On May 4, 2000 Vadim Vygonets <vadik@???> wrote:
> It's better to filter by matching the Content-Type:
> header-thingie, methinks.
'Fraid not. The content-type of these things is application/octet-stream
The whole thing relies on the fact that some clients when receiving
attachments pay more attention to the file name than they do to the
content-type. So users have grown accustomed to "executing" attachments
that are presented to them as
application/octet-stream
Name "File.txt"
This is the bit of psychology that this worm relies on. Now if people use
mailers which respect content-type properly and/or which display the full
file names if the system will rely on that for what to do, then we
wouldn't have this problem at this scale.
-j
--
Jeffrey Goldberg +44 (0)1234 750 111 x 2826
Cranfield Computer Centre FAX 751 814
J.Goldberg@??? http://WWW.Cranfield.ac.uk/public/cc/cc047/
Relativism is the triumph of authority over truth, convention over justice.
