Results 1 to 12 of 12
  1. #1
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Thwarting viruses

    (Dear moderator, my first post here; please move this to another forum if I have made a poor chocie; thanks)

    In today's virus climate I would consider paying extra fees for an opt-in ISP service that would automatically reduce any virus-affected files to a standard plain text message.

    Thus, for those messages that arrive at VIF.COM with a virus, I would download to my Eudora InBox a message which said, plainly, "The contents of this message were deleted at the request of the receipient, since the message was infected with a virus".

    I would have the choice of deleting the message, or of replying to the sender with my explanation of why I had selected VIF.COM as one of my primary bulwarks against infestation.

    Quite apart from the obvious benefits to me, this practice might actually reduce the transmission of viruses below some critical threshhold.

    My Anti-Virus package (www.grisoft.com), like many others, including, I am sure, my ISP's package, is always more up-to-date than my desktop instalaltion can be.

    Surely if ISP's could be permitted to strip virus infestations before they reach end-users, storage and bandwidth costs might be reduced as a byproduct of limiting the effectiveness of virus transmitters.

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Thwarting viruses

    Chris, I'd be happy to offer that service to you for an appropriate price, as long as you agree never to sue me for missing a virus with the result that your business and/or life is destroyed. Deal?

  3. #3
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    Cairns, Queensland, Australia
    Posts
    885
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Thwarting viruses

    <P ID="edit" class=small>(Edited by Granville on 29-Jan-04 14:20. Sorry, couldn't spell "thought" and "great though" didn't make sense in this context. )</P>That is a great thought Chris. Our corporate email is filtered by SurfControl at the gateway and that certainly reduces the potential loads on out WAN/LAN, aside from reducing the likely spread of viruses. Maybe the concern is that if anything is in place then the ISP would have a liability should users become infected. If nothing is in place then they have no responsibility. <img src=/S/shrug.gif border=0 alt=shrug width=39 height=15>
    Granville

  4. #4
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Thwarting viruses

    > as long as you agree never to sue me

    Agreed.

    While it is true that I could lose my life, or worse, a lucrative deal might slip through, this line of argument can spiral into the "but then, would I want to trust my future with someone who doesn't take anti-virus measures" line of reasoning: who needs $5,000 a day from an idiot, right?

    I suspect I have already agreed to fine print that says my ISP, while taking all reasonable care etc etc etc. Signing another agreement that they will take even more care while removing virus infections isn't a big burden. I've probably agreed to such a scheme by accepoting GriSoft as an anti-virus measure.

    And always, always, the ISP is going to deliver to me an email with the sender's name and subject, date and time of posting, intact. I get to send that back to the sender saying "I know you are trying to communicate with me, but you are infected", and suggesting an alternate channel.

    In the past my correspondents have been happy to hear that I have detected a virus in their system. I'm pretty well at the bottom of the food chain, a mere techie, so it's "Thank heavens Chris found out before we sent emails to anybody important".


    Bottom line: this method ought, all the time, to be cutting out 99% of the propogation of viruses by heading them off at the pass.

    The further up the line the anti-virus kicks in, the better the world is.
    Myself: ineffecetive
    My ISP: effective
    The hacker: very effective, if we apply string theory to them.

  5. #5
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Thwarting viruses

    > concern is that if anything is in place then the ISP would have a liability

    These types of concerns are valid, and should be addressed.

    When I step back I see "myself and my ISP" working together against "the hacker" (or, if you want, "the spammer").

    I'm in business with my ISP. My ISP wants to keep me happy, and I want to retain the excellent service. I have to work on the premise that the ISP is not malicious, and is looking out for my interests.

    My responsibility for not getting infected is still my responsibility. If my ISP is willing to help me, than I'm being irresponsible by not accepting.

    I am, of course, willing to sign away my pitiful life on some form of legal agreement that says my ISP won't gurantee 100% accuracy. 50% would take a load off my mind right now.

    Note too that it will always take some time (hours?) for the anti-virus group to detect a new virus and release the fix. Some viruses are going to get through because they access the unsuspecting public before the public can react. That's no different from the 'flu, SARS, avian flu etc etc etc. In real life we agree to measures such as up-stream quarantine. Why not here?

  6. #6
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Thwarting viruses

    > The hacker: very effective, if we apply string theory to them.

    After 24 more hours of deleting "Hi", "Test" and "Hello" I'm ready to change parties. I'm warming up to the opinion that I'd like to collaborate in a REALLY good virus that did the old get rid of the-fat routine on user's hard drives.

    [Bad Mood]
    I can't help but think that a lot of the virusses I receive come from those "friends" who so happliy forward to me the latest inane joke or picture, with my email address right up there in the CC or TO list. I can't say that I hate anyone, not even the second ex-, but I sure do feel it is way past time to purge hard disks of the ability to propogate viruses. I'd have to listen to a few people complain, orally, but there'd be less crap coming down the line.
    [What, you thought that would get me out of my Bad Mood? Think again!]

  7. #7
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,577
    Thanks
    5
    Thanked 1,057 Times in 926 Posts

    Re: Thwarting viruses

    Chris, Is this for work or home? If home, there are some providers such as MSN (not in any way an endorsement of them) that are bundling AV software in a premium service. With some large ISPs now offering spam filters perhaps they will also offer virus scanners. Can't hurt to ask.

    Joe
    Joe

  8. #8
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Thwarting viruses

    > Is this for work or home?

    It's for (work at) home. My ISP - www.vif.com - already provides a fee-based anti-spam servcie, but I wasn't happy with the configuration. I did send them a copy of my original post to see what response they might have.


    >With some large ISPs now offering ... virus scanners

    Quite so. That's what I thought. While the definition of spam is sometimes dubious, and I've heard of filters redirecting non-spam mail, it seems to me that by the time the anti-virus guys (GriSoft, McAfee et al.) jump on a virus, it really is a virus, and the ISP ought to be given the option of performing a service (deleting the virus) for the user.

    At the risk of repeating myself, I'm not advocating deletion of the message, just the retention of the address data, the subject, and replacement of the body of text. Deletion, of course, of any attachments, but their file names could be entered into the newly fabricated body for informative purposes.

  9. #9
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Thwarting viruses

    > spam filters ... also offer virus scanners

    I'm still in "mulling" mode.

    At my level, there's little difference between spam and virus-infected mail. In both cases I want to see the original message deleted or heavily modified.

    For spam, I couldn't care less if I never saw it again; for virus infections I have mixed doubts.

    Where the sender's name is missing, then it's not from someone I know, so delete the entire message. Where the sender's name is evident, strip the message and pass it to me.

    Bottom line - for any rules-driven spam filtre, it ought to be a simple step to add rules that qualify virus-infections, and what to do about them. My chosen rules would be along the lines of
    1) any virus described by GriSoft, McAfee etc qualifies the message as virus infected.
    2) blank FROM or blank SUBJECT - delete the message.
    3) non-blank FROM AND non-blank SUBJECT, strip the infection and pass on to me bland text; I'll deal with it from there.

    From what I've read/heard, the bulk of the infections carry a common subject or other message characteristic.

  10. #10
    Platinum Lounger
    Join Date
    Nov 2001
    Location
    Vienna, Wien, Austria
    Posts
    5,009
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Thwarting viruses

    FWIW ATT Worldnet offers Brightmail's services. (For all I know that is the same as VIF.) I don't know whether ATT Worldnet (not to be confused with ATT Globalnet) is available in Toronto. HTH
    Gre

  11. #11
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Thwarting viruses

    > available in Toronto.

    Not that i can see, not by "state" code ("ON"), nor bt keying in my local telephone number. Thanks anyway .....

  12. #12
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Thwarting viruses

    Aaaaaaaaaaaaaaaaaargh.

    VIF.COM appears to have implemented my suggestion without telling me, without telling anyone, not even their dear Tech Support! Noone knows just what extents are being blocked until the administrator comes in to work later this afternoon. I'm safe, but bruised.

    Note in particular the phrase containing "Regulation of Investigatory Powers"


    Warning: This message has had one or more attachments removed (BTDT-25.exe). Please read the "vif-Attachment-Warning.txt" attachment(s) for more information.

    hmmm... got the following email. I'll try renaming the file.

    --------------------------------
    Our virus detector has just been triggered by a message you sent:-
    To: cgreaves@vif.com
    Subject: re: Publishing BTDT025
    Date: Mon Feb 9 11:28:02 2004

    One or more of the attachments (BTDT25.exe) are on
    the list of unacceptable attachments for this site and will not have
    been delivered.

    Consider renaming the files or putting them into a "zip" file to avoid
    this constraint.

    The virus detector said this about the message:
    Report: MailScanner: Executable DOS/Windows programs are dangerous in email (BTDT25.exe)



    The attachment reads:

    This is a message from the MailScanner E-Mail Virus Protection Service
    ----------------------------------------------------------------------
    The original e-mail attachment "BTDT25.exe"
    is on the list of unacceptable attachments for this site and has been
    replaced by this warning message.

    Due to limitations placed on us by the Regulation of Investigatory Powers
    Act 2000, we were unable to keep a copy of the original attachment.

    At Mon Feb 9 11:28:02 2004 the virus scanner said:
    MailScanner: Executable DOS/Windows programs are dangerous in email (BTDT25.exe)

    --
    Postmaster

    MailScanner thanks transtec Computers for their support


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •