[Date Prev][Date Next][Subject Prev][Subject Next][ Date Index][ Subject Index]

RE: virus warnig



I agree with what you say. Openness is good, and constant care re viruses
seems as much a concern with computers as with the ordinary world of
traditional viruses. Keep it open.

                David

At 02:02 AM 10/23/2002 -0400, Carl Distefano wrote:

Reply to note from "Brian Henderson" Tue, 22 Oct 2002 19:39:48 -0700 > don't people have to be a member to post to the group? How are > they getting in? Have these recent attacks all been the kind > that use the address book on an infected machine (so that a > legit member is an unwitting proxy)? Or is it possible to hack > into the list- server and send to whatever list one wishes? This has always been an open list, meaning that anyone can post. Only subscribers receive copies of posted messages. At least one recent viral message came from a non-subscriber address (probably unbeknownst to the owner of that address, which appears to be a legitimate company); others seem to have originated from subscribers, though their addresses may have been spoofed. My impression -- I've never done the math -- is that most infected messages emanate from (unwitting) subscribers. By sending a simple command to the list processor, I can make the list "subscribers only". That would exclude posts, legitimate and otherwise, sent from e-mail addresses not appearing on the list of subscribers. The question is, would the additional safety be worth the diminished accessibility? On the one side, accessibility may be overrated. The real value of this list lies in taking out a subscription, because that's the only way a poster is guaranteed to be able to read all responses to his or her query (the alternative -- dicey -- being to ask respondents to send replies to the sender's private address), and the only effective way to take part in the ongoing dialogue. What's more, the burden of subscribing is minimal. On the other side is the fact that any gain in security would be slight at best. No one could relax. Everyone would still have to take exactly the same precautions against viruses as we do now, because infected messages could still originate with a subscriber or someone posing as a subscriber. To do otherwise would be to indulge a false sense of security. And then there's the principle -- weighty, in my view -- that to do anything other than keep the list as open and accessible as possible is to capitulate to the miscreants who propagate these destructive messages. On balance, I lean toward openness. But maybe openness is an anachronism in this parlous age. If the weight of subscriber opinion favors excluding posts from non-subscribers, I'll send the command. Note well that this step, if taken, would not close the list to anyone or turn it into a moderated list. Anyone could still subscribe and post. The only difference would be that subscribing would become a prerequisite to posting. What do you say? -- Carl Distefano cld@xxxxxxxx http://users.datarealm.com/xywwweb/
David B. Kronenfeld Phone Office 909/787-4340 Department of Anthropology Message 909/787-5524 University of California Fax 909/787-5409 Riverside, CA 92521 email kfeld@xxxxxxxx Department: http://Anthropology.ucr.edu/ Personal: http://pages.sbcglobal.net/david-judy/david.html ------------------------------------------------------------------- Society for Anthropological Sciences: http://anthrosciences.org SAS New Orleans Meeting information: http://hcs.ucla.edu/new-orleans-2002/