Slashdot Mirror
Melissa Creator tracked using MS's ID numbers?
So last week there was a lot of hype about Microsoft embedding
IDs into documents that would allow tracing of authors.
This week there was hype about Melissa- yet another lame
doomsday macro virus (intentionally not posted here because
I found it stupid). But mix the 2 together, and you get
a story sent to us by stevew: the Melissa Virus can
supposedly be traced
to its creator using those annoying little ids. They don't
have exact details, but the article says that it came from
AOL.
Those who would give up freedom for security will deserve and receive neither.
5-10 years and $350,000? What the f*ck is that? Maybe Microsoft should be slapped with a class action lawsuit for setting up the infrastructure that allowed this virus to spread.
This punishment does NOT fit the crime done. Basically, all this guy did was write some code (if you want to call it that). I will not deny the code was malicious, but we don't know why he did it. I could see someone trying stuff like this "just for the hell of it". Besides, if this guy hadn't done it, that security hole would have remained, and if it had been presented a year from now (presumably when even more people will be using email) it could have been MUCH worse.
Basically, they are setting the punishment based on the fact that is scared the shit out of the FBI and lots of other people, not based on the actual crime commited.
Doesn't it scare people here what can happen to you for programming something on a computer?
In the mean time, in order to get back at him, might I suggest you:
Stop contributing code.
Cancel that membership check.
Cancel that donation check.
Halt shipment of that new hardware you sent.
Stop contributing stories.
Stop making helpful suggestions.
Oh, wait, my bad, you DON'T do any of this. Ok, so that gives you... WHAT right to tell him how to run the site HE built, and HE funded, and HE works full time on?
If YOU, being God and all, feel you can do a BETTER job, then do it. Surely one with your wisdom and 377373 news posting skills can build a better slashdot than slashdot. And when you do, the masses will flock to it... right?
*If you make no effort to help, then DON'T knock a free service provided by the generosity of an (ex)student's heart!*
Jackass...
--
--
Just lurking, thanks!
What happened to privacy? Well, basically commercialism. Microsoft (or just about any company anymore) wants to get as much information as they can on users (refer to that whole banking deal a while back). They've got an OS, office program, various programming programs, all using proprietary file formats. Now considering all this is done with closed source, no specs on the file formats, etc, who's going to know that there's MAC address and whatever else they want to include in your Word document? All the meanwhile, they are crying, "Closed information is the only way to be secure!! Open source means you'll be hacked into!! Arggggggggggh!"
Didn't the original articles on this information being in documents say something like it dated back even into the Windows 3.1 era? So, they've gotten away with it for all these years. And now we're starting to see just what these sort of companies want from us.
Starcraft was sending all kinds of information from the registry to their battle.net servers if you typed an invalid password, as well. Of course they wrap it around, "We did it to help our customers, yeah, that's it, help them." And Intel really just put the ID in the P-III as a replacement for cookies, remember web page settings, sure.
So all this is going on all these years, and people just don't care. They accept the products from giant corporations, and go with it.
With all this going on, Open Source really can take the lead in security/privacy concerns. We need to shout, "Here are our guts, program code, file formats, etc. Critique them, find holes/problems." Only with open sources can people be REALLY sure none of these scrupulous programmers include this sort of information in files.
Your points are very valid regarding current privacy statutes. My point was that this is uncharted waters and the argument could (should?) be made against 3rd party distribution of our unique data without our knowledge.
People are well aware of Caller-ID and there is a publicly available mechanism to disable this feature. I have no problems with that.
I'm not suggesting this argument to get around the crime itself, I'm suggesting it as a way to protect others from being victimized for non-criminal acts that my be unpopular.
If it stands that 3rd parties can "implant" everything you do with an ID that you do not know about or cannot turn off, free anonymous speech will disappear as we know it. That's my main concern.
If you can read this message, your threshold is too low.
I wholeheartedly agree. Many are missing the bigger picture in this instance.
If federal authorities USE this 3rd party tracking mechanism to convict, it will VALIDATE the notion that anyone, as long as they are not law enforcement, can implant people, their ideas, and their works with hidden identifiers to track them down at a later date.
In many respects, this is similar, if not identical to key escrow.
If this evidence IS used against this person, Bell Atlantic/Pac Bell may just start tapping our phone lines TOMORROW with the off chance that we will say something that can be used against us in court. It would be the same thing since it's a 3rd party, NOT law enforcement, invading our privacy to gather evidence against us.
If you can read this message, your threshold is too low.
I'm not sure if use of such GUID's would hold up in court since it is private information gathered by an illegal search. The user did not give permission for his unique ID to be attached to his .doc file. The app (Word) had no just cause to attach this ID either so it's similar to having the feds tap your phone without a warrant.
.doc and posted it online?
While I am not defending this moronic macro virus creator, I do think that utilizing these GUID's is setting a BAD standard in regards to a person's right to publish anonymously.
What's next, they track down the GUID of the person who wrote an anti-Clinton
If you can read this message, your threshold is too low.
This just gets down to the point.. we really need easier ways for government and industry to track our movements. Perhaps something injected into the arm at birth that would constantly relay a signal to a series of receivers? This way we can easily track those evil criminals and bad people and find lost children and do all kinds of good stuff. :-) *sarcasm*
It's not the *writing*, but the willful and knowing *release* of the virus that's a crime.
The Common Law, and I presume most other legal systems, attribute the same intent to the natural consequences of an act as the act itself. Even without any modern "computer" crimes, the release & spread created numerous criminal trespasses against chattels (improper contact with machine), vandalism, and (the law of the individual state permitting) a general common law misdemeanor.
Larceny (theft) probably wouldn't cut it in this case, as an element is the intent to permanently deprive.
hawk, esq.
And no, this isn't legal advice.
While I am probably being paranoid and overly
sceptical, it's way too convinent that the
Win98 ID bug, only uncovered recently, is
suddenly going to be the life saver for solving
the Melissa problem. And all only 2 weeks
before the anti-trust trial resumes.
But, even if this is the case, I really wish
there was something that could be done against
M$ for introducing the entire concept of Word
viruses to the world; if they had introduced
the security needed into the vis basic routines
when they first put out Word 6, things wouldn't
be as rampent now.
Plus, this only goes to show that when only
one company makes all the programs that you use,
it's rather easy to find all the loopholes between
them all. (Hint, there's better, more
established ways to do interprocess communiction
that a propriatary system).
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
Since a word document only has the GUID of the original document author, and all these Word Macro viruses are made by taking somebody else's Word Macro Virus (WMV) document and modifying it, all the GUID does is point back at some guy who wrote the original WMV that was the grandfather of Melissa. See this article
for more details.
The next Cmdr Taco duplicate will be ready soon, but subscribers can beat the rush and see it early!
VI used to read any ".exrc" file in the current directory, which could be used to create macro virii. To the best of my knowledge, this option is now turned off by default. (I don't use vi much...)
Emacs will execute code that is embedded in a file if it has the right tags around it. For example, I have this glob at the end of my .mailrc file:
About 10 years ago, emacs was changed from automatically and silently running this kind of code, to having the code displayed to the user and a y/n prompt given. Before that time, it was possible to trick Emacs's RMAIL command to propogate a virus through email.Still, I am not sure that Emacs's solution is that great. You can still turn the prompting off, and it assumes that the user knows enough about Emacs and Lisp to understand the code.
I think the real difference between OSS and MS is that OSS ran into these problems long before the Internet became aware to the general public.
SPF support for most open source mail servers can be found at libspf2.
Yet another wonderful aspect of this invasion of privacy is that anyone with a clue could frame anyone that person could get a sample doc from. Releasing the Skyrocket address to the net at large was irresponsible behaviour based on what amounts to heresy based on an invasion of privacy.
It's kinda funny to see the letters AOL on anything that has to do with remotely stupid things.
.doc file wich they found on usenet and dont disable macros.
Though I'm still not sure what frightens me the most; "Virus" coders who leave the door open for prosecutors, M$ software that enables people to track down the author of some word document or thousand of alt.sex regulars who open a
Strange Times... the future sure should get funny
Executable documents are just plain wrong.
No, they can be made secure and sometimes they can even be useful (especially when you use interactive documents instead of regular applications, for example in a list that checks the consistency of new entries). The problem is that it is extremely difficult to make this secure, and it looks like Microsoft is not putting much effort in making VBA programs embedded in Office documents very secure.
Netscape is quite successful at making HTML+Java/-script quite safe. They are not perfect, as the technology is evolving much too quick, but it is definately a proof-of-concept.
(The above paragraph should not leave you with the impression that using Javascript on a HTML page is a good thing - of course you should use LML and Javascript is evil).
Visual Basic is not part of the HTML standard... what you are talking about is a virus that ONLY affects Windows users who are running MS IE.
Good thing too. Isn't this what Darwinism is all about? Hee hee.. don't see NEARLY as many virii on Linux or MacOS (nasty exception: HK automount virus).
Anyways, back to my point... VB is the same rotten core found in Office - HTML has nothing to do with it. The "finder" of this virus tried to whip up a media scare about HTML, and FAILED...
As far as I'm concerned, who cares! Its an invasion of privacy none-the-less.
The Microsoft security website all but explained to this virus author how he should write his virus.
Microsoft Security Bulletin 99-002 points out the "vulnerability in Word 97 which could permit macros to run without warning the user when the user opens a document based on a template containing macros." Melissa modifies Word templates to do exactly this.
Microsoft's webpage continues with the warning "A malicious hacker could exploit this vulnerability to cause malicious macro code to be run without warning if a user opens a Word attachment that was sent by a malicious hacker..."
This security bulletin was posted to the Microsoft Knowledge Base on January 21, 1999.
Buried in their website, the page lamely suggests that "all affected customers" - i.e., every one of the tens of millions of Word users! - "download the patch to protect their computers." Those customers have had over two months to do exactly that, and the tiny fraction who did are presumably at least partially immune to Melissa's spread.
Posting to an obscure security webpage hints on what might make an effective virus - a virus for which the only fix is tens of millions of separate patch downloads - is asking for trouble. Microsoft created the problem by coding a laughably insecure macro language into their applications. And they may have turned the potential problem into a real one by calling attention to it.
"Security through obscurity" is never desirable, but when the system is already as broken as the Microsoft macro language and when the user community doesn't give a damn about applying patches, it might have been a better alternative.
(Credit to TBTF for the link.)
Jamie McCarthy
Jamie McCarthy
jamie.mccarthy.vg
So how should we feel about this? The ZDnet article only discusses the facts of the situation, which is as if should be, though there's a slight air of "this privacy-invading software feature helped catch a bad guy so it's OK" to it.
Is it good that the author's been traced? yeah, I suppose so. Doesn't matter all that much really, but I dislike viruses and their authors as much as the next person. If there's good enough proof that this is the author, and some damage can be shown, then I suppose I'm all for prosecuting.
But I care a lot less about that than about the way they caught him. It seems to me we can't just go along, and say what the ZDnet article seems, ever so slightly, to be implying: that it's all right for MS (and by extension, Intel) to build identifiers like this into their products so that anything people who use those products do is traceable, just because once it helped catch someone who was doing something illegal. That's like saying "sure, the FBI can go ahead and install a wiretap on everyone's phone--fine by me, I'm not doing anything illegal, and only people who are would have to worry about that." I don't think anyone in their right mind would agree to something like that; and it violates all the principles on which our legal system is founded: "presumed innocent until proven guilty."
It's good that they caught the author of the virus, if that were all that this meant. But it's not. I hope they don't try to prosecute unless they obtain stronger evidence, through more valid means; and if they do prosecute, I hope they don't try to use the Office-ID-number-trace in court. If they do, we're all going to have to start worrying. And looking over our shoulders.
Pancakes is the better part of valor.
I would tend to believe that someone who is
stupid enough to write on WordBasic for self-expression (and what other purpose such viruses have), doesn't probably know enough
of hex editors to falsificate GUID.
And why care about some ID number while you
are willingfully sending out big chunks of
arbitrary information from your computer with
word file (which can contain your dialup password,
private mail and even secring.pgp), waiting
only for someone with LAOLA to investigate it.
I have recieved reports from catdoc users, that
they was able to read future plans of their bosses, which wasn't intended to be sent just now.
Imagine surprise of boss when emploee begin to
discuss with him plans, which weren't even send
(in boss opinion)
First off, well said, Mr. Madin.
This piece clearly implies that the MSID is a powerful law enforcement tool on the Digital Frontier. (BTW, I thought the out-of-nowhere references to the FBI were a nice touch.) That idea doesn't hold water, for a number of reasons. Apparently, ZD will gratuitously reinforce their message with questionable stuff like that FBI reference, but won't do the homework necessary to refute arguments that logically arise from their implied assertion.
If they can be refuted, I don't think they can.
First, there's no reason this will ever trap another hacker again, malicious or not. None. Anyone smart enough to write a Word97 macro is smart enough to obtain their own MAC address, scan the file for it, and remove it.
Is the address encrypted? The article doesn't say, which leads me to believe that it's not. Even if they do end up encrypting the thing, how hard will it be to decrypt? The only people you'll track down with this will be script kiddies killing time. Hackers knowledgeable enough to do genuine damage to a defended infrastructure are knowledgeable enough to find this ID and neutralize it.
"But that doesn't apply to the Intel ID," I can hear the ZD sycophants opine, "the Intel ID is a hardware ID, and no hacker can erase that!"
Fair enough. And the MAC address isn't?
In order for this ID to be useful in tracking down the origin of a virus, it has to be propagated in a file. Any file can be searched and have its contents modified. Period. The kind of ID you have makes no difference after it's overwritten.
So this ID will only end up in documents that are:
So the only people the ID can track are law-abiding citizens who don't care to remove the ID because their intentions are not malicious. Now why would you want to track them?
The answer is left as an exercise to the reader.
phil
On a tangent, I have to say that any virus that strikes only Outlook users must be seen as beneficial in the global sense.
Only Microsoft could have taken a task as simple (by design!) as reading e-mail and evolve it into a beast that takes at least 8 MB of memory when running. Strangely enough, even Microsoft's own Outlook Express tool is far lighter and friendlier, without making you feel like you're firing up Word just to read an email.
"Less is More" evidently isn't a design addage that is used much at Microsoft.
Microsoft has been warned over and over by the Windows security community (which, believe it or not, is alive and well) about security issues surrounding "active" content. But Microsoft is not one company (but then again, is any) to pay attention to any outside concern that do not address it own needs.
While the evolution of Office macro language to VBA may be seem as a good thing, allowing the same code to unify all Office apps and use all features in a wholesome manner, the combined effect of VBA and the "webfication" of Office brings forth security issues far beyond a Melissa.
Think about Melissa virus as a test and about its creator as script kid. The next virus will not be so harmless(the documented effect of Melissa is the slashdotting of some mail servers and a few hard undeserved words being screamed in corporations corridors) nor will its author be so reckless.
Naturally I am assuming above that the GUID found points to right machine. Wouldn't it be funny if it doesn't? Remember, the number points to a machine. And it can easily be faked (there is even a specific C++ function in the COM API to generate GUIDs. It works in the absence of network cards).
As for privacy, we should pay close attention to the development of all this. This is a mediatic demo for IDs and also for Clipper chips (so that the "bad guys" can be traced, right?). The supporters of those features and technologies will certanly use this as a showcase.
Quoting Masem:
While I am probably being paranoid and overly sceptical, it's way too convinent that the Win98 ID bug, only uncovered recently, is suddenly going to be the life saver for solving the Melissa problem.
The M$ GUID will not solve the Melissa virus from spreading. That will go on as long as one person has not taken the proper precautions.
All the GUID does is help catch the criminal who created the virus (assuming the GUID is accurate and was not forged).
Actually, the GUID creates more problems. If you want to help solve crimes in a similar manner, it would be beneficial to have wire taps and other eavesdropping devices in everyone's home. That way, if anyone in the United States mentions terrorism, they can be promptly arrested for plotting terrorist acts.
All the GUID is is Big Bro looking over your shoulder. That's not a comfortable feeling for me.
This latest development will certainly put privacy issues in regards to electronic forums to the forefront again.
~afniv
"Man könnte froh sein, wenn die Luft so rein wäre wie das Bier"
~afniv
"Man könnte froh sein, wenn die Luft so rein wäre wie das Bier"
Richard von Weizs
Of course, you're only vulnerable if you're running Windows. So, it's an HTML-borne virus that makes use of a Windows security hole. Doesn't matter if you have armor plated walls if the foundation is rotten.
I have an idea.
lets expose a major security hole in one of our products,
to let everyone see that GUID is a good thing.
hell, they made security holes in purpose to make GUID useful.
They planned it all along, ofcourse,
they knew GUID would be exposed, so made it possible for them to say:
"You need GUID because our products are bad and have many exploits for crackers to play with"
it reminds me when Microsoft bragged that NT servers had failsafe modes,
and when a server crashes,
another server can replace it.
If NT servers didnt crash so often nobody would care.
---
---
I'm going to live forever, or die in the attempt.
You would think that Exchange server administrators would be smart enough to at least start filtering attachments or running a virus scan on incoming traffic. I guess not, since M$ themselves were offline yesterday...
It's interesting that other collaboration/e-mail packages such as Lotus Notes and Eudora are unaffected by these problems....
Why are M$ products *designed* to be so blatantly insecure? I'm sure the basic principles of program security have been around for ages... why motivates M$ to deliberately ignore them?
It's not coincidence that issues like the GUID are troubling us now... these technologies were created for specific purposes... and look how easy it was for two non-M$ people to track down the creator of the Melissa docs.
Conspiracy theories, my ass. More than enough evidence to go on here.
"Kinky sex involves the use of duck feathers. Perverted sex involves the whole duck." - Lewis Grizzard
This is the worst kind of bloat I can imagine - a fancy text editor mated to a BASIC interpreter. Granted the usefulness of an integrated development environment in your word processor, it is doubly insane to permit programs to run automatically when the document is opened. While it is possible to disables macros in Word, this is not the default. 90% of users don't use macros (unless they are infected), so why couldn't MS change just one bit in its ditribution from ON to OFF and do some serious good toward slowing the spread of macro viruses?
The really sad thing is you can't sue them. They create an obviously deficient product, one which they could easily have changed to prevent material harm to their customers, yet they are not liable. But let somebody pour coffee all over their genitals, and Ronald McDonald is paying to the tune of $n*1E6.
What's really laughable is this patch. It simply changes Word so that when you open a document with a macro, Word says "This document contains macros. Would you like to disable them?" It gives no clue what effect these macros may have. This is a fix?
Mike
--
Mike
--
"Wi nøt trei a høliday in Sweden this yër?"
hmmm.... The timing of these incidents seems a little too coincidental. "If it wasn't for those GUID's secretly embedded in MS Office documents, we may have never tracked down this evil perpertrator", says Joe Researcher, on his way to the bank to cash in his check from billg. "Thank goodness for GUID's!"
or maybe i've had too much coffee this morning - my paranoia settings could need some recalibration.
Having read the article I can't help wondering how hard the original virus writer would find it to change the GUID in his original file. If someone can extract the GUID from files on a website what is to stop the original author creating the original infected document and then changing its GUID to that belonging to a different instance of Office. And given the prevelence of AOL free membership CD's and the ease with which a poster to USENET can fake their address is it any wonder the original source appears to be an AOL (l)user.
Kithran
Interesting opinion. I think it's pretty interesting, considering it points out how M$'s shoddy products lead to security holes. Granted, the
Executable documents are just plain wrong.
--
--
Jason Eric Pierce
First, the existence of the GUID in Word documents was not "recently discovered." It's part of the spec, and it's been known about for a long time.
What was discovered is that the GUID is transmitted to MS during the registration process.
Of course, the likelihood that the macro writer registered his copy of Windows using his real name and address is probably.... zero. So it's doubtful that MS has any record that GUID.
Which begs the question... What is the basis for ZDNet's claim that the GUID was used to "track" the document back to its creator?
More likely, they used the NNTP headers to get some hints about where to look, and when THAT trail led somewhere, they compared GUID's and thus established an apparent connection.
The real issue is not the recently discovered transmission of the GUID to MS during registration, it's the existence of the GUID itself that can reveal more about information than you realize. It's not "big brother," it's just bad design. And sloppy reporting.
> Virus writers and crackers need to be given some serious jail time and fines.
Agreed. Virus writers are like people shouting fire in a crowded theatre. They probably don't intend to really hurt anyone, but they know they are "playing with fire," so to speak. So if their actions hurt others they should be held accountable.
That said, I'd rather let the virus writer get away with it than have every Office document carry a unique ID traceable to the author. Americans are too freely giving up their privacy. Time to fight back.
Questionable particularly in the light of the "most widespread PC virus attack ever."
Here at CNET the decision was suddenly made this week to unilaterally roll out Outlook to all employees (Eudora was standard until now). What could the advantage of that change possibly be? Eudora is relatively small, reliable, and featureful; Outlook is enormous and crash-prone.
Backroom deal with Microsoft?
.. although the guy apparently has a history of
spreading virii, there is no proof that it was him..
because of the publicity regarding the UID's, anyone
smart enough to engineer this type of thing would
be smart enough to be able to cover their tracks..
The ZDNet artice claims that the MAC address is 'proof',
but any semi-literate coder would know that it's pretty
simple to change a MAC address (software settable..)
All they have is circumstantial evidence, so anyone who's
foolish enough to say "see the UIDS are good" is going to
be proven to look the fool when he's aquitted.
If the authorities push this, I hope the guy brings
a huge civil lawsuit against MS for invasion of privacy.
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. Historical Review of Pennsylvania [1759] -- njl
So they've traced the author of the document by the ID numbers. This information CAN be forged, you know. There is a reason we don't allow random wiretaps in the US, beyond the whole privacy issue. Its because the simple discussion of a crime or thought of a crime is not in and of itself a crime, and therefore that can't be used against someone unless such a crime is committed.
.exe files, or attachments of any form you're not familiar with (as they can be exe files in disguise)
However, if a crime IS committed, and such wiretaps were in place, any person who had recently mentioned something even remotely similar in innoncent conversation while tapped would be instantly suspect, and with such a "likely prospect" prosecution would focus on that individual and neglect other leads which would be more realistic.
However, if wiretaps are common practice, a clever criminal will find a way to bypass them, or use them to broadcast false information, and end up implicating innocents of crimes they commit. Remember, the reason that wiretaps are effective now is that on the rare event that they are used, under court order, the suspect does not expect them and in many cases won't be prepared.
However, in the case of a court ordered wiretap, the police and/or prosecution already must have some probable cause to believe that the suspect is involved in a crime and that a wiretap would be beneficial to further evidence. Although this theory is pretty easy to get around, the police can get into serious civil trouble if too many "false alarms" are presented.
You occassionally hear about a search/seisure that went wrong. The wrong house was raided, torn apart and nothing was found which presents evidence of a crime. The victims of this false raid have rights to legal compensation for the intrusion. This simply won't happen too often under today's guidelines.
So if we come along and say that ID's are OK because we can trace criminals, we've gotten into the habit of invading the privacy of the innocent to weed out the guilty, even when no crime has taken place. If this can be attributed to a an
"illegal wiretap", then the evidence which lead to the aol account and all evidence which followed up as a result of that could get thrown out of court by a clever lawyer.
The real solution isn't really tracking down the virus writers anyway. Virus will always be with us. There is ZERO way to eliminate them completely, or to completely prevent new ones from being developed. Besides, it is remarkably simple to prevent getting infected, even if you don't have a virus scanner. It all comes down to a matter of trust.
Almost all of this stuff starts because some idiot, and yes, I mean IDIOT downloads a virus from some complete stranger, and is compelled to spread this virus to all his friends. This is the same fool who time and again will forward hoaxes to everyone he knows just because since it came over the internet it MUST be for real. For this problem there are two solutions. Either discover the the problem trait and eliminate it from the gene pool, or determine which people you know are reliable and don't ever accept attachments from anyone else.
Don't send word documents in email. I get so annoyed when people send me a 4 meg word document which has 10k worth of text in it. Do you think I'm going to waste my time reading it? I don't even have an installed copy of word, so its hardly important to me. Anyone who automatically assumes I will have office9? installed is not someone I wish to do business with. Forget the fact that half the time I don't even know what format the document is in, and don't think I'm going to spend any amount of time figuring it out.
The only attachments I will ever look at are images. THATS IT. I consider email a method of transfering text. That's INFORMATION in a form I can easily desseminate and text is the lowest common denominator in size and has the highest compression rate. If I absolutely NEED to see some huge picture, just give me a link to it and I'll make the decision to waste the bandwidth on it.
I have made a policy of reacting violently (in a verbal way) to anyone who sends me trash like this. I make it very clear, in no uncertain terms, that if they send me such information again I will prevent them from sending me ANYTHING again. Its amazing how able people are to distingush between hoaxes and legitimate information once you've made it clear what you don't want. Why is it then that they send it to you in the first place?
Ok.. Here's my list of things to avoid. If you get it, delete it.
- ALL spam, spam of all colors, it tastes just as bad. Don't reply from a legit mail account to complain, just delete it and forget about it.
- ANY attachments other than very small pictures. Most email readers will decode pictures and display them automatically, while it will display a link for other attachments. Don't accept word documents,
- Don't accept programs from ANYONE over icq or IRC. It doesn't matter WHAT it is or WHO sent it to you. Even if they're not trying to screw you over, you have no idea where they got it from or what might have infected their system previously and therefore the file they're sending you. Even if they're your best friend, you really don't know for sure. Ask them where they got the file from and download it from that source yourself. If they received it from someone else and don't know the source, then its automatically suspect already.
Don't let anyone use your computer for ANY reason, with the exception of the system administrator if you're in a work environment. People who bring over a floppy disk, insert it in your computer and bring up a program or any other file could be infecting your computer. We have networks these days guys, you don't need to transfer files around on floppies anymore. Also, people who use your computer for chatting can also download and run programs, no matter how much effort you put into avoiding it.
Avoid microsoft products. They're the greatest threat to the security of any environment. If you must use them, consider them to be insecure. Don't trust them for any tasks which must be fail-safe, and assume you'll have to reboot often and reload occasionally.
Backup early, backup often, and keep your backups safe.
-Restil
restil@alignment.net
Play with my webcams and lights here
The ZDNet story reports that the GUID has traced back to an AOL user--however most users on AOL access the Internet via modems, and have no Ethernet card! (It suprises me that this caveat is not mentioned in the ZDNet article.) The GUID is likely identical to many other dial-up users.
Also, since GUIDs are based on MAC address, GUIDs are tied to a specific computer (or more correctly, a specific Ethernet card)--not a specific user. This creates an interesting twist in a computer lab environment.
And even then, MAC addresses can be faked. Or, if the GUID is stored in (I'm guessing) the Windows Registry, it's even easier to change.
For these reasons, GUIDs are meaningless. It is a poorly designed user tracking mechanism that doesn't work. The only reason one should fear GUIDs is that they may be used as evidence which may lead to false prosecution by the ignorant.
---BTW, the GUID is not Microsoft application specific. GUIDs are available as part of Microsoft's API's, and are used in many non-Microsoft applications. Look around a little and you'll see.