Incorrect "virus" detection?

Martin Sapsed m.sapsed at BANGOR.AC.UK
Tue Jul 9 09:45:09 IST 2002


nwp at lemon-computing.com wrote:
> Just how quick do you think it is possible for an AV vendor to be in response
> to the arrival of a new virus?
>
> How likely do you think it is that someone will send them a copy before you
> get a copy, every time?
>
> How badly do you want to avoid getting caught out when you (or your network)
> are sent the latest greatest BIOS-flashing disk-wiping virus?

Sorry to keep banging on back about this but surely the significant thing
is how windows treats the final extension. If we disallow all the
extensions that windows will dumbly execute then it doesn't matter if
someone sends out a monthly spreadsheet ending in .jul.xls, or indeed a
random file ending in .this.that because no matter what's in the file,
windows doesn't (does it?) stupidly execute a file ending in .that?

> How inconvenient is it to educate people that using dots in filenames is
> not a terribly great idea?

It's not a great idea but a load of people do it. When we used to use DOS
wordprocessors, a number of secretaries used the initials of the person the
memo was for as an extension so you'd have memo.fb, memo.js etc not
realising that this meant you only got a backup copy of the last one.

> Your call.

Indeed...

Cheers,

Martin

--
Martin Sapsed                           To have no errors
Information Services                    Would be life without meaning
University of Wales, Bangor, LL57 2UX   No struggle, no joy.



More information about the MailScanner mailing list