--On Sunday, August 24, 2003 9:32 PM -0400 Olin Lathrop wrote: >>> What's the big deal? Just don't open unexpected attachments. >> >> 0: because it looks very genuine > > A genuine what? Any .PIF attachment is pretty much guaranteed to be a > virus. Just don't open attachments unless they are a file type that can't > hurt you (like .JPG, .GIF, .TXT, etc). A .PIF definitely CAN hurt you, > which is about the only reason they are sent via email. This was not easily spotted, original email headers looked like a genuine "undeliverables". Further the PIF was hidden inside another attachment. Because I am a curious character I wanted to see what the exe would so I tried to rename it to something not dangerous and voila it added a .PIF onto the end no matter what I named it to. Interesting code this one wiped the boot sector from your disk. I thought this was worth warning the LIST about seeing as it came through the LISTs email server. If I get another one like this which comes through the LISTs email server then I will do exactly the same. > >> 1: because it is not detected by latest virus scanner > > Virus scanners are worse than useless because of exactly this excuse. At > best, they can only tell you about viruses they already know about. At > worst they let a variant slip thru, mess up your system, and give you a > false sense of security. Rubbish! I am connected 24/7 and run both a firewall and AV scanner. If you are forced to use Windows then you need this. I have been saved several times and would have been trashed numerous times over if not for this. > I guess they are better than nothing for complete idiots, but common sense > is far better than any virus scanner. Have to disagree with this, numerous sites have both malicious Java and JS code in them and there are so many holes in all of the browsers that all the common sense in the world can't stop them. I work at a university where I am exposed to hundreds of viruses especially around exam/assignment time. Further I don't have the luxury to delete an email because simply because it looks suspicious so its a no brainer that I need to be careful. >> 2: because if you use MS outlook or outlook express >> it will be opened and run automatically! > > No, it won't. You have to take explicit action to "open" an attachment. > MSO/E does display the contents of some types of image file attachments in > line, but these image files only contain data and no executable > information and are therefore safe. Yes it will...if like most pepople you have the "preview pane" open then attachments will get run or at least they used to when I gave up on Outlook a year or so ago. > I get about 3-5 viruses per week, and frankly they're pretty easy to spot. Real men don't eat quiche :-) jon -- http://www.piclist.com hint: To leave the PICList mailto:piclist-unsubscribe-request@mitvma.mit.edu