subject: RE: VXers creating 150 zombie programs a week posted: Thu, 06 Jan 2005 10:55:33 -0000
Good point - I speak from behind Pegasus Mail, so I'm a bit
complacent. You're right, a 3rd-party application which then uses
the Microsoft HTML engine is not much safer.
Pegasus isn't very good at displaying HTML mail either. But, I'm not
slightly bothered - only spammers and crackers use HTML mail anyway!
I usually delete all HTML mail without even reading it, unless I
recognise the sender.
Email was never designed for formatted content, and I am more than
happy to leave it that way.
When I put on my conspiracist hat, I can clearly see that Microsoft
invented HTML mail *specifically so they could crack people's
computers with a simple email*.
If I put on my business hat, I can clearly see that Microsoft
invented HTML mail *specifically so they could send you glossy ads*.
If I put on my security hat, I can clearly see that Microsoft
invented HTML mail *specifically so they could run scripts to update
your DRM in the background*.
Hmmm, which of these has got anything to do with email?
HTML mail is evil. Anyone who sends it is a M$ groupie. Choose
life! Support the ASCII email campaign today!
/"\
\ / CAMPANHA DA FITA ASCII - CONTRA MAIL HTML
X ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL
/ \
Your security program overlooked intrusion detection, which I feel
should not be overlooked. Some systems call themselves intrusion
prevention or protection but that sounds a little over-hyped. I have
a fantastic IDS for Win9x - pity 2K and XP, lacking a DOS mode, can't
use it! 2K and XP users have to settle for inline SNORT in IDS mode,
sux 2 b them! :)
Stu
On 6 Jan 2005 at 17:46, Brett Lester wrote:
From: "Brett Lester" <[email protected]>
To: <[email protected]>
Subject: RE: VXers creating 150 zombie programs a week
Date sent: Thu, 6 Jan 2005 17:46:11 +0800
> I certainly agree that a reliable spam filter is required. However, dumping
> Outlook and replacing it with another email client may provide a false sense
> of security, since many other email programs use Microsoft's HTML rendering
> engine. Eudora is one email client that allows users to specify whether
> they want to use Microsoft's HTML renderer or Eudora's native one. The
> latter is extremely primitive and often produces crumpled output from even
> the most basic HTML.
>
> IMHO, a comprehensive security program will also include:
>
> * an anti-virus program with automated updates
> * ensuring that your operating system and applications are patched
> frequently
> * anti-spam software which supports grey-listing (preferably at the server)
> * anti-spyware software.
>
> -----Original Message-----
> From: Stuart Udall [mailto:[email protected]]
> Sent: Thursday, 6 January 2005 8:50 AM
> To: [email protected]
> Subject: VXers creating 150 zombie programs a week
>
>
> [This article notes that spam is being used to install spyware. A
> convincing reason to install a decent spam filter, and switch
> vulnerable users to something other than Outlook. - Stu]
>
> http://www.theregister.co.uk/2005/01/05/mcafee_avert_report/ >
> VXers creating 150 zombie programs a week
> By John Leyden
> Published Wednesday 5th January 2005 12:23 GMT
>
> Malicious programs capable of turning home PCs into zombies
> controlled by hackers are growing at between 150 to 200 per week.
> McAfee's Anti-virus and Vulnerability Emergency Response Team (AVERT)
> reports that bots (now numbering over 7,000) and mass mailing viruses
> are the greatest threat to enterprises. Meanwhile exploits and adware
> account for over 60 per cent of the malicious threats impacting
> consumers.
>
> Already Windows PCs submitted to online scanning by McAfee contained
> an average of 13 adware components. It warns that spam encoded to
> take advantage of the latest exploits to install spyware will ramp up
> consumer security risks even higher.
>
> The number of computer viruses rated medium risk or higher by McAfee
> increased from 20 in 2003 to 46 in 2004, an increase of 130 per cent.
> By the end of 2004, McAfee's AVERT Labs had detected 17,000 new
> malware threats. Vulnerabilities discovered in 2004 totalled more
> than 2,800, down 25 per cent from 2003, however McAfee reckons that
> malicious hackers are becoming quicker at producing exploits.
>
> "In 2004, the rise in viruses, worms, phishing, adware and
> vulnerability exploitation has surpassed what was noted in 2003,"
> said Vincent Gullotto, vice president of McAfee AVERT. "Although we
> saw a steady five per cent (year over year) decrease in the rate of
> virus production from 2000 to 2003, we have seen an increase in 2004
> which can be partly attributed to Bagle and NetSky authors feuding,
> as well as a general lack of awareness in regards to adware and other
> such programs." R
>
>
> ---
> * Origin: [adminz] tech, security, support (192:168/0.2)
>
>
---
* Origin: [adminz] tech, security, support (192:168/0.2)
generated by msg2page 0.06 on Jul 21, 2006 at 19:03:58
search: