[SLE] (OT): M$ response to I LOVE YOU
Microsoft Corp., for its part, said the virus was not indicative of any particular vulnerability associated with Microsoft Outlook. Hi all, I just pulled this off of Reuters and had to share it. It's the official M$ response to the "I LOVE YOU" virus. I just about fell out of my chair when I read it. Anyway, I got 11 of the viruses on 120 clients, as well as 2 faxes of the source code (this is one the news didn't talk about-- it also called pagers). We had no infections, thanks in no small part to CERT's most excellent job of getting the word out. Also, thanks to making the decision not to support Outlook as an e-mail client. Finally, thanks to the fact that we use sendmail, not Exchange to do our e-mail. In the area I live in, most of the emergency services use Exchange and Outlook. This trojan shut down their networks... Not that I want to pat Open Source on the back-- I can't help but wonder how many people died today due to that jerk's actions. Anyway, here's what a spin-doctor at Mickey$oft has to say about it, courtesy of Reuters-- prepare to gag. Cheers, Dennis -------------BS follows----------- ``Viruses are really an industry-wide issue,'' said Scott Culp, program manager for Microsoft's security response center. ''They can be written for any platform. They can be written to use a variety of e-mail clients. ``In this case the virus author chose to target Outlook probably because it gave him better reach,'' he said. ``There isn't a security vulnerability in Outlook involved in this at all,'' Culp said. ------------end BS------------- "Custard pies are a sort of esperanto: a universal language." --Noel Godin -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
At 08:36 05-05-00, Dennis wrote:
Microsoft Corp., for its part, said the virus was not indicative of any particular vulnerability associated with Microsoft Outlook. [...snip...] Anyway, here's what a spin-doctor at Mickey$oft has to say about it, courtesy of Reuters-- prepare to gag. -------------BS follows-----------
``Viruses are really an industry-wide issue,'' said Scott Culp, program manager for Microsoft's security response center. ''They can be written for any platform. They can be written to use a variety of e-mail clients.
``In this case the virus author chose to target Outlook probably because it gave him better reach,'' he said. ``There isn't a security vulnerability in Outlook involved in this at all,'' Culp said. ------------end BS-------------
Actually he was right. As far as I know, this worm (it is NOT a virus) still requires the user to actively tell the computer to run the program. If the user will run it, he might also save it and run it if he was using a different MUA or even OS. (Of course, in this specific case, the program would only run on a MS OS.) Please note that I am not saying that Microsoft programs are safe, just that as long as a user has to actively run a program, it is no fault of the OS or applications if the program is malicious. Regards Ole Kofoed Hansen okh@post.cybercity.dk ICQ# 25773325 -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Ole Kofoed Hansen
Please note that I am not saying that Microsoft programs are safe, just that as long as a user has to actively run a program, it is no fault of the OS or applications if the program is malicious.
I'm not 100% sure about this, but aren't some windows mail clients configurable (or set by default) to open and/or run mail attachments as soon as the message is opened? -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Considering the level of technical talent on this list, I should probably keep my nose out of this so as not to reveal my ignorance, but, since I have this problem with not being able to keep my mouth shut sometimes ......... It's my understanding that the reason these virii/worms seem to proliferate through Microsoft programs is due to an inherent security problem with the design itself of Microsoft systems. Microsoft applications are too intimately tied in with the operating system, so application programs can screw up the operating system. And, maybe more importantly, due to the ability of a rampant virus/worm to wreak havoc running through a system and deleting and modifying everything in sight, something not possible in a Unix system because of the permission structure of the file system. These virus outbreaks are getting to be a major pain in the butt; our ISP disconnected their e-mail servers for about the last 24 hours in order to keep from getting infected with "ILOVEYOU"; maybe the potential side benefit of these outbreaks will be that Microsoft will be forced to tighten things up in their own technical design? Paul "removing foot from mouth" Greene At 04:17 PM 5/5/00 +0200, you wrote:
At 08:36 05-05-00, Dennis wrote:
Microsoft Corp., for its part, said the virus was not indicative of any particular vulnerability associated with Microsoft Outlook. [...snip...] Anyway, here's what a spin-doctor at Mickey$oft has to say about it, courtesy of Reuters-- prepare to gag. -------------BS follows-----------
``Viruses are really an industry-wide issue,'' said Scott Culp, program manager for Microsoft's security response center. ''They can be written for any platform. They can be written to use a variety of e-mail clients.
``In this case the virus author chose to target Outlook probably because it gave him better reach,'' he said. ``There isn't a security vulnerability in Outlook involved in this at all,'' Culp said. ------------end BS-------------
Actually he was right. As far as I know, this worm (it is NOT a virus) still requires the user to actively tell the computer to run the program.
If the user will run it, he might also save it and run it if he was using a different MUA or even OS. (Of course, in this specific case, the program would only run on a MS OS.)
Please note that I am not saying that Microsoft programs are safe, just that as long as a user has to actively run a program, it is no fault of the OS or applications if the program is malicious.
Regards
Ole Kofoed Hansen okh@post.cybercity.dk ICQ# 25773325
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
At 11:34 05/05/2000 -0400, Paul Greene
It's my understanding that the reason these virii/worms seem to proliferate through Microsoft programs is due to an inherent security problem with the design itself of Microsoft systems. Microsoft applications are too intimately tied in with the operating system, so application programs can screw up the operating system.
< Insert image of a hammer hitting a nail squarely on its head. > :-)
These virus outbreaks are getting to be a major pain in the butt;
Yes, and the ILOVEYOU worm now has at least 5 different varients out there.
...maybe the potential side benefit of these outbreaks will be that Microsoft will be forced to tighten things up in their own technical design?
I wouldn't hold my breath. Microsoft's official claim that Outlook isn't at fault may be technically correct, but their statement is a truly laughable attempt to get people to focus on outlook rather than the fault of the underlying windows code that allows visual basic scripts to wreak havoc if written to do so. As a related point: I find the whole idea of applications overwriting shared libraries as part of their install process offensive. I'd even go so far as to say such a practice might even be classifiable as the product of an insane mind. Now there's a satisfying image: Windows: Product of mass psychosis. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Well i'm wondering if this will happen on a win2k machine, if you set the user up as a restricted used he/she can not make changes to the system, for they do not have the permission to do so. I know from past exsperience that if you set up a restricted user you need to make sure that you run all programs from microsoft at least as the administrator before the restricted user can run them. I learned this one the hard way hehe. just a comment off topic but had too throw it out. At 12:12 PM 5/5/00 -0500, Argentium G. Tiger wrote:
At 11:34 05/05/2000 -0400, Paul Greene
wrote: It's my understanding that the reason these virii/worms seem to proliferate through Microsoft programs is due to an inherent security problem with the design itself of Microsoft systems. Microsoft applications are too intimately tied in with the operating system, so application programs can screw up the operating system.
< Insert image of a hammer hitting a nail squarely on its head. > :-)
These virus outbreaks are getting to be a major pain in the butt;
Yes, and the ILOVEYOU worm now has at least 5 different varients out there.
...maybe the potential side benefit of these outbreaks will be that Microsoft will be forced to tighten things up in their own technical design?
I wouldn't hold my breath.
Microsoft's official claim that Outlook isn't at fault may be technically correct, but their statement is a truly laughable attempt to get people to focus on outlook rather than the fault of the underlying windows code that allows visual basic scripts to wreak havoc if written to do so.
As a related point: I find the whole idea of applications overwriting shared libraries as part of their install process offensive. I'd even go so far as to say such a practice might even be classifiable as the product of an insane mind.
Now there's a satisfying image: Windows: Product of mass psychosis.
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Jack Malone East Texas Lighthouse for the Blind dba Horizon Industries jack@malone.tyler.com 903-595-3444 fax 903-595-3447 -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
At 12:27 PM 05/05/00 -0500, Jack Malone wrote:
Well i'm wondering if this will happen on a win2k machine, if you set the user up as a restricted used he/she can not make changes to the system, for they do not have the permission to do so.
Ah, conspiracy! Microsoft will now say to be safe you must upgrade (buy) windows 2000. Now, where did that virus come from??? Bill Moseley mailto:moseley@hank.org -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Fri, 05 May 2000, Bill Moseley wrote:
Ah, conspiracy! Microsoft will now say to be safe you must upgrade (buy) windows 2000. Now, where did that virus come from???
Jay Leno answered that one last night... showed footage of police officers leading Barney away in handcuffs. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Fri, 05 May 2000, Paul Greene wrote:
These virus outbreaks are getting to be a major pain in the butt; our ISP disconnected their e-mail servers for about the last 24 hours in order to keep from getting infected with "ILOVEYOU"; maybe the potential side benefit of these outbreaks will be that Microsoft will be forced to tighten things up in their own technical design?
IMHO that would only be half the problem. The issue is bio-diversity [what do you call that in the computer world?] or more correctly lack of it. If you write a virus/whatever targeted at Windows you know that your virus will have a pretty good chance with 90+% of the world running some version of Windows. If the world is so dependent on one system [no matter what system that includes linux] big nasty things will happen. We would all get pretty upset if every car built used the same lock with the same key. But luckily they don't so it's a little harder for the bad guys. Nick -- Nick Zentena "The Linux issue," Wladawsky-Berger explained, "is whether this is a fundamentally disruptive technology, like the microprocessor and the Internet? We're betting that it is." -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Fri, 05 May 2000, Paul Greene wrote:
These virus outbreaks are getting to be a major pain in
disconnected their e-mail servers for about the last 24 hours in order to keep from getting infected with "ILOVEYOU"; maybe the
----- Original Message -----
From: Nick Zentena
benefit of these outbreaks will be that Microsoft will be forced to tighten things up in their own technical design?
IMHO that would only be half the problem. The issue is bio-diversity [what do you call that in the computer world?] or more correctly lack of it. If you write a virus/whatever targeted at Windows you know that your virus will have a pretty good chance with 90+% of the world running some version of Windows.
If the world is so dependent on one system [no matter what system that includes linux] big nasty things will happen. We would all get pretty upset if every car built used the same lock with the same key. But luckily they don't so it's a little harder for the bad guys.
Good point, bad example, there are only a few different Keys for cars. For some it's as low as 12 for a particular model IIRC. I think they also shuffle the 2 keys to increase the combinations. For fun try your keys on other cars of the same make and model. It reminds me a bit of when I locked the keys in a rental and the guy opened every rental car on the lot rather than wait for me to get out and show him the right car. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
participants (9)
-
agtiger@coolnet.net
-
dsoper@clipper.net
-
jack@malone.tyler.com
-
k01164@ko.sdu.dk
-
KenzieM@sympatico.ca
-
moseley@hank.org
-
tiempos@panama.c-com.net
-
warrl@blarg.net
-
zentena@hophead.dyndns.org