ATTN: From TheRafters

  • Thread starter Thread starter Sugien
  • Start date Start date
S

Sugien

Not so long ago on this NG, in a post about MP3's and virus I was
telling someone that *yes* they could get a virus by just reading an email
and or post. You however also posted and said that *no* strictly speaking
the a person could *not* get a virus from *just* reading an email or NG
post. To refresh your memory:
http://www.google.com/groups?q=Sugien,virus,email+group:alt.comp.anti-virus+
author:FromTheRafters&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=vo9i7dh55acq37%40corp
..supernews.com&rnum=7
Someone that reads both this NG and ACV and also remembers those posts
emailed me with this that you posted to ACV:

<begin CnP from email>
Stick said:
Is it possible to get a virus by reading a message (without opening any
attachment)?
Click to expand...

Yes, in fact it is even possible to get malware without even
reading the e-mail.

It depends on the e-mail client mostly.

<end CnP from email>

Were you just being factious with the OP? or is it that you condescend
to new users using terms that they understand? Because that you and I and
others more technically inclined when we see "Can I get infected by just
reading an email" we understand that the poster means to ask can they get
infected by just reading an email using a email client that parses the email
and if the email client parses the html and executes any embedded code that
is contained in the *text* of the email written in html *then yes* they can
get infected if *that* is what they mean by getting infected by *just
reading* email. Is that what it is? or do you just give opposite answers or
you argue technical points with those that can understand the difference and
condescend with users that don't know any better? Or am I just not making
the correct correlation between the two posts? I mean I would really like
to know; because you most always seam to be honestly trying to discuss
things from a neutral place without allowing any preconceived notions of
this or that person creep in by what someone else has said about them.
 
Sugien said:
Not so long ago on this NG, in a post about MP3's and virus I was
telling someone that *yes* they could get a virus by just reading an email
and or post. You however also posted and said that *no* strictly speaking
the a person could *not* get a virus from *just* reading an email or NG
post. To refresh your memory:
http://www.google.com/groups?q=Sugien,virus,email+group:alt.comp.anti-virus+
author:FromTheRafters&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=vo9i7dh55acq37%40corp
.supernews.com&rnum=7
Click to expand...

Yes, that was because *just* reading an e-mail isn't what OE, for
instance, does. I was attempting to point out that fact, and also that
someone ealier stating that "*just* reading an e-mail can't infect" isn't
really giving misinformation even though (in agreement with you) that
information would be easily misinterpreted by the average non-tech
user.

I wouldn't just say "No" and leave it at that, as it is too easy to
misinterpret. Also I mentioned that not too long ago someone
did indeed ask that question in one of these newsgroups, so
I can't assume that everyone already knows about autoexecution
exploits.

Actually, that was prior to my seeing Stick's post, and I had to
chuckle a little to myself upon seeing it.
Someone that reads both this NG and ACV and also remembers those posts
emailed me with this that you posted to ACV:

<begin CnP from email>


Yes, in fact it is even possible to get malware without even
reading the e-mail.

It depends on the e-mail client mostly.

<end CnP from email>

Were you just being factious with the OP?
No.

or is it that you condescend
to new users using terms that they understand?
Click to expand...

The OP qualified what he meant by "reading" the e-mail
when he stated (without opening any attachment). Again I
was referring to the fact that it all depends on the e-mail
client. Obviously it would do no good to the OP for me to
make him clarify what he meant by "open" and "attachment".
However, if it were you or someone else more technically
oriented I might mention that "attachment" and "inline content"
are different things as are "open" and "execute".

Obviously if an "attachment" is malicious, and the e-mail client
autoexecutes that attachment ~ the "without opening any
attachment" doesn't apply (as it *must* be opened for execution).
It was obvious again that the OP was asking "without he himself
knowingly opening (executing) any "attachment" (or inline content).

Your point again becomes clear ~ it is easier for a technically
oriented person to try to figure out what a non-technically
oriented person is *really* asking than it is for the latter to
fathom the formers answer if given in technical terms. I try
not to do that if I sense that the poster is not technically
oriented.

If this is what you mean by "condescend", then yes, but
I don't intend to sound 'condescending' when I do so.
Because that you and I and
others more technically inclined when we see "Can I get infected by just
reading an email" we understand that the poster means to ask can they get
infected by just reading an email using a email client that parses the email
and if the email client parses the html and executes any embedded code that
is contained in the *text* of the email written in html *then yes* they can
get infected if *that* is what they mean by getting infected by *just
reading* email. Is that what it is?
Click to expand...

Yes, if I think that that is the question being asked, I will say
yes and usually attempt to expand some.

Well, the OP didn't say "just reading" he said reading without
opening any attachment. An e-mail with embedded script or
with the old "Malformed Header" exploit has nothing to do
so I felt that it was said:
or do you just give opposite answers or
you argue technical points with those that can understand the difference and
condescend with users that don't know any better?
Click to expand...

Yes, I will attempt to speak less technically to posters that
may seem less technically oriented. But I feel that you should
know enough technically to understand that e-mail is textual
data and that it is the program making use of that data that is
at fault for "infecting" users ~ and that *just reading* an e-mail
is opening a file for reading just as it was for the Commodore.
Or am I just not making
the correct correlation between the two posts?
Click to expand...

You make the correct correlation I think. In the first case, I
was replying to you ~ in the second, I was replying to Stick
whom I have assumed isn't that technically savvy. If he was
more technically savvy, he would probably have already
known about autoexecution exploits In addition to that,
I left plenty of room for the OP to ask me to expand on the
point of there possibly being malware that can affect you even
if you *don't* read the e-mail.

(it depends on the e-mail client program)
I mean I would really like
to know; because you most always seam to be honestly trying to discuss
things from a neutral place without allowing any preconceived notions of
this or that person creep in by what someone else has said about them.
Click to expand...

I try to be fair, and if I sound condescending ~ I don't mean to.
Personally, I wouldn't state that "just reading an e-mail can't infect
you" to the average person without any further explanation. Just
because I have always said in here that there are *no* safe filetypes
or extensions. E-mail is textual data, but data can be interpreted as
instructions or even decoded into machine language code by the
program making use of that data. The buffer overflow exploit in
the "Malformed Header" I alluded to is just such a case ~ and
would happen prior to any attempt by the user to even read the
e-mail.

However, the statement "Just reading an e-mail cannot infect you"
is not technically wrong because "just reading" implies that it is not
interpreting the data as instructions (that would be more than "just
reading")
 
FromTheRafters said:
Yes, that was because *just* reading an e-mail isn't what OE, for
instance, does. I was attempting to point out that fact, and also that
someone ealier stating that "*just* reading an e-mail can't infect" isn't
really giving misinformation even though (in agreement with you) that
information would be easily misinterpreted by the average non-tech
user.

I wouldn't just say "No" and leave it at that, as it is too easy to
misinterpret. Also I mentioned that not too long ago someone
did indeed ask that question in one of these newsgroups, so
I can't assume that everyone already knows about autoexecution
exploits.

Actually, that was prior to my seeing Stick's post, and I had to
chuckle a little to myself upon seeing it.


The OP qualified what he meant by "reading" the e-mail
when he stated (without opening any attachment). Again I
was referring to the fact that it all depends on the e-mail
client. Obviously it would do no good to the OP for me to
make him clarify what he meant by "open" and "attachment".
However, if it were you or someone else more technically
oriented I might mention that "attachment" and "inline content"
are different things as are "open" and "execute".

Obviously if an "attachment" is malicious, and the e-mail client
autoexecutes that attachment ~ the "without opening any
attachment" doesn't apply (as it *must* be opened for execution).
It was obvious again that the OP was asking "without he himself
knowingly opening (executing) any "attachment" (or inline content).

Your point again becomes clear ~ it is easier for a technically
oriented person to try to figure out what a non-technically
oriented person is *really* asking than it is for the latter to
fathom the formers answer if given in technical terms. I try
not to do that if I sense that the poster is not technically
oriented.

If this is what you mean by "condescend", then yes, but
I don't intend to sound 'condescending' when I do so.


Yes, if I think that that is the question being asked, I will say
yes and usually attempt to expand some.

Well, the OP didn't say "just reading" he said reading without
opening any attachment. An e-mail with embedded script or
with the old "Malformed Header" exploit has nothing to do


Yes, I will attempt to speak less technically to posters that
may seem less technically oriented. But I feel that you should
know enough technically to understand that e-mail is textual
data and that it is the program making use of that data that is
at fault for "infecting" users ~ and that *just reading* an e-mail
is opening a file for reading just as it was for the Commodore.


You make the correct correlation I think. In the first case, I
was replying to you ~ in the second, I was replying to Stick
whom I have assumed isn't that technically savvy. If he was
more technically savvy, he would probably have already
known about autoexecution exploits In addition to that,
I left plenty of room for the OP to ask me to expand on the
point of there possibly being malware that can affect you even
if you *don't* read the e-mail.

(it depends on the e-mail client program)


I try to be fair, and if I sound condescending ~ I don't mean to.
Personally, I wouldn't state that "just reading an e-mail can't infect
you" to the average person without any further explanation. Just
because I have always said in here that there are *no* safe filetypes
or extensions. E-mail is textual data, but data can be interpreted as
instructions or even decoded into machine language code by the
program making use of that data. The buffer overflow exploit in
the "Malformed Header" I alluded to is just such a case ~ and
would happen prior to any attempt by the user to even read the
e-mail.

However, the statement "Just reading an e-mail cannot infect you"
is not technically wrong because "just reading" implies that it is not
interpreting the data as instructions (that would be more than "just
reading")
Click to expand...

I agree with this post and left it intact so as to allow it to be read in
full context.
 
Back
Top