Press reports regarding "SB/BadBunny-A" virus

Ed Greshko Ed.Greshko at greshko.com
Mon May 28 23:33:04 UTC 2007


D. Hugh Redelmeier wrote:

> | However, the OpenOffice.org community repeats the consistent message from
> | security experts that users should never accept files from unknown
> | sources.
> 
> That is silly advice.

Not really.  I think the wording should be modified to read "never accept or
 open files unless they are coming from a trusted source".  Where "trusted"
means you know the person who sent you the file and you know it came from
that person.

> 1. dangerous things can come (or appear to come) from known sources.

Only if the recipient is careless.  If you get an email from someone that
you know but it is forged you should be able to detect by the content of the
message if it was indeed sent by that person.

All I know is that if someone I know appears to have sent me an email with
an attachment and a quick message saying "Hey, check this out." my guard
would be raised immediately and I'd verify before opening.  If they wrote
more than "Hey, check this out." I'm confident the bogus sender would not be
able to mimic the sender I know.

I also know that I rarely open attachments from certain folks that I do know
and do trust since the attachments they send are forwarded from untrusted
sources.  But, since I know the person, I trust they are careless.  :-)

> 2. it is common practice to share files and there are good reasons to
>    do so.  (This is more useful than any macro capability.)

I don't think that has much to do with the advice given.

> It would appear that the advice is only given to attempt to duck
> responsibility.

Not really.  It is more of an admission that software cannot be trusted to
be 100% bug free and the brains behind the keyboard should be exercised from
time to time.

> The right fix is to the macro feature of Open Office.

Find a bug, fix the bug.

> I seem to remember that this kind of vulnerability was observed and
> eliminated from troff over 20 years ago.
> 


-- 
The surest protection against temptation is cowardice.
		-- Mark Twain




More information about the users mailing list