[Date Prev][Date Next][Subject Prev][Subject Next][ Date Index][ Subject Index]

RE: virus warnig



Reply to note from "Brian Henderson"  Tue,
22 Oct 2002 19:39:48 -0700

> don't people have to be a member to post to the group? How are
> they getting in? Have these recent attacks all been the kind
> that use the address book on an infected machine (so that a
> legit member is an unwitting proxy)? Or is it possible to hack
> into the list- server and send to whatever list one wishes?

This has always been an open list, meaning that anyone can post.
Only subscribers receive copies of posted messages.

At least one recent viral message came from a non-subscriber address
(probably unbeknownst to the owner of that address, which appears to
be a legitimate company); others seem to have originated from
subscribers, though their addresses may have been spoofed. My
impression -- I've never done the math -- is that most infected
messages emanate from (unwitting) subscribers.

By sending a simple command to the list processor, I can make the
list "subscribers only". That would exclude posts, legitimate and
otherwise, sent from e-mail addresses not appearing on the list of
subscribers. The question is, would the additional safety be worth
the diminished accessibility?

On the one side, accessibility may be overrated. The real value of
this list lies in taking out a subscription, because that's the only
way a poster is guaranteed to be able to read all responses to his
or her query (the alternative -- dicey -- being to ask respondents
to send replies to the sender's private address), and the only
effective way to take part in the ongoing dialogue. What's more,
the burden of subscribing is minimal. On the other side is the fact
that any gain in security would be slight at best. No one could
relax. Everyone would still have to take exactly the same
precautions against viruses as we do now, because infected messages
could still originate with a subscriber or someone posing as a
subscriber. To do otherwise would be to indulge a false sense of
security. And then there's the principle -- weighty, in my view --
that to do anything other than keep the list as open and accessible
as possible is to capitulate to the miscreants who propagate these
destructive messages.

On balance, I lean toward openness. But maybe openness is an
anachronism in this parlous age. If the weight of subscriber
opinion favors excluding posts from non-subscribers, I'll send the
command. Note well that this step, if taken, would not close the
list to anyone or turn it into a moderated list. Anyone could still
subscribe and post. The only difference would be that subscribing
would become a prerequisite to posting.

What do you say?

--
Carl Distefano
cld@xxxxxxxx
http://users.datarealm.com/xywwweb/