If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#141
|
|||
|
|||
On Thu, 2 Oct 2003 21:58:25 -0400, Keith R. Williams
wrote: I convince them by refusing to read their spam. It's unbelievable that spammers use HTLM for email. Why unbelievable? The use of HTML in email actually provides them with an excellent way to tell if you're active or not. Some of them embed image links with address specific ID. If you're using some of them security-less client, those images get loaded the moment you even preview/look at the email. All the spammer has to do is conduct periodic scan of their httpd logs to harvest the list of active email accounts to resell/reuse for higher value returns on advertising.... :P -- L.Angel: I'm looking for web design work. If you need basic to med complexity webpages at affordable rates, email me Standard HTML, SHTML, MySQL + PHP or ASP, Javascript. If you really want, FrontPage & DreamWeaver too. But keep in mind you pay extra bandwidth for their bloated code |
#142
|
|||
|
|||
On Sun, 05 Oct 2003 04:23:18 GMT,
(The little lost angel) wrote: On Fri, 03 Oct 2003 22:44:26 GMT, (George Macdonald) wrote: On a related note, I saw where the U. Aberta got a bloody nose from the industry a few weeks ago for announcing it was offering a virus writing course. Symantec, McAfee et.al. snorted, huffed and puffed about how they would never consider any such person as a potential employee. Why wouldn't they? Virus writers are the very people keeping them in business no? Or was it just some spin doctoring to maintain the public illusion that they are not sponsoring/employing any such 'professionals' :PppP I dunno but I guess it must be something to do with their "image". U.A. seemed to think that the skills woul be useful for a professional virus "hunter" I guess but the industry thought not or didn't want the stigma. Rgds, George Macdonald "Just because they're paranoid doesn't mean you're not psychotic" - Who, me?? |
#143
|
|||
|
|||
On Sun, 05 Oct 2003 04:27:27 GMT,
(The little lost angel) wrote: On Thu, 2 Oct 2003 21:58:25 -0400, Keith R. Williams wrote: I convince them by refusing to read their spam. It's unbelievable that spammers use HTLM for email. Why unbelievable? The use of HTML in email actually provides them with an excellent way to tell if you're active or not. Some of them embed image links with address specific ID. If you're using some of them security-less client, those images get loaded the moment you even preview/look at the email. All the spammer has to do is conduct periodic scan of their httpd logs to harvest the list of active email accounts to resell/reuse for higher value returns on advertising.... :P Can they actually get e-mail addresses from such hits? Do any of the current browsers/e-mail allow or default to that? Personally I prefer separate e-mail software, like Eudora with the Microsoft Viewer turned off at the office but at home I use Mozilla 1.4 with HTML turned down. Rgds, George Macdonald "Just because they're paranoid doesn't mean you're not psychotic" - Who, me?? |
#144
|
|||
|
|||
On Fri, 03 Oct 2003 22:44:26 GMT,
(George Macdonald) wrote: On Fri, 03 Oct 2003 06:50:40 GMT, Tony Hill wrote: Agreed. I've received a number of Word documents that I needed and that were sent by relatively trusted sources which ended up being infected by viruses. Not a problem, my AV software picked it up right away and safely removed the virus, but without AV software my PC definitely would have been infected. One case in particular I remember was a class assignment sent out by a professor. In fact, not just any professor, this was a CS class and a CS professor that sent the virus. Ok, maybe the CS professor shouldn't have been sending out assignments in MS Word format, but it wasn't like I could just ignore any work he sent out on those grounds. Hmmm, that's a tricky one.:-) Is it wise to inform your CS prof that his computer is infected with a virus? So.... how'd you handle it then? Yup, passed on a quick (and polite : ) note to the prof, as did some others I guess, because he did clean it up. Point being though, I never would have known without my virus scanner. Document was from a (semi) trustworthy source and it was a document I needed. If I had followed the advice of the "virus scanners are only good for cleaning up after you get infected" people, I wouldn't have noticed right off the bat, would have infected my PC and possibly lost important data. On a related note, I saw where the U. Aberta got a bloody nose from the industry a few weeks ago for announcing it was offering a virus writing course. Symantec, McAfee et.al. snorted, huffed and puffed about how they would never consider any such person as a potential employee. I've gotta say that I found it a bit of an odd choice (I seem to remember it being just a section of a course on computer security though, but my memory is a touch foggy about this story). I don't know that it will really lead to any increase of viruses in the wild, and Symantec, McAfee et. al were definitely over-reacting and could probably benefit most from an employee from said course. Still, seemed like an odd thing to teach. Kind of like having a course on breaking and entering in law school : ------------- Tony Hill hilla underscore 20 at yahoo dot ca |
#145
|
|||
|
|||
On Fri, 03 Oct 2003 22:06:09 -0400, Stacey wrote:
Tony Hill wrote: I'm moving in a few days time and will be back behind my good ol' faithful Linux gateway/firewall (albeit one needing several patches to fix the recent OpenSSH and OpenSSL security vulnerabilities, but Debian makes that a dead-easy job). Are you running OpenSSH on the hostile side of the firewall? If so why? Usually no, only on the local "clean" side. However, I do turn it on from time to time when I need to access my PC remotely. Either way, I don't like taking chances. ------------- Tony Hill hilla underscore 20 at yahoo dot ca |
#146
|
|||
|
|||
On Sun, 05 Oct 2003 12:16:37 GMT,
(George Macdonald) wrote: On Sun, 05 Oct 2003 04:27:27 GMT, (The little lost angel) wrote: Why unbelievable? The use of HTML in email actually provides them with an excellent way to tell if you're active or not. Some of them embed image links with address specific ID. If you're using some of them security-less client, those images get loaded the moment you even preview/look at the email. All the spammer has to do is conduct periodic scan of their httpd logs to harvest the list of active email accounts to resell/reuse for higher value returns on advertising.... :P Can they actually get e-mail addresses from such hits? You better believe they can. " Who cares if it's not a real image URL, the client still tries to open it and the spammer has your e-mail address. If the spammer so desires, they can even send back a 1x1 image that you'll never notice. Do any of the current browsers/e-mail allow or default to that? I'm not aware of any HTML-capable e-mail client that DOESN'T default to this. Personally I prefer separate e-mail software, like Eudora with the Microsoft Viewer turned off at the office but at home I use Mozilla 1.4 with HTML turned down. Most e-mail clients allow you to block remote images, but you have to turn it on. Yahoo lets you block remote images, but again you have to turn it on. I believe that Hotmail can automatically detect some "tracking image" links like this, but not all of them, though they do have the option to turn off all remote image loading. Note though that this is NOT the only way that they can do it. There are other HTML tags that spammers can embed in their code that will give them your e-mail address unless your client uses some fairly strict policies about what it does and does not do as far as HTML display goes. ------------- Tony Hill hilla underscore 20 at yahoo dot ca |
#147
|
|||
|
|||
In article , fammacd=!
says... On Sun, 05 Oct 2003 04:23:18 GMT, (The little lost angel) wrote: On Fri, 03 Oct 2003 22:44:26 GMT, (George Macdonald) wrote: On a related note, I saw where the U. Aberta got a bloody nose from the industry a few weeks ago for announcing it was offering a virus writing course. Symantec, McAfee et.al. snorted, huffed and puffed about how they would never consider any such person as a potential employee. Why wouldn't they? Virus writers are the very people keeping them in business no? Or was it just some spin doctoring to maintain the public illusion that they are not sponsoring/employing any such 'professionals' :PppP I dunno but I guess it must be something to do with their "image". U.A. seemed to think that the skills woul be useful for a professional virus "hunter" I guess but the industry thought not or didn't want the stigma. Perhaps M$ needs such skills for OS architects. -- Keith |
#149
|
|||
|
|||
The little lost angel wrote:
On Sun, 05 Oct 2003 12:16:37 GMT, (George Macdonald) wrote: Can they actually get e-mail addresses from such hits? Do any of the current browsers/e-mail allow or default to that? Personally I prefer separate e-mail software, like Eudora with the Microsoft Viewer turned off at the office but at home I use Mozilla 1.4 with HTML turned down. Oh yesh, if you have some kind of http server running with logs on, try assessing it with a invalid document with your email address i.e. Then look at your log, the request will be there. Of course, if I'm running a professional spamming outfit, I would just make the img src a script file that tags the address automatically. Some uses hashed codes that matches their internal database so that you don't notice it straight off. Even if you turn off image loading, I have the feeling they can still do it by embedding a request for a non-existent style sheet or something else. There just ain't no way of escaping them HTML spammers short of using a non-HTML email reader. You can use pretty much any mail/news app so long as you also use a firewall that blocks the app from anything but necessary traffic. For example, I use Norton Internet Security to give Mozilla Thunderbird access to *only* the ports needed to access the mail and news servers I use, and use of those ports is restricted to accessing *only* those servers. If I receive an HTML message, Thunderbird will display the HTML, but cannot communicate back to a spammer's server for *anything*. Among other things this means I can't see images in HTML messages, but that is no price at all to pay since no one but spammers ever sends me HTML that wants to load images. |
#150
|
|||
|
|||
On Sun, 05 Oct 2003 15:38:51 GMT, Tony Hill
wrote: On Sun, 05 Oct 2003 12:16:37 GMT, (George Macdonald) wrote: On Sun, 05 Oct 2003 04:27:27 GMT, (The little lost angel) wrote: Why unbelievable? The use of HTML in email actually provides them with an excellent way to tell if you're active or not. Some of them embed image links with address specific ID. If you're using some of them security-less client, those images get loaded the moment you even preview/look at the email. All the spammer has to do is conduct periodic scan of their httpd logs to harvest the list of active email accounts to resell/reuse for higher value returns on advertising.... :P Can they actually get e-mail addresses from such hits? You better believe they can. " Who cares if it's not a real image URL, the client still tries to open it and the spammer has your e-mail address. If the spammer so desires, they can even send back a 1x1 image that you'll never notice. That's the e-mail address which was used to send the msg - no? Looking at Mozilla 1.4, which I'm running (the U. Essen version with the patch for the GDI resource caching/leak - Bug 204374) there are several security settings that allow various levels of e-mail presentation but I don't see anything which says basically: do not allow my e-mail address to be sent out. It's also not clear, and apparently undocumented, what the "Simple HTML" setting allows for in e-mail msgs. snip Note though that this is NOT the only way that they can do it. There are other HTML tags that spammers can embed in their code that will give them your e-mail address unless your client uses some fairly strict policies about what it does and does not do as far as HTML display goes. But is this e-mail address being pulled from the browser/e-mail software's records as set up by the user? As suggested above it would seem fairly simple to just have an option which prevents or at least asks permission to send out your e-mail address??? In fact, is there any good reason to have an e-mail HTML or the main browser send out your e-mail address? As noted elsewhere, I'm disgusted with the current fad for HTML e-mail msgs but everyone at the office uses it, as apparently do most other business users. Basically, e-mail is now being abused on a global basis. Nobody at the office seems to be aware of the security implications and they don't want to hear about it since, if they turn off the M$ Viewer in Eudora, they won't be able to see the images that friends send to them.shrug Rgds, George Macdonald "Just because they're paranoid doesn't mean you're not psychotic" - Who, me?? |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Virus email? | Richard Dower | Homebuilt PC's | 5 | November 13th 04 04:49 PM |
"Microsoft email - virus | Echuca | Compaq Computers | 1 | October 18th 04 03:45 AM |
Virus checker in Nero 6 | Bun Mui | Cdr | 10 | May 19th 04 01:02 PM |
DVD-Rom firmware virus infected ? | SLO | Homebuilt PC's | 0 | January 3rd 04 01:47 AM |
Virus | Ron Cook | General Hardware | 2 | October 17th 03 05:18 AM |