On Mar 05, "Michael Armijo" wrote:
> It is unrealistic to expect users to forego the use of email attachments
> entirely.
I agree with the sentiment, but...
> So the mantra is really "never open any attachments unless you are
> sure of (or the sender can explicitly verify) the contents,
I think that suggestion is about 95 percent effective, which unfortunately
means that it's not effective enough. The latest virus social engineering
techniques were impressive in my opinion.
> and never open an attachment that is an executable file".
I grieve for the typical user that has to determine whether a given
attachment is executable. .exe, .com, .pif, .bat, .scr all come to mind
off the top of my head, but I don't think that list is exhaustive, and I
doubt that typical users are better at it than I am. Not to mention the
fact that windows likes to hide the file extension of files, so that
you're often left with determining the file type based on a 32x32 pixel
picture!
I think the real solution is a model where users aren't put in a
position to judge the trustworthiness of any executable code.
Sing along, everybody:
Imagine there's no unapproved executables,
It's easy if you try,
No email viruses and spyware among us
Above us only sky
Mike
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Fri Mar 5 11:12:43 2004
This archive was generated by hypermail 2.1.8 : Fri Mar 05 2004 - 11:12:44 PST