Someone unknown to me "Berniejv@hotmail.com" sent me a file named iginla(1).exe.
Being a big hockey fan, I clicked on it without thinking. Next thing you know, I'm getting "out of memory" messages and my computer is freezing up. Can't prove they're related, but I've since had windows reinstalled and it's working fine. Since whoever it is may have picked up my address from this site, I figured I better post a warning just in case.
Thanks Jeff...and at least it was "iginla" and not "Conroy" or "Chartrand" or.... ;-)
Interesting that you should bring this up. For months now I've been getting emails periodically that look like they could be viruses. Some semi-random subject line and short message body plus an attachment. They come from various and sundry people. The reason I bring this up here is that the only senders I've recognized were Cornell hockey related. Also, someone I know through hockey got a similar virus message (detected by his virus scanner) supposedly from me. Now I read my mail on a Unix box which is virtually impervious to such things so I'm not terribly concerned for myself. But it seems possible that someone has picked up addresses off of the forums.
Anyway, I'm kind of babbling late at night. But the morale is, of course, don't open attachments unless you know and trust the source and the message looks genuine.
Keith,
What makes a Unix box impervious?
Thanks
More or less the same thing that makes a Mac impervious (to 99% of em). The virii are written for Winduhs OSes. Which is easier to do because they all leave gaping flaming security holes that make the lives of admins pure torture. Also, unless you're logged on as root on a unix box, your user probably doesn't have enough permission to do any catastrophic damage.
What Age's vitriolic spewing means is that beacuse of file level security on Unix, even if you could find a unix virus (none are known to exist) *and* were stupid enough to run a virus (not easy given the thoughtful designs of mail clients), you could at most trash your user directory without effecting system wide processes. You files might be munged, but the machine would stay up.
If for no other reason, windows, macos and unix/linux would each have a 33% market share in an ideal world because a monoculture is bad and genetic diversity is good. :)
Of course, this does assume that your linux box doesn't have any unfixed root exploits that allow code executed by an unprivileged user to masquerade as root. But in general, yes, even if a hacker tried to target linux with an email virus they would need to trick the user into running the program, and then if they wanted to destroy anything besides the user's own files, they'd need to try a root exploit and be lucky enough to email it to a system which was still vulnerable to it.
The bottom line is that you should not execute programs mailed to you unless you have a good reason to. The problem is that Windows has associated the same action (double-clicking on an icon) with viewing content people email to you as with executing code. ::rolleyes::
Unfortunately, even non-Windows-users bear some of the brunt of these email attacks, since a popular form of virus these days spreads itself by mailing itself to everyone in the address book of the infected user. ::yark::
> For months now I've been getting emails periodically that look like they could be viruses. Some semi-random subject line and short message body plus an attachment. They come from various and sundry people. The reason I bring this up here is that the only senders I've recognized were Cornell hockey related.
Same here. Also, from time to time I receive both spam- and virus-laden emails with a sender of "(someone I recognize)@(random generated looking suffix)". My paranoia assumes that either they can read my address book or can see the messages I send.
JTW wrote
QuoteOf course, this does assume that your linux box doesn't have any unfixed root exploits that allow code executed by an unprivileged user to masquerade as root.
I have a headache. When we talk about sports I understand you. ::uhoh::
for clarity,
the emails are actually not sent from the people that you get them from. the viruses usually raid an address book on the computer of someone, send the email with the virus attached from say Bob but the email is from the computer that had bob in the address book.
more info can be had from one of the various antivirus program sites. just DL a free antivirus program and enable email protection - u should have no problems as long as you update the definitions every once in a while.
Can you suggest a good free antivirus site?
Greg
I was running Mcafee's Antivirus and then read an article
in the paper by a computer guy that he thought the best
free software was AVG antivirus from www.grisoft.com.
I downloaded it and it works great.
Doug
If your a Cornell student, staff, professor, etc (aka: have an active netID), you're entitled to a free copy of Norton AntiVirus ( http://www.cit.cornell.edu/services/nav/ ) - just in case you didn't know.
I run Norton already. It's okay but crap gets through occasionally. It does have a great update service at least.
i use norton also but stuff that seems to get through doesnt for me. i just get messages when i get a virus in say an attachment - norton takes care of it.
works well for me
of course the definition subscription runs out every 3 months....annoying. there is a way to extend that though...........