LibTiff Mailing List

Without leaping to any undue conclusions, but sharing Andy's
well founded paranoia:

On Tue, Jan 29, 2008 at 02:09:33PM -0200, Antonio Scuri wrote:
>   I downloaded and scan for virus. It seems to be clean. So I run it.

Do you think that any really sophisticated phish (which this
well fits the pattern of, even if it's not) _would_ show up
in existing virus checkers?

These things wouldn't get very far if they did.

>   It's a nice tag viewer. It still has the same problems of other tagviewers:
>  
> - no source code
> - no EXIF tags
> - no DNG tags

Do you really think that any even half sophisticated phish
would not look like this when you run it?  If it pops up
a dialog that says "haha I'm not a wooden horse", or looks
like something totally different to what you expected to
see, then its not really a _trojan_ is it?

And with all that said, if it was me phishing, and I really
wanted a good haul from my trawling, I'd probably also chum
the waters with a followup, using a different identity that
was 'known' on the list for a couple of months, saying
something like:
"it's ok guys, I checked it out, it's not a pod ...".  ;)

So I'll leave it as an exercise for the reader to figure out
a test that _does_ discriminate genuine naivety from Real Evil
in the presence of even moderate amounts of paranoia...

But for you guys still running windows, Please do be careful.
Your little accidents with things you should never have run
directly equate to the level of my daily spam load (this
message not excluded), among other ills ...

In the meantime, while you are re-installing your system if
you have run this, please resume thinking the world is a nice
place, full of nice people, most of whom aren't quite as
smart as you are, none of which are scheming to out-smart you,
and that everything happens for a reason.[1]

Have a Nice Day !

 Ron

[1] - which of course is not true, but it's a powerful
      antidote to paranoia if you can buy it ... ;)


AWARE [SYSTEMS]		Imaging expertise for the Delphi developer
		TIFF and LibTiff Mailing List Archive
	LibTiff Mailing List TIFF and LibTiff Mailing List Archive January 2008 Previous Thread Next Thread Previous by Thread Next by Thread Previous by Date Next by Date Contact The TIFF Mailing List Homepage This list is run by Frank Warmerdam Archive maintained by AWare Systems	Thread 2008.01.29 11:41 "Test Request", by <inpoem@hotmail.com> 2008.01.29 15:23 "Re: Test Request", by Toby Thain 2008.01.29 15:31 "Re: Test Request", by Andy Cave 2008.01.29 16:09 "Re: Test Request", by Antonio Scuri 2008.01.29 16:26 "Re: Test Request", by Toby Thain 2008.01.29 17:59 "Re: Test Request", by <ron@debian.org> 2008.01.29 16:34 "Re: Test Request", by <inpoem@hotmail.com> 2008.01.29 16:59 "Re: Test Request", by Toby Thain 2008.01.29 18:16 "Re: Test Request", by Gerben Vos 2008.01.29 17:39 "Re: Test Request", by <nandex@gmail.com> 2008.01.29 18:26 "Re: Test Request", by Andy Cave 2008.01.30 03:50 "Re: Test Request", by <inpoem@hotmail.com> 2008.01.29 17:59 "Re: Test Request", by <ron@debian.org> Without leaping to any undue conclusions, but sharing Andy's well founded paranoia: On Tue, Jan 29, 2008 at 02:09:33PM -0200, Antonio Scuri wrote: > I downloaded and scan for virus. It seems to be clean. So I run it. Do you think that any really sophisticated phish (which this well fits the pattern of, even if it's not) _would_ show up in existing virus checkers? These things wouldn't get very far if they did. > It's a nice tag viewer. It still has the same problems of other tagviewers: > > - no source code > - no EXIF tags > - no DNG tags Do you really think that any even half sophisticated phish would not look like this when you run it? If it pops up a dialog that says "haha I'm not a wooden horse", or looks like something totally different to what you expected to see, then its not really a _trojan_ is it? And with all that said, if it was me phishing, and I really wanted a good haul from my trawling, I'd probably also chum the waters with a followup, using a different identity that was 'known' on the list for a couple of months, saying something like: "it's ok guys, I checked it out, it's not a pod ...". ;) So I'll leave it as an exercise for the reader to figure out a test that _does_ discriminate genuine naivety from Real Evil in the presence of even moderate amounts of paranoia... But for you guys still running windows, Please do be careful. Your little accidents with things you should never have run directly equate to the level of my daily spam load (this message not excluded), among other ills ... In the meantime, while you are re-installing your system if you have run this, please resume thinking the world is a nice place, full of nice people, most of whom aren't quite as smart as you are, none of which are scheming to out-smart you, and that everything happens for a reason.[1] Have a Nice Day ! Ron [1] - which of course is not true, but it's a powerful antidote to paranoia if you can buy it ... ;)

LibTiff Mailing List

Thread

2008.01.29 17:59 "Re: Test Request", by <ron@debian.org>