From: Steve Marak samarak at arachne.uark.edu> on 2002.08.19 at 03:04:55(9224)
Krzysztof, and everyone,
Without turning this into a technical discussion of vira, you are of
course technically correct - so long as data is not EXECUTED, it really
doesn't matter if it's a virus or not, so true image files can't carry a
virus without some sort of auxillary mechanism to extract and execute it.
And I'm not aware of any in-the-wild vira written to be hidden in image
file types for that reason.
But, as you no doubt know, there are many vira for the Windows world which
work by appearing to the unsuspecting user as an image or audio or text
file while actually being executable. It's not actually a virus in an
image file, but it sure looks that way to the victim.
I think what Alan was getting at - as he, Scott, and I have discussed - is
that for all practical purposes, if we start allowing any sort of
attachments on Aroid-L, to some degree we're now playing the virus game.
Neither we nor NCSU, obviously, can take any responsibility for whether a
virus slips through and damages someone's system. But with text only the
odds are very very much in our favor. With attachments ... do we blow
everything out to you guys without even looking at it? Doesn't sound
right. Do we take the time to look at every JPEG that comes through, to be
sure that "pycnospatha.JPEG" is really that and not something from a XXX
adult site, or a hot stock tip?
Several lists I'm on disallow images on the main list, but set up a second
list specifically for images. Those who wish - and have the access speed
to support it - can join, those who don't don't. We've thought about that,
but were concerned that it might inadvertantly take some discussion with
it. Comments?
Steve
| +More |
|
On Sun, 18 Aug 2002, Krzysztof Kozminski wrote:
> On Sunday, August 18, 2002, at 11:56 AM, Alan Galloway wrote:
>
> > There are a number of things we have to take into consideration when
> > it comes to allowing pictures to be posted to the list,
> > including such things as (but not limited to):
> > - viruses can easily be transmitted within images
>
> Uh, I doubt it very much. Images are usually data, not executables.
> Could you provide a reference to a single virus spread, e.g., by
...
> Doesn't matter anyhow, being nice to people with slow modems is a
> good enough reason not to allow large messages.
>
> > - everyone doesn't have fast access to download large images
>
> Yup, this, IMHO, trumps any arguments for allowing images. Mine
> (below) included :-)
>
> > - what standard format should be set
>
> Easy: JPEG.
>
> > - the amount of space required to archive messages with pictures
> > in them.
>
> As the CarTalk guys say: booooogus! A 80GB disk is nowadays about
> $120 according to yahoo shopping. My entire website
-- Steve Marak
-- samarak@arachne.uark.edu
|
IAS on Facebook
IAS on Instagram
