|
|
|
|
WORST VIRUS EVER - CNN ANNOUNCED
PLEASE SEND THIS TO EVERYONE ON YOUR CONTACT LIST !!
A new virus has just been discovered that has been classified by
Microsoft as the most destructive ever This virus was discovered yesterday
afternoon by McAfee and no vaccine has yet ! been developed.
This virus simply destroys Sector Zero from the hard disk, where vital
information for its functioning are stored.
This virus acts in the following manner:
It sends itself automatically to all contacts on your list with the
title "A Card for You".
As soon as the supposed virtual card is opened the computer freezes so
that the user has
to reboot. When the ctrl+alt+del keys or the reset button are pressed,
the virus destroys Sector Zero, thus permanently destroying the hard disk.
Yesterday in just a few hours this virus caused panic in New York, according
to news broadcast by CNN. This alert was received by an employee of
Microsoft itself.
So don't open any mails with subject: "A Virtual Card for You." As
soon as you get the mail, delete it!! Even if you know the sender !!!
Please pass this mail to all of your friends.
Forward this to everyone in your address book. I'm sure most people,
like myself, would rather receive this notice 25 times than not at all.
I dream of boys with big bulges in their trousers,
Never of girls with big bulges in their blouses.
…and look forward to meeting you in Cóito.
|
|
|
|
|
|
|
|
|
I have to admit, i'm feeling a little smug right now, being a Mac user.
"I promise not to try not to fuck with your mind/ I promise not to mind if you go your way and i go mine/promise not to lie if i'm looking you right in your eye/promise not to try not to let you down."
--Eve6
|
|
|
|
|
|
|
|
|
|
|
|
|
A hoax though it may be ... this time; the capability to achieve the desired results as explained in Nick's original warning DOES exist; in fact having been a very severe problem in the early 1980's.
My first reaction to this thread was "My God, they've resurrected that old saw" I'm thankful to learn that they have not; but, knowing that they haven't should not make us any less vigilant; especially those amongst us running Intel x86 PIII "Celeron" processors, which by their very nature, and the inclusion of the "CPU I. D." technology (subsequently abandoned in true PIII's and all P4's) could especially vulnerable to attacks such as these.
Best Internet Practices today dictate never, ever, opening an executable file (.com, .sys, .exe and similar) within either your Web-browser or e-Mail Client. Always save such files to your hard-drive, and run your virus-scanner before opening them. e-Mail presents it's own problems, with HTML-based e-Mail rapidly becoming the norm. Solution to most, if not all, e-Mail related virus problems is to abandon HTML encoded e-Mail entirely, reverting to the less cumbersome, and far more efficient, plain-text format. Never, ever, open an attachment to e-Mail without first having saved it to your hard-drive, converting the file-format (if a document) to plain text, and if image to either .mng or .png format and scanning it for virus'; this latter protecting again embedded .gif and .jpeg virus'; the former against malevolent Scripts and ActiveX components.
If you, like probably 90% of the known Second World (North and South America), are wedded to Microsoft's Internet Explorer and Outlook (Express), the time is rapidly approaching for you to consider one of the many alternative Web-browsers and e-Mail Clients which now abound world-wide. All of those that I've downloaded, examined and played around with, have features that far and away outstrip any found within Microsoft's offerings, and all will NOT ALLOW either executable files, or e-Mail attachments to be opened by accident within their applications; with many restricting the operation of Scripts and ActiveX components (without user intervention) as well.
Warren C. E. Austin
The Gay Deceiver
Toronto, Canada
"... comme recherché qu'un délice callipygian"
|
|
|
|
|
|
|
|
|
I love being an email client at Yahoo, because it checks all incoming mail for viruses automatically. There was a time not too many months ago when somebody was sending me virus laden email on a weekly basis, and yahoo caught every one of them and screened them out.
cheers!
aj
"I promise not to try not to fuck with your mind/ I promise not to mind if you go your way and i go mine/promise not to lie if i'm looking you right in your eye/promise not to try not to let you down."
--Eve6
|
|
|
|
|
|
|
|
|
Warren C. E. Austin wrote:
> Never, ever, open an attachment to e-Mail without first having saved it to
> your hard-drive, converting the file-format (if a document) to plain text,
> and if image to either .mng or .png format and scanning it for virus'; this
> latter protecting again embedded .gif and .jpeg virus'; the former against
> malevolent Scripts and ActiveX components.
Short version: How do you convert a .doc (or a .jp(e)g or a .gif) to a .txt (or to a .mng or .png, respectively) without opening it? Surely you're not talking about of merely renaming the file and changing the file extension that way?
Long version: As I understand it, what makes embedded viruses possible are bugs in the used programs, in this case I would assume you refer to MS Word and... MS Paint or possibly to MS Photo Editor (if I remember the name correctly), though the latter ones are mere guesses. As it is, I can't check if Paint is capable of opening .jp(e)g's or .gif's since I'm not using Windows now. Anyway, the bugs in the programs cause the code of the virus to be executed as the file is read, and obviously the file needs to be read and opened in a program to be converted to another format. Now, if I'm supposed to convert the file to another file format before ever opening it, I feel I'm facing something of a paradox...
So, a clarification to what you meant as opposed to what you wrote would be apreciated.
Setras
That which is dreamed can never be lost, can never be undreamed.
-Master Li in Neil Gaiman's Sandman
|
|
|
|
|
|
|
|
|
What I had written is correct, but the order of the procedure is not.
I should have (and in fact had in draft) written:
"Never, ever, open an attachment to e-Mail without first having saved it to your hard-drive, and scanning it for virus' and then converting the file-format (if a document) to plain text, and if image to either .mng or .png format; this latter protecting again embedded .gif and .jpeg virus'; the former against malevolent Scripts and ActiveX components."
Malevolent Scripts and ActiveX components are often difficult for scanners to identify, for this reason after scanning, and before opening the saved e-Mail attachment in whatever application you use to process them, it is suggested first that you open that application and TURN OFF all Scripting and ActiveX handling routines. Scripting is usually handled from the "Options" or "Preferences" dialogues within the application itself. Some will also handle ActiveX components and controls for them will be found here as well. In general though, ActiveX components must be turned off using the Internet Options from Windows Control Panel under the "Advanced" property-sheet dialogues, and should version 6.x and higher of Internet Explorer be being used from within the Security (Custom and Advanced "button") property-sheet dialogues as well of Internet Options as well.
Once both elements have been disabled it may be considered safe to then open the document in it's native format, but is suggested to convert the file to plain text which strips any Scripts and ActiveX components from the file during it's conversion.
All evidence regarding .jpeg and .gif virus' indicate that they are safe to work with outside of the Web-browser handling routines, and therefore apparently after scanning (which again may or may not actually pick up any malevolent code) may be opened in their native format. To enure that any non-identified malevolent code which may exist is dealt with, it is suggested to convert them either to .mng or .png which will strip the code during conversion.
Conversion of documents and images is suggested because items we usually receive through the media or e-Mail, or our Web-browsers are often the very same that we shoose to share with others, who in turn may share them with more, and in doing so propigate the malevolent code if it remains un-treated. Neither plain-text, or .mng and .jpg will transmit malevolent code.
Hope this helps, and I apologize about the confusion.
Warren C. E. Austin
"... comme recherché qu'un délice callipygian"
|
|
|
|
|
|
|
marc
|
 |
Needs to get a life! |
Registered: March 2003
Messages: 4729
|
|
|
But can you simplify this so non-technophyles can understand it?
Life is great for me... Most of the time... But then I meet people online... Very few are real friends... Many say they are but know nothing of what it means... Some say they are, but are so shallow...
|
|
|
|
|
|
|
|
|
... that others may not quite share either the same level of enthusiasm, or expertise, for a given subject that I do.
On another note ... it is soooooooooooooo good seeing you here once again under your "original" User I. D.
To address your request:
In order to make malevolent code effective within the widest possible potential audience, hackers, and other virus writers, make certain assumptions when authoring their malevolent code. I state here "malevolent" code, because not all hackers, and others, write code that in truth is harmful to your system, but at one and the same time, they could be, and often are, construed as being a virus or similar.
Many of the assumptions that these code writers adopt are based upon a very large set of prescribed "defaults" which are in use daily by most adopters of the Windows Operating System, this regardless of which version of Windows they are using.
Some of these "defaults" are readily apparent to all of us when installing an application, for example ... regardless of the source (developer) of that application, most often (unless directed otherwise by the end-user)
we are prompted to install the application to a named sub-folder within the PROGRAM FILES folder. In some instances we are not given any opportunity to alter that at all, in others we are allowed to "customize" the install, changing parameters such as location of the programme, addition or subtraction of features, whether to run from a CD-ROM and thereby not install to the hard-drive itself. The first choice by the application is the "default", and that choice is determined by the Windows Operating System, and not the application author. So if I wanted to write a virus affecting users of a specific application, I would target the default folder name chosen by the developer, the default location chosen by the Operating System, and then the actual file name of the application itself as written by the author. Understandably if the application resides somewhere other than the "default" then there is lesser likelihood of the virus affecting the targeted application.
Other "defaults" within the Windows Operating System that affect a virus' ability to infect a given machine are:
Personal Documents, Images, Audio and Video folders. Currently under Windows'2003, Windows'XP and Windws'2000 these reside within a top-level folder entitled Documents and Settings as a sub-folder within the "default" User Profile, this latter being whichever profile is active at the time of system startup. The folders themselves are almost always universally entitled "My Documents", "My Pictures", "My Music" and "My Video". So a malevolent code writer simply has to write a routine that targets all, or any sub-set of, file(s) within those established defaults to infect your machine whenever an end-user opens a previously saved file within one of those folders.
Another assumption (reflected by number of users rather than a system default (but for out purposes may be assumed to be the case) allows Hackers feel end-users will employ Microsoft Word, or Excel, or Access, or similar, to open files saved in their "native-format" (the format an application normally used by the end-user on their system would adopt when saving a file to their hard-drive), which in Word would be *.doc. Hackers logically write malevolent code affecting all files on a given end-user's system if they have been created and saved in the .doc format. This is especially true of malevolent Scripts and ActiveX components. If a file is converted from .doc to something else (I suggest ascii-format plain text) then during conversion any Scripts (malevolent and otherwise) are stripped from the original document during that conversion. Too, by adopting a format other than the default, it is less likely that a hacker will target that particular format, my example being plain-text, but it would also apply to .sam, .lwp, .wk? (Lotus), .wp?, .dat (WordPerfect) and others.
This assumption of how an end-user will handle a file is at the heart of the issue with e-Mail attachments, with this largely being determined by defaults within the Web-browser and e-Mail Clients being used to receive (and possibly view) them. Microsoft's Internet Explorer and Outlook (Express) rely most heavily on system defaults as determined by the Windows Operating System, whereas many (but not all) alternative Web-browsers and e-Mail Clients do not. For example, the mozilla.org (the one I'm most familiar with) group of Web-browsers and e-mail Clients (which now number around 20, or so, in it's various flavours of Operating System and differing GUI's and feature-sets) all employ the Gecko Rendering Engine to place, view, manipulate and otherwise handle all content in or out of the application being used. The GRE is fully independent of the Windows Operating System, and in truth will probably form the basis of a forthcoming operating System alternative being considered by the OpenSource community. This is not to say that the GRE doesn't have it's share of problems, because it does, but Security and related issues are far less severe and more likely to be addressed quickly, than similar issues in the Windows Operating System which both Internet Explorer and Outlook (Express) rely upon.
Examples of applications other than Internet Explorer and Outlook (Express) that rely extensively upon system defaults determined by the Windows Operating System include AOL's Web-browser, their AIM and ICq Instant Messaging Clients, IncrediMail, Microsoft Exchange, Microsoft NetMeeting, Microsoft Chat and V-Chat Clients, Microsoft Office, Excite Private Messenger, Norton (Symantec) applications regardless of their nature, whether Virus Scanners, PDI's, FAX, Utilities and otherwise, Lycos Community Desktop and Instant Messaging Clients, Yahoo! Companion (and daily) to a far lesser degree Yahoo! Messenger, with Yahoo! porting more and more of their internal sub-routines to non native Microsoft technologies.
Some which do not rely to a significant degree upon Windows and it's system defaults (or at worst offer the ability to define defaults others than those pre-set by the system) include Qualcomm's Eudora, Lotus's SmartSuite, Mail Notes and Domino, WordPerfect Suite, PegasusMail, all mozilla.org and opensource.net applications, McAfee and Network Associates applications, Computer Associates and their applications, F-Prot, Thunderbird and Panda Virus Scanners.
To address the issue of .jpeg and .gif virus', the GRE (one of those I mention above handle these files in a manner that prohibits malevolent code from being activated on an end-users system. Similarly, executables such as those ending in file extensions like .exe, .sys and .com are severely restricted within the GRE and less likely to prompt the infection of an end-users system because of malevolent code. This is by design, and effected through code within the GRE itself. An end-user must purposefully allow files of these types to be executed and run within the GRE. It will not natively simply run them, whether arriving as an attachment within an e-mail, or as an extension to whatever is being viewed within the Web-browser. Other's like Opera, and Apple's Safari similarly restrict such activity, whereas Internet Explorer and Outlook (Express) do not.
The current crop of .jpeg and .gif virus' are targeted at end-users of both Internet Explorer and Outlook (Express) and their built-in system defaults. This is not to say that files such as these will not affect an end-user employing an alternative, but simply that the alternative will not run the malevolent code. Which is where the "SaveAs" and changing, if possible, at source the document type, and if not, after the fact, comes in to play. As I mention, we are creatures of habit. If we receive an interesting file or image from someone, we automatically want to share it with others, and unless we rigorously go through the procedure I outlined, whereby each and every attachment and image is saved directly to the hard-drive without being opened, and after scanning converted to a format other than one of the many default choices, passing the file to others may very well be infecting more machines. File conversion by it's very nature, will strip Scripts and unidentified code during the conversion. Regarding images, .mng (animated network graphics format) and .png (portable network graphics format) files cannot imbed malevolent scripts or code. This is one of the reasons behind it's adoption as the "new" standard by the Worldwide Web Consortium (the people who determine what standards will apply to the entire Internet), being royalty free in perpetuity another, unlike .gif and .jpeg which are both currently the subject of copyright and royalty issues.
In summary, if an end-user is serious about wishing to maintain a virus free system then defaults should NEVER, EVER, be readily accepted for anything, not unless those defaults are those the end-user has chosen themselves, and provided they do not in any manner mirror those of the Windows Operating System. Simply choosing "custom" install, and selecting a folder name and location other than what the application developer (author) and the Windows Operating System suggests, will go a long, long, way to thwarting malevolent coders. Saving all files, regardless of their nature and source directly to your hard-drive, scanning them for virus', and then converting the file format will ensure malevolent code does not get propagated through your sharing those files with others.
Hope this helps clarify these issues for everyone.
Warren C. E. Austin
"... comme recherché qu'un délice callipygian"
|
|
|
|
|
|
|
|
timmy
|
 |
Has no life at all |
Location: UK, in Devon
Registered: February 2003
Messages: 13796
|
|
|
Install and keep your virus checker up to date
never open an attachment if you don't know the sender
If possible download the suspected item to disk first and then set your virus checker on it without opening the attachement
kepe your fingers crossed
Author of Queer Me! Halfway Between Flying and Crying - the true story of life for a gay boy in the Swinging Sixties in a British all male Public School
|
|
|
|
|
Goto Forum:
|
] 
A Place of Safety
Search
Help
Register
Login
Home
Um... Stupid question, I'm sure, but... 
