[unisog] The danger of Klez warnings

Frank da Cruz fdc at columbia.edu
Thu Sep 12 14:38:21 GMT 2002


"Hall, Rand" <rand at merrimack.edu> Wrote:

> > From: Joseph Brennan [mailto:brennan at columbia.edu]
> 
> > We have found ourselves in the position of changing users' addresses
> > because of Klez virus warnings.  Not Klez-- we can identify and reject
> > that-- but Klez warnings.
> > 
> > This will be the second one who needs a new address,
> > with all the notifying to friends and associates that is involved.
> 
> Are you sure this will have a positive net effect? One that outweighs the
> pain of changing addresses? It would seem highly likely that your user's
> notification to "friends" will simply add the new address to the infected
> person's address book.
> 
> > You all might want to check what your system does when it gets a Klez
> > message.
> 
> Indeed. It should be a best practice to disable "sender notifications." Best
> practice also dictates that we ensure continuously updated anti-virus is
> installed on every PC we have influence over.
> 
> What are you all doing with the rejected Klez-infected messages? Why not put
> together a pubic service SWAT team of cheap labor (students) to track down
> and educate the infected?
> 
At some point one wonders when the advantages of PC-based email (principally
automatic display of graphical enclosures) begin to outweigh the drawbacks
(the incalculable cost in human effort, lost work, etc, that are lamented at
length every day on this list)

You can have all the SWAT teams you want "educating" PC users on campus; you
can have PCs auto-updating themselves every 30 seconds until the Internet
wires melt; you can even have a highly trained security expert standing next
to every PC user all the time, and it still won't stop the spread of viruses
by PC-based email.

This is just a gentle reminder that on university campuses where everybody
has access to central servers, they can still use Pine, MM, EMACS RMAIL, VMS
MAIL, and other host-and-text-based email clients without ever having to
worry about viruses -- neither getting them nor passing them along.

I have a Windows PC on my desk that's on and connected to the Internet
24 hours a day and deal with hundreds of e-mails per day, and never get,
nor give, nor pass on a virus.  As explained here:

  http://www.columbia.edu/kermit/safe.html

I do this by taking advantage of the central services that are available
to everybody and by following a few simple safety rules.  It's not hard --
it's the way everybody used to use computers and email just a few short
years ago, and it still works.

- Frank



More information about the unisog mailing list