The Daily Ping

Angry Birds is still not available on The Daily Ping.

June 1st, 2002

Klez

I think I’ve about had it with the Klez virus. It hasn’t gotten nearly as much press as Nimda, Melissa, or ILoveYou, but it’s far more annoying. Not only does it send attachments and one of over a hundred different subject lines/messages (all with trademark crappy grammar), but it sets the FROM: line to a random address from Outlook’s address book (though it also seems to grab it from IE’s web cache). The biggest difference with this virus is that while the others seemed to die out relatively quickly, the Klez virus has been going for a month-and-a-half without slowing down. Today alone I got 10-15 copies of the virus from one person alone!

If you’re using Outlook, please stop. It’s by far the most susceptible for virus attack (a combination of shitty default security and a large user base that encourages virus writers to target it for maximum effectiveness). If everyone in the world that uses Outlook switched to The Bat!, PMMail, or something similar, viruses would come to a near stand-still.

So, starting tomorrow I’m going door-to-door until I meet every Outlook user in the world. See you soon.

Posted in Technology

FROM: Chris
DATE: Saturday June 1, 2002 -- 1:15:09 pm
Amen brother! I use Pocomail, completely immune from spreading Outlook viri. I also deleted my Outlook address book. I also leave all emails over 50K on the server and download them manually. A lot of virus laden emails never get to my PC because the attachements are often over 50K.



FROM: Ryan
DATE: Saturday June 1, 2002 -- 11:23:02 pm
Most of the viruses sent to my main account don't make it through because SpamCop pre-scans them along with the spam filtering. However, the attachment is cleaned and still sent along with the message, so I may have to employ your trick, Chris.



FROM: Paul [E-Mail]
DATE: Sunday June 2, 2002 -- 1:01:03 pm
You know, Chris, I was considering doing that. There are few occasions on which I actually get a 50K+ attachment... but those are the exceptions. Good idea.



FROM: Mike [E-Mail]
DATE: Wednesday June 19, 2002 -- 9:56:23 am
Do you think that if everyone ditched Outlook/Outlook Express (never going to happen), that the virus writers would then just focus their attention on whatever email program takes the baton from Outlook? They focus their attention on finding security flaws in Outlook now because most people use it. If most people used Eudora or The Bat, don't you think the virus writers would move their attention to finding flaws in those programs?



FROM: Yanek
DATE: Wednesday June 19, 2002 -- 10:49:12 am
Mike, true. If everyone started using Eudora, guess what -- the virus writers would start writing viruses that exploited convenience features of that program too. Educating users seems to be an endless and hopeless task -- at least educating mail administrators involves a smaller cross section of the world.



FROM: Ryan
DATE: Wednesday June 19, 2002 -- 1:01:05 pm
Mike and Yanek -- Yes, they would, but they wouldn't be nearly as successful.

1 -- Outlook is by Microsoft. Hackers, in general, aren't M$ fans and attack their products. You don't find too many people saying, "Man, I hate RITLabs -- I'm going to create a virus that The Bat! is vulnerable to." In other words, I think in a lot of cases, the target isn't users (or else we'd see more destructive viruses making their rounds), but rather companies with questionable business practicies and poor security.

2 -- Simply put: Outlook ain't secure. For a program used by so many non-technically oriented people, it should be rock solid in terms of security by default rather than requiring tweaks and fixes to get things to where they should be. Other e-mail clients are built much more with security in mind.



FROM: Yanek
DATE: Wednesday June 19, 2002 -- 1:38:59 pm
Okay, so the issue then is that hackers don't like MS because MS puts out shite software. Fine. Again, if another cmopany came along and overthrew The Man by copying other peoples' ideas and putting out just as shite software that was easier to use and everyone did, hackers would hate these guys.

Outlook ain't secure. Sure, I'll buy that. But damn I think it does a pretty good job with handling my mail. Scheduling meetings. Reminding me of upcoming tasks & events. And oh! Look at that, it's already on my computer from the factory.

Ordinary people don't really like security. They like the idea of security. They like the idea of privacy. But when it actualy comes down to sacrificing features for security, they'll go for the features.

MS' policy has never been to put out easy-to-use software for the masses that was secure. It's goal has been to put out software that was easy-to-use and worked most of the time so people would come to depend upon it. Well they've done a pretty good job at that. Why should they build a rock solid E-Mail/Groupware program, when, without spending that money, they end up with a bigger net profit? When people have had it up to their necks in viruses, THEN they can spend the money to improve the software. In the meantime, the status quo stays. People deal with the viruses because they think they have to.

Back to the ping though. Yes, Klez sucks. I see tons of it being blocked every day. Am I going to quit using Outlook @ home and @ work because you tell me to? Hell no. It works well for me, with my palm, with my other applications so Ill continue using it as it costs me $0. In the meantime I'll have virus software scanning my messages & I won't let Outlook out on port 80.



FROM: Mike [E-Mail]
DATE: Wednesday June 19, 2002 -- 2:48:50 pm
Don't construe my comments as support for Microsoft. I'm currently battling Klez here at work because some jagoff in my office opened it and now it's all over our network.

But I think that while the virus does rely upon shotty software - the virus preys upon the moron who opens an attachment that comes with the text 'here is a game i hope you enjoy.' who the fuck talks like that, and who sends games to each other via email? nobody i know.

solution is a two-fold plan: people get less stupid and microsoft gets their heads out of their billionaire asses.

do virus writers hate Palm, because there are more Palm OS viruses circulating now?

How has AOL managed to not become the subject of the haters out there?

And finally - being the type of person that sees the worst in people: don't you think it's the folks at McAfee and Symantec that are writing these viruses, just to keep their own businesses going?



FROM: Ryan
DATE: Wednesday June 19, 2002 -- 5:27:53 pm
Yanek -- It's not you that I'm worried about using Outlook. It's all the non-techie dimwits that are letting Klez infect them. You say "port 80" to them and they'll look at you with drool dripping from their mouth.

Mike -- Viruses don't necessarily need to pray on people that click on attachments... Bad Things(tm) can happen with preview mode on or with automatic viewing of HTML mail.

Also, Mike, I wouldn't necessarily discount your conspiracy theory. Stranger things have happened.



FROM: Maria
DATE: Thursday June 20, 2002 -- 3:00:57 am
I have been getting about five of these a day at my sbtbsite@yahoo account and they're driving me crazy--and I'm not using Outlook (or anything other than just accessing mail.yahoo.com through my browser, for that matter!) but today I had to mention it, because I received one from laze@dailyping.com. Stupid Klez!



FROM: Ryan
DATE: Monday July 8, 2002 -- 1:26:37 pm
Klez: The new social disease.



What is this then?

The Daily Ping is the web's finest compendium of toilet information and Oreo™® research. Too much? Okay, okay, it's a daily opinion column written by two friends. Did we mention we've been doing this for over ten years? Tell me more!

Most Popular Pings

Last Week's Most Popular Pings

Let's be nice.

© 2000-2011 The Daily Ping, all rights reserved. Tilted sidebar note idea 'adapted' from Panic. Powered by the mighty WordPress.