Peter, you went out of your way to override my Reply-To. Please don't.
I'm setting it again.
Quoting Peter McEvoy (pete at yerma.org):
> On Thu, Mar 04, 2004 at 07:54:16AM -0800, Rick Moen wrote:
> > I worked for many years on MS-Windows without having problems with
> > malware through exercise of basic logic and taking responsibility for
> > processes I chose to run. Although I washed my hands of that OS for
> > other reasons, surely that approach still works.
>> Not really, the rpc worms are one example....
Not really. As a reminder, I said "through exercise of basic logic and
taking responsibilty for processes I chose to run". If I were to run
MS-Windows today, I'd nmap my host before deployment, and then do
whatever's necessary to either shut off or IP-filter any exposed
services for which I didn't want to assume responsibility. If I didn't
know how to do that, I'd find someone who could.
"Assume responsibility" has a couple of obvious implications, among
others: One is to eschew dangerously designed codebases (e.g., the
generally pointless RPC portmapper, MSIE, MS Outlook, MS Outlook
Express). Another is to have a realistic recovery plan in case any
of innumerable things go wrong (current backups, ability to reinstall
all applications). Another is to be generally aware of what is going
on, on your system.
> ...the cruft that you'll gather from simply visiting websites using a
> slightly out of date version of internet explorer is another.
While I was running MS-Windows, I was _absolutely_ unwilling to assume
responsibility for MS Internet Explorer, because it was _notorious_ as a
defectively designed program.
I'm sorry people are unwilling to exercise basic logic and assume
responsibility for what they choose to run, but that doesn't mean it
> And then there's the problem of getting the message to users *not* to
> open attachments they recieve purporting to be from their closest and
To reiterate: There's nothing conceivably dangerous about opening
attachments -- which should not be confused with the mindblowing
stupidity of _executing code_ received over the Internet from random
> It may seem primitive to those in the know but to Joe six pack this
> all seems perfectly legit.
I think you'd be amazed how quickly Joe Sixpack would wise up if his
employer started taking the cost of his computer malfeasances out of his
Cheers, Founding member of the Hyphenation Society, a grassroots-based,
Rick Moen not-for-profit, locally-owned-and-operated, cooperatively-managed,
rick at linuxmafia.com modern-American-English-usage-improvement association.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!