[Date Prev][Date Next][Subject Prev][Subject Next][ Date Index][ Subject Index]

Re: OT Re: virus warning





It's been perhaps six months since my last crack at this, Jordan, but as I recall these were each people who allowed kids in the family to play online games. Their e-mail habits were EXTREMELY conservative, so I suspect one or more online game sites as the source (otherwise innocuous, stupid kids' games and puzzles). The original injection of the virus looked like it may have been as a browser helper object, which Spybot will detect if it's installed. After the reinstallations, I set up guest accounts with restricted rights so they could let the kids play (preferably with supervision) and not allow any program installations. Unlike Linux and Mac, Microsoft Windows' default installation has been profoundly and stupidly insecure for as long as I can remember. But people who know more than I do can MAKE it fairly secure. I think that's part of Redmond's Plan for World Domination: create a flawed system requiring certified techs to fix it, charge the techs for training and certification, laugh all the way to the bank. Am I paranoid?

Jeff

-----Original Message-----
From: J R FOX
To: xywrite@xxxxxxxx
Sent: Fri, Jun 17, 2011 9:06 pm
Subject: Re: OT Re: virus warning

--- On Fri, 6/17/11, mailto:peregrine@xxxxxxxx mailto:peregrine@xxxxxxxx wrote:

I've reformatted the boot drives of three computers afflicted with this
particularly nasty bugger, Andy. Each time I tried every other trick I know, and
that's a lot of tricks.

The damage is essentially done if you unwittingly approve the faux Microsoft
security warning, which looks a lot like the real thing but contains a
misspelling or two and some awkward English syntax. If you've said yes to that,
unless you have mad skillz I don't have, hang it up and reformat.

----------------------------------------------------------------

O.K., but _what_ is the point of entry ? For most people, most
of the time, it is going to come in as an email attachment -- or
link -- that you open, no ? I happen to use a dedicated webmail
site (online interface), for each of my provider accounts.
That is where the mail resides, on their servers. They have
something that strips out suspicious payloads -- even
sometimes ones that are not actually malware -- before they
turn up in my box. If anything, it tends to be a bit over-
zealous. A certain number of mail items get here that no longer
have any contents ! This does not totally eliminate the need
for some vigilance, but it helps a lot.

And those who are running something other than Windows are not
going to fall prey to a faux MS security thingie.

But thanks for the heads up.


Jordan