Re: ".zip" file attachments no longer blocked on CalMail

From: <tedcrum_at_socrates.berkeley.edu>
Date: Fri Mar 05 2004 - 11:46:16 PST

I know a place where the mail servers have for years changed the extension
on *all* incoming attachments to .txt .

If you're expecting the attachment and hip enough to know how to open it
it, you are probably experienced enough not to get slimed. Otherwise, It
just sits there.

-tc

>
> On Mar 05, "Michael Armijo" wrote:
>
> > It is unrealistic to expect users to forego the use of email attachments
> > entirely.
>
> I agree with the sentiment, but...
>
> > So the mantra is really "never open any attachments unless you are
> > sure of (or the sender can explicitly verify) the contents,
>
> I think that suggestion is about 95 percent effective, which unfortunately
> means that it's not effective enough. The latest virus social engineering
> techniques were impressive in my opinion.
>
> > and never open an attachment that is an executable file".
>
> I grieve for the typical user that has to determine whether a given
> attachment is executable. .exe, .com, .pif, .bat, .scr all come to mind
> off the top of my head, but I don't think that list is exhaustive, and I
> doubt that typical users are better at it than I am. Not to mention the
> fact that windows likes to hide the file extension of files, so that
> you're often left with determining the file type based on a 32x32 pixel
> picture!
>
> I think the real solution is a model where users aren't put in a
> position to judge the trustworthiness of any executable code.
>
> Sing along, everybody:
>
> Imagine there's no unapproved executables,
> It's easy if you try,
> No email viruses and spyware among us
> Above us only sky
>
> Mike
>
> ------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> For information about Micronet, including subscribing to
> or unsubscribing from its mailing list and finding out
> about upcoming meetings, please visit the Micronet Web site:
> <http://micronet.berkeley.edu/>.
> 

-- 
Ted Crum
tedcrum@socrates.berkeley.edu
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Fri Mar 5 11:46:47 2004

This archive was generated by hypermail 2.1.8 : Fri Mar 05 2004 - 11:46:47 PST