The Register on the “Bagle Worm”
I have a sig file that says “You must be smarter than >—- this stick to put a machine on the Internet”. People who, in this day and age, click on an email attachment in a message with a subject line of “Hi” and a body text that just consists of the line “Test, yep :)” have failed that test.
What the fuck is wrong with you Windows users? I’d say you have the brains of kelp, but that would be an insult to kelp.
Hey, I’m sure Mac users click on them too. The only difference is that nothing happens, but that’s not to the lusers’ credits.
My sister says that you work hard in school and in learning your trade because the competition is tough, you’re told. Then you get out there and discover that the average person is a moron. You wonder how they find their ways home at night. So they can click on attachments.
Vicki nails how the I Love You virus got into our organisation when it first appeared. A Mac user sent the payload to a friend’s Hotmail account saying “I can’t read this, can you?” Her friend was in at work early, and user desktop antivirus signatures had yet to have the overnight update applied. The rest was history (even made the 6:00 news.)
Automated A/V updates now work – they didn’t at the time – and we block web-based mail services as best we can.
The problem with Automated A/V updates is that they breed a false sense of security, and so lusers think it’s ok to keep clicking on crap like this. So along comes the virus that spreads faster than the automated update, and the luser hasn’t just toasted himself, he’s launched a DDOS attack on your whole network.
It would be far better for your company if you made clicking on binary attachments or bringing a virus onto the company LAN grounds for firing.
We still don’t have a fully mature Acceptable Use Policy, but don’t tell anyone I said that.
On the other hand we now: scan with multiple A/V products facing outwards at the mail server and web proxy, and inwards at the file server and user desktop; block access to common web mail interfaces (from Yahoo! and Hotmail down to local ISPs); block downloading of selected content types and password-protected archives or MS Office documents; requires users explicitly release image and media files both in and out to affirm they’re “acceptable”; and hold executables (and archives containing executables) for release by an administrator on request.
All this is irrelevant: at the time most of these safeguards were not in place, some didn’t exist for our environment, and you can be sure that it didn’t occur to Patient Zero that there could possibly be anything wrong with opening the attachment. It was from a friend, after all.