[LINK] Ruminating about viruses

[Chirgwin, Richard]

Malcolm,

Nice try. OK, in one spot in his piece, Robin was loose with language.

You must know that Outlook allows "active" content to be inserted into
e-mails, and that unless you have a locked-down policy it's damn hard to
prevent. For example: I see colleagues receiving "cute" e-mails, in which
the little dancing figures are right there, dancing in the preview pane -
and the user has done nothing. Outlook's running, the 'active' mail is the
most recent - and there are the animations.

Don't B.S. us on this: if there's active content in an e-mail, and the
desktop is in its default configuration, then that content is activated
without any action from the user.

Richard
-----Original Message-----
From: Malcolm Miles
To: Robin Whittle
Cc: Link mailing list
Sent: 10/25/02 8:17 PM
Subject: Re: [LINK] Ruminating about viruses

On Fri, 25 Oct 2002 00:08:19 +1000, you wrote:

>Why, in the modern world, would anyone want an email client which made
>it possible to execute anything which arrives by an attachment? 

Are there any current email clients that still allow you to execute an
attachment without saving it to disk first?

Outlook doesn't, by default it doesn't even let you save it to disk,
let alone execute it. I believe that Outlook Express is the same.
Forte Agent asks you for confirmation if you request the launching of
an attachment.

>Are modern versions of Word etc. still able to be infected by opening a
>.doc file with macros?

Not unless they are digitally signed by a trusted source. While that
relies on a user knowing whether a source should be trusted, in
practise, most virus authors don't sign their code.

-- 
Best wishes,
Malcolm

----------
For Link list information see http://sunsite.anu.edu.au/link/
----------
For Link list information see http://sunsite.anu.edu.au/link/