojan horses are written to infect M$ applications.

2. Outlook, IE, and Word are favored targets due to their ubiquity and poor security.

3. HTML (what web pages are made of) can have embedded executables. This site is an example. If you click, say, profile, a new instance of your browser is opened by an embedded command.

These are just a tip of the security issue iceberg. You can protect yourself pretty well on these points. In addition to virus scanners, here are some things you can do:

1. Migrate to non-M$ apps if possible. For example, Word Perfect instead of Word (if you do any desktop publishing, you'll love the change). WP won't automatically run Word macros. Use a text based mail reader instead of Outlook. Agent or Eudora will work here. The worm won't find your address book, unless it's very sophisticated and most aren't. Browser choices are poor. IE is non-WWW compliant, Netscape crashes, and Opera (the most WWW compliant and stable) is rejected by MSN. There are others, but you move into the world of the arcane and obscure.

2. If you must use Word and Outlook, you must. The bad guys use a very useful features to do evil things. The attached Word file will contain a macro that creates a message to be sent to everyone in your Outlook address book, attaches itself to the message, and queues to be sent the next net connection. That's a benign worm. It could also delete or rename files, etc. The prophylactic? Disable macros, view macros (or whatever it is in Word), and make sure that it's safe. Better, tell everyone to send text files only. If you open untrusted .exe, .com, or .bat files, you deserve whatever you get. Don't laugh. You do.

3. Java and ********** are supposed to be safe. That is, they won't cause harm to your system from outside. They're not the only technologies out there. Why take the chance. Use a text based mail/news reader that supports MIME. If you need to view HTML, you can. You can even view the source before you open your browser. I've used Agent for about two years, and love it. It will warn you if a file is executable even if the extension looks benign.

If we have johns, we'll have hookers. If we have gamblers, we'll have bookies. If we have people opening untrusted attachments, we'll have script kiddies and worse trying to trash our systems

You get a lot for two cents American.

g

 

[Guest]

I'm glad some of you appreciate the warning. I would just like to make it clear that I didn't open the attachment I was sent. I scanned it first. I never open any attachments from people I don't know, and I scan attachments even from those I do. This certainly is good advice to everyone. I hope this thread has opened a few eyes in that area.