Mass Mailer Worms Are Dead!

[foxyloxley]

Got this from 'What's new at Ziff Davis'
Just as you think that 'maybe' I'll be OK...........


http://www.eweek.com/article2/0,1759,1607743,00.asp

Mass Mailer Worms Are Dead!

At least that's what our Security topic center editor Larry Seltzer thinks. He says the golden era of Melissa, Netsky and Bagle has come to an end. Why? Because there are no new techniques out there to be exploited, Larry says, and new authentication schemes will kill off the rest of the litter. It's a bold statement, and you'll want to read his well-reasoned argument to decide for yourself. But even if he's right, it's not all smooth sailing ahead. Larry lays out what he's really worrying about, and now that I've read it, I'm shaking, too!

[MrLinus]

# You need to have very old e-mail software that allows executable attachments; this means no Microsoft clients or patches of clients from the last 3 years.
# Neither you nor your ISP can have remotely up-to-date anti-virus software.
# You can't have a firewall (any decent firewall would stop the worm from sending mail).
# Worst of all, you're a user of one of the public P2P networks like KaZaA.

He forgot gulliable users. And there are a lot of users out there with old software and/or outdated AV. The firewall will allow out what the ruleset says. If the rules are to forward messages, how will the firewall know the difference between legitimate emails and non-legit?

Another important point about these worms that I believe has been true for quite some time, months at the least: They're at most a minor problem for enterprises.

Uh. Rumor was that many of these mass mailer worms from last year and this were going to be running in the billions -- EACH. I wouldn't call that minor...

I think he's a little off his rocker and giving a sense of false security.

[cgkanchi]

# Worst of all, you're a user of one of the public P2P networks like KaZaA.

That's a ton of people, isn't it?

Cheers,
cgkanchi

[AngelicKnight]

So he's saying people who keep their firewalls/AVs/OSs up to date will be ok. Gee, that's news! So, has he ever met a real life user?

[Tedob1]

i hope this guy isnt responsible for anything important. (no thank god just ZDnet) he sounds like the people in charge of the patent office at the beginning of the 20th century. they wanted to close down the patent office because they thought everything that could be invented had been. good thing nobody listened to them either

"Because there are no new techniques out there to be exploited"

im in shock someone would say this.

there may not be any new exploits out there 'today' and even if none can be found in existing software they'll come out with something 'new and improved'. with brand new holes to exploit.

[Tiger Shark]

Because there are no new techniques out there to be exploited

Didn't they say that in Troy before they found that pretty little horse......

(Yes, I recently saw the movie..... Historically incorrect but a great yarn... Achilles is protrayed as an absolute machine... fun watch....)

/Back to topic

[Und3ertak3r]

So he's saying people who keep their firewalls/AVs/OSs up to date will be ok

Nooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo!

I nearly have enough saved for a new Notebook, and my next car payment is due..

Roll on user ignorence..

Software fire walls Have to be running 100% of the time. Disable for 1 minute..????
Antivirus progs do fail.. and they generaly update once per week.. if a user only gets online once a fortnight???
Again.. Winduz update is relient on the user being online at least once/one hour per week (when the Vulnerability to malware time is now so low).
I think mass mailers will die only after Chain-eMails die...



Cheers

BTW: Is anyone aware of a prog that will "Harvest" Email Address from your Outlook/OLEXP mailbox and place the results in a spreadsheet or CSV form?

[Tiger Shark]

Undies:

Google: Harvest Email Address Outlook CSV

Then pick your poison......

[jinxy]

Didn't they say that in Troy before they found that pretty little horse

Troy? you mean Cambridge.

I would have said," ho **** it doesn't fit through the gates" best we leave it outside the city.

Where it was used as a battering ram.................just another theory.

[KorpDeath]

Well at least the very best of what we can expect of Ziff-Davis is, as always, the very least of what we can expect from the village idiot. That said, I think they need to hire someone with, at least, some experience with the LUSER community.

Remember the good ol' days when they just reported the news instead of constantly trying to MAKE it?