Adequacy front page
Stories Diaries Polls Users
Google

Web Adequacy.org
Home About Topics Rejects Abortions
This is an unofficial archive site only. It is no longer maintained. You can not post comments. You can not make an account. Your email will not be read. Please read this page or the footnote if you have questions.
Poll
Most annoying thing about the Internet
Spam 33%
Porn 13%
Pop-up ads 26%
Al Gore 13%
adequacy.org 13%
Viruses 0%

Votes: 15

 Every Virus Warning You'll Ever Need

 Author:  Topic:  Posted:
Apr 03, 2002
 Comments:

Those of you who know me will know that I am the Admin of a small website, SkilmNET.

Mainly, I host websites and user accounts for my friends, and I'm known in my area as kind of a Computer-Guru. In this role, I sometimes receive e-mails from users and less-informed friends to let me know of "new viruses."

Every one of them gets deleted and replied-to in the fashion below.

[zikzak thinks this person should stop crapflooding Adequacy]

diaries

More diaries by skilm
Linux Geeks Take Over
Difficult-to-Learn Computer Topics???
Stupidity

There is nothing more annoying than spam. Useless e-mail clogging up not only your inbox, but your Internet connection has to be the top pet peeve of many computer users. Virus warnings are nothing but well-meaning spam - every one of them that you get from a friend is almost always a hoax.

[zikzak is also sick of posting subtle comments about readers he doesn't like]

I know some of you will tell me that all the virus warnings that you "find" are meaningful and true and that you need to read every single one. This is not the case, and I can tell you right now how to avoid being hit with an e-mail-spread virus.

[zikzak may just make a habit of pissing all over other people's diaries to show his disapproval instead]

Below is a recent virus hoax I received. We will use this as an example, and then talk about general things to avoid.

>>>Someone is sending out a very cute screensaver of the Budweiser Frogs. >>> >>>If you download it, you will lose everything! Your hard drive will crash >>>and someone from the Internet will get your screen name and password! DO >>>NOT DOWNLOAD IT UNDER ANY CIRCUMSTANCES! >>>It just went into circulation yesterday. Please distribute this >>>message.This is a new, very malicious virus and not many people know about >>>it. This information was announced yesterday morning from Microsoft. >>>Please share it with everyone that might access the Internet. >>> >>>Once again, Pass This Along To EVERYONE in your address book so that this >>>may be stopped. AOL has said that this is a very dangerous virus and that >>>there is NO remedy for it at this time.

There are two things about this that immediately hit me as screaming "HOAX!!":

  1. Since when does AOL issue general virus warnings?
  2. Microsoft would never issue an advisory about something that they didn't already have a patch for - they always want people to think that they are on the ball.

That being said, I did a quick search on google just to be sure, and of course it came right up. It just goes to show you, instincts count for a lot ;-)

Ok, now to the most useful part of the article, how to avoid ever getting another e-mail virus. This is a multi-part thing, so follow along.

  1. DON'T OPEN ATTACHMENTS!!

    Attachments is how most viruses are spread. NEVER and I mean NEVER open attachments from someone you don't know, and if it's an attachment from someone you DO know, contact them to make sure that they sent you an attachment. These days, when your friend is infected with an e-mail virus, the virus will mail itself to everyone in his addressbook without his knowledge - so it looks like it's coming from him.

  2. DON'T OPEN ANY E-MAIL FROM PEOPLE YOU DON"T KNOW

    Some e-mail viruses can spread by mearly opening HTML e-mail - no attachments are needed, so be very careful about random e-mails.

  3. MAKE SURE YOUR SOFTWARE IS UP-TO-DATE

    Check for and download updates to your webbrowser, e-mail program, and virus scanners frequently. Out-of-date protection is bad protection.

    ****** FOR THE ULTRA-PARANOID ******

  4. DON'T USE OUTLOOK/OUTLOOK EXPRESS TO READ E-MAIL

    I'm not just bashing Microsoft here - OE constantly has security flaws, and many of the e-mail viruses out there are written specifically to exploit flaws in Outlook. Try switching to Netscape, Mozilla, or Eudora - all of these are very feature-full and similar enough to Outlook that you can pick them up quickly - not to mention they aren't targeted for viruses. Using a web-based e-mail service such as Yahoo! or Excite is also a good way to avoid the flaws in Outlook - use one of their accounts, or contact your ISP about using web-based e-mail. If you MUST use Outlook, make sure you follow rule #3, and keep it up-to-date with the latest security patches.

Well, I hope that this has been helpful to some of you and that I'll never receive another virus hoax e-mail again, although I'm not holding my breath.

Comments are of course always appreciated - you can post them here for everyone, or feel free to e-mail me, linuxboy@bcpl.net.


I have the easiest solution (none / 0) (#1)
by Narcissus on Wed Apr 3rd, 2002 at 07:22:59 PM PST
well 2 of em
1) what ever happened to snail mail?
2) if u want to register something non-essential to ur everyday life where they ask for ur email addy then try making a web-based account like hotmail or yahoo because the mail doesnt ever actually make it to ur machine( well except for a possible VBS or somethin but u should have that disabled in ur browser anyways)




--------------------------------
Ok, who picked the flower???

Modifications (none / 0) (#4)
by The Mad Scientist on Wed Apr 3rd, 2002 at 07:52:04 PM PST
Re 1) - Way way WAY!!! too slow!

Re 2) - Good solution. Even better is to either get your own domain (and receive all mail to that domain, so you can have as many identities in the format of identity@your.domain.com - useful to find who sold you to a spammer when the identity string pairs to whom you gave the address) (can even be a third-level domain, from the dynamic DNS providers like d2g.com), or to get an account powered by ie. qmail, which allows you to make multiple recipients; ie, whey you are "joe@domain.com", you can receive mail also to "joe-spamazon@domain.com" (to which you registered at a well-known privacy-noncompliant book retailer) and to any other joe-identity@domain.com mail. Together with mail filtering scripts (ie, procmail - or any client rules) that allow to neutralize a "compromised" alias it poses a good anti-spam shield. Going to experiment with a modification that would return back a faked message from MAILER-DAEMON that the given address doesn't exist - many spammers take bouncing addresses off their lists. Make them think your server is only a gateway server and fake a returned message from a forged internal server. You can trigger the response even manually, when the spam goes through your defenses.


 
Even more reliable... (none / 0) (#2)
by The Mad Scientist on Wed Apr 3rd, 2002 at 07:30:46 PM PST
...is using a text-based email client (ie, pine) and have another account, possibly on the same machine, which is intended for Outlook or another third-party client and to which mails that require a graphics browser or something that processes the attachments will be forwarded manually.

Has a lot of advantages for me. I can read my mail from anywhere where I have a ssh client (and when I enable telnet access, even from my Nokia Communicator - you know that toy has a full-scale 80x25 characters telnet client built-in?), I am immune against *all* kinds of mailborne virii.

As a decent solution when you have a whole office where everyone uses Outlook/OE for email, you can rename all the attachments to non-executable filenames. My solution keeps a list of known-executable extensions, and appends ".danger" to them. This doesn't protect against javascript worms, but neutralizes everything that requires executable attachment. Very simple, very effective, reduced the incidence of worm-related problems to zero in last 7 months. I wonder why so simple measure isn't standard; apparently it is too difficult to implement for Bill and his Microserfs.


 
Thanks for the Tip, Skip (none / 0) (#3)
by gzt on Wed Apr 3rd, 2002 at 07:38:24 PM PST
I'm glad we here at adequacy.org have decided to discuss a matter of grave importance rather than metaphysics and the political effects of creationist movement. After all, we ARE on the internet, aren't we?

What could be more controversial than lukewarm security platitudes from a snivelling foghat?


 
Al Gore? (5.00 / 1) (#5)
by elenchos on Wed Apr 3rd, 2002 at 07:56:25 PM PST
Just how long have you been down in that basement?


I do, I do, I do
--Bikini Kill


 
Virus protection (none / 0) (#6)
by Anonymous Reader on Wed Apr 3rd, 2002 at 07:56:52 PM PST
Before I use a computer, I always go for the full scrub down, then don the rubber gloves and a mask. Haven't caught a virus yet. This also protects me against snail mail viruses. [Yes, Mr Shortmemory - remember Anthrax?] People tell me I look silly like this at work. But they were doing that before computers.


 
Popup ads rock. (4.50 / 2) (#7)
by poltroon on Wed Apr 3rd, 2002 at 08:39:36 PM PST
Recently I installed some software that nukes popup ads. It makes a very satisfying blasting sound. So, thank God for popup ads!

At my place of work 30% of the outside mail the company receives is spam. So, every morning I spend a few minutes forwarding the pieces that slipped through the filter along to our spam police, which is also a very satisfying, meditative activity. Maybe it is somewhat akin to the rush one feels when reporting drug-dealing teenagers to the police.

You need to chill out and realize the small joys spam can bring to your life.


Two things (none / 0) (#8)
by jvance on Thu Apr 4th, 2002 at 12:11:25 AM PST
1) The illegal hacker browser that I've come to favor recently allows fine-grained control over JavaScript execution. I went to Edit -> Preferences -> Advanced -> Scripts and Windows, and unchecked the box labelled "open unrequested windows." No more popup or popunder ads.

2) With a few exceptions, I no longer accept email that doesn't have my email address in the To: or CC: fields. My spam has dropped from 5-10 messages a day to one every 3 weeks.
--
Adequacy has turned into a cesspool consisting of ... blubbering, superstitious fools arguing with smug, pseudointellectual assholes. -AR

 
Same here (none / 0) (#9)
by walwyn on Thu Apr 4th, 2002 at 02:24:27 AM PST
I receive about 200 emails a day at work and about 6 a year are spam. Its kind of relaxing to forward them on to their posting host and spam cops.

As for hoaxes and alerts I find a simple <a href="http://www.thanksforthemail.com/">link</a> suffices.



 
My word of advice (none / 0) (#10)
by Yoshi on Thu Apr 4th, 2002 at 10:21:45 PM PST
Never, and I mean never, download an .iso (Integrated System de-Operation) file from the internet. These files are common for containing viruses and other pirated material that has been found illegal, such as child pornography, nuclear secrets from our laboratories in Los Alamos, and Red Hate Lunix.

The latter is obviously the most obscene, which, under the right conditions, can completely erase the "partition boot record" of your hard drive and CDROM. This means you will lose all of your Microsoft Money 2002 forms and all of your Excel spreadsheets, and everything else you have installed and purchased over the past year.

The Red Hate virus is also a propagating mechanism, using its own builtin DDOS routines like 'ls' (Limit Services) to limit the bandwidth of popular American e-commerce sites like eBay and Amazon.com. Please, stay as far away from the Red Hate virus and any derivatives of itself (because its sauce code is widely distributed under the Marx agreement, many Red Hate clones have been made and distributed). Anything that identifies itself as 'GNU-compatible' (be it by themselves or if Norton applies the tagline) is at risk for distributing the virus. Please, by all means, DO NOT DOWNLOAD .ISO FILES.


I give up (none / 0) (#11)
by skilm on Thu Apr 4th, 2002 at 11:36:29 PM PST
Ok Yoshi, why don't you tell us who you REALLY are...?


-------------------------------------------------

Bread + Egg Nog = Bread Nog

Can't you tell? (none / 0) (#12)
by jvance on Fri Apr 5th, 2002 at 12:15:28 AM PST
He's Donald Knuth. Either that or Andrew Tanenbaum.
--
Adequacy has turned into a cesspool consisting of ... blubbering, superstitious fools arguing with smug, pseudointellectual assholes. -AR

But I thought... (5.00 / 1) (#17)
by because it isnt on Fri Apr 5th, 2002 at 06:41:18 AM PST
...he was Eva Haberman? Someone was saying that on Adequacy.


Wait a minute, it was you. And now you're at it again! What kind of sick thrills do you get from lying about people? Leave poor Yoshi alone, you name-pervert!
adequacy.org -- because it isn't

 
#!/usr/bin/perl (none / 0) (#13)
by budlite on Fri Apr 5th, 2002 at 02:53:51 AM PST
if ($STUPIDREPLY) {
print "Purifying gene pool\n";
system("cat Yoshi > /dev/null");
print "Gene pool now pure\n";
}


#!/usr/bin/lart (4.00 / 1) (#14)
by because it isnt on Fri Apr 5th, 2002 at 03:48:00 AM PST
if (written_in_code(user.response())) {
    user.lart(500);
    user.browser.goto("http://slashdot.org/");
    user.browser.lock();
}

adequacy.org -- because it isn't

Touche! (1.00 / 1) (#15)
by budlite on Fri Apr 5th, 2002 at 04:14:34 AM PST
but you see my point is valid, no?


Er, no. (none / 0) (#16)
by because it isnt on Fri Apr 5th, 2002 at 06:09:30 AM PST
but you see my point is valid, no?

You should just be like Roy Walker, say what you see. Adequacy is not Slashdot. You don't need to write your message up in code or haiku to sound clever.

Here, watch:

Yoshi, you are the Jeffery Archer of operating systems. You are the Jonathan Aitken of truth. Please, take your fantasies somewhere they'll be appreciated.

If you need something more succinct, try "pls die tks. hand."
adequacy.org -- because it isn't

Please... (none / 0) (#18)
by derek3000 on Fri Apr 5th, 2002 at 02:09:29 PM PST
tell me what HAND means. And there's usually something that goes along with it, right? Please tell me--I'm sick of feeling left out!


----------------
"Feel me when I bring it!" --Gay Jamie

hand (none / 0) (#19)
by because it isnt on Mon Apr 8th, 2002 at 04:00:13 AM PST
tell me what HAND means.

It means "have a nice day". Whenever you stop talking to an American and leave, they say "have a nice day". It's a reflex action, or something.

And there's usually something that goes along with it, right?

Well, there might be, but usually I've walked away from the American by the time they say "have a nice day" to me.
adequacy.org -- because it isn't

 

All trademarks and copyrights on this page are owned by their respective companies. Comments are owned by the Poster. The Rest ® 2001, 2002, 2003 Adequacy.org. The Adequacy.org name, logo, symbol, and taglines "News for Grown-Ups", "Most Controversial Site on the Internet", "Linux Zealot", and "He just loves Open Source Software", and the RGB color value: D7D7D7 are trademarks of Adequacy.org. No part of this site may be republished or reproduced in whatever form without prior written permission by Adequacy.org and, if and when applicable, prior written permission by the contributing author(s), artist(s), or user(s). Any inquiries are directed to legal@adequacy.org.