Author: Alan J. Flavell Date: To: Exim User's Mailing List Subject: RE: [exim] Securing Email for the prying eyes of any government
On Tue, 11 Jan 2005, Greg A. Woods wrote:
> In fact we've already had several instances of encrypted junk,
> though so far only within encrypted ZIP files, IIRC.
We intercepted a passworded .rar file only yesterday. It claimed to
be porno, but presumably it was a trojan at heart :-{
> Expect more, lots more, and with lots more variations.
Indeed. So what's the story in Tobermory?
> The only real solution to viruses and worms will be when the world
> finally wakes up and realizes that end-user system security is an
> absolute necessity, even when it gets in the way of simplicity and
> ease of use.
If only...
> Maybe more encrypted malware e-mail will help that learning
> process along, or maybe it'll take decades longer than anyone might
> hope.
The implication of that seems to be that we should remove all the
mailer's defences forthwith, and let the users fester in their own
mess until they learn the folly of their ways. It certainly has its
appeal - but unfortunately, the ones whose behaviour suggests that
they are the most eager to compromise their own security, would be the
ones who are in a position to tell the human resources department that
our services are no longer required.
Did I mention the guy (fortunately not from our own campus!) who was
overheard telling how one of his major research grant applications got
totally screwed up because his teenage son was downloading games from
the internet, onto the home computer where he kept all his important
business documents for preparing research grant applications? He
didn't even seem to perceive the crass incongruity of his story,
preferring rather to put it down to the general malice of "the
internet".
