[unisog] Pen testers after my own heart...

Martin Sapsed m.sapsed at bangor.ac.uk
Tue Jun 13 08:28:01 GMT 2006


David McBride wrote:
> At least part of the problem here is not that the users are deliberately 
> running untrusted code found on a discarded USB key, but rather that 
> their shell is doing it for them!

Not necessarily. Given the number of in-duh-viduals willing to extract 
malware from zip files requiring passwords, attached to e-mails written 
in Inklish, don't assume that the problem here wasn't the users...

Regards,

Martin

-- 
Martin Sapsed				
Microcomputer Support Manager
IT Services                          "Who do you say that I am?"
University of Wales, Bangor                    Jesus of Nazareth

-- 
Gall y neges e-bost hon, ac unrhyw atodiadau a anfonwyd gyda hi,
gynnwys deunydd cyfrinachol ac wedi eu bwriadu i'w defnyddio'n unig
gan y sawl y cawsant eu cyfeirio ato (atynt). Os ydych wedi derbyn y
neges e-bost hon trwy gamgymeriad, rhowch wybod i'r anfonwr ar
unwaith a dilëwch y neges. Os na fwriadwyd anfon y neges atoch chi,
rhaid i chi beidio â defnyddio, cadw neu ddatgelu unrhyw wybodaeth a
gynhwysir ynddi. Mae unrhyw farn neu safbwynt yn eiddo i'r sawl a'i
hanfonodd yn unig  ac nid yw o anghenraid yn cynrychioli barn
Prifysgol Cymru, Bangor. Nid yw Prifysgol Cymru, Bangor yn gwarantu
bod y neges e-bost hon neu unrhyw atodiadau yn rhydd rhag firysau neu
100% yn ddiogel. Oni bai fod hyn wedi ei ddatgan yn uniongyrchol yn
nhestun yr e-bost, nid bwriad y neges e-bost hon yw ffurfio contract
rhwymol - mae rhestr o lofnodwyr awdurdodedig ar gael o Swyddfa
Cyllid Prifysgol Cymru, Bangor.  www.bangor.ac.uk

This email and any attachments may contain confidential material and
is solely for the use of the intended recipient(s).  If you have
received this email in error, please notify the sender immediately
and delete this email.  If you are not the intended recipient(s), you
must not use, retain or disclose any information contained in this
email.  Any views or opinions are solely those of the sender and do
not necessarily represent those of the University of Wales, Bangor.
The University of Wales, Bangor does not guarantee that this email or
any attachments are free from viruses or 100% secure.  Unless
expressly stated in the body of the text of the email, this email is
not intended to form a binding contract - a list of authorised
signatories is available from the University of Wales, Bangor Finance
Office.  www.bangor.ac.uk



More information about the unisog mailing list