[unisog] Fake Redhat update

J. Oquendo sil at infiltrated.net
Tue Nov 23 16:19:19 GMT 2004


On Tue, 23 Nov 2004, STeve Andre' wrote:

> The only defense for this is to teach people a little paranoid, and to
> repeatedly pound into them the fact that *any* "notice" to do something
> to their computer other than through official channels is bad.
>
> But doesn't common sense ever come into play here?  The url isn't from
> a company.  I would hope that most folks would key on that, but likely
> not...
>
> Educating your users, over and over again seems to be the only way
> to deal with this.  Thats what I do.

Even people in "the know" can be fooled. Education comes in handy when
people actually pay attention. I feel sorry for the poor guy who didn't
check his PGP sigs (note the FreeBSD advisory below)... Sure, education
you say?

http://www.derkeiler.com/Mailing-Lists/FreeBSD-Security/2001-02/0808.html
http://monkey.org/openbsd/archive/misc/0101/msg02090.html

I say, competent admins across the board, on the home level, its not as
catastrophic (to an extent) of having say, Yahoo! or eBay or some other
business falling for this junk. And yes, even the big guys sometimes slip.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
GPG Key ID 0x51F9D78D
Fingerprint 2A48 BA18 1851 4C99

CA22 0619 DB63 F2F7 51F9 D78D
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x51F9D78D

sil @ politrix . org    http://www.politrix.org
sil @ infiltrated . net http://www.infiltrated.net

"How can we account for our present situation unless we
believe that men high in this government are concerting
to deliver us to disaster?" Joseph McCarthy "America's
Retreat from Victory"



More information about the unisog mailing list