It's another plus point to archiving to optical media - the trojan could attack back-up mp3 files on a spare HDD when it was connected to sync
I think that explicit chmod +x would be too much for a normal Windows user. After all those years of double-clicking the .exe files, you could hardly persuade them that this is an improvement.
The extension stealing problem has been much worse in the past IMO. Today, applications generally behave friendlier I think.
If the read only status depends only on software, one cannot be completely sure.
Quote from: j7n on 29 July, 2008, 04:14:11 AMIf the read only status depends only on software, one cannot be completely sure.Even hardware-based write-protection is not foolproof. For example, CHDK [custom Canon firmware] can write to an SD/SDHC card even with the write-protect switch enabled.
Based on the behaviour you reported for this malware, I can only see this effecting people that are very computer illiterate or just plain stupid.
Quote from: JunkieXL on 17 July, 2008, 05:55:40 PMBased on the behaviour you reported for this malware, I can only see this effecting people that are very computer illiterate or just plain stupid.In those times I sometimes ask myself if there's difference between both categories.
IMHO, this is getting ridiculous. You don't go skiing without training. You mustn't drive a car without a license. But most people who buy a PC, a device so powerful so and advanced, and they think they could just use it. Everyone is "studid" when he/she does something for the first time. But most PC users don't try to change that. The results are topics like this one or the W32.Blaster story. If the first version of that worm hadn't been coded so badly, consequences would have been much worse. Most users didn't even know that this behaviour was caused by a virus, that it could be aborted with shutdown -a, and that a patch from MS, that had been out for quite some time when Blaster was recent, existed.
Well, so i thought myself. Until a friend of mine, whom i set up his PC for personally - including installing Antivirus software, Firefox and so forth - installed a different fake codec a while ago, infecting himself with some trojan. He is your average PC user, far from being PC illiterate or stupid. He was just not aware of the dangers when he installed that. I think that outside a minority of users who really know about all the dangers implied with internet use, the vast majority of people have no idea that such a codec download could lead to a trojan infection. They probably think it's just another notice, like a new Java version, flash player, or whatever else pops up these days.
Interesting. Please explain to me how IE will run something without me doing anything. (BTW: Since i am "smart", i of course dont have outlook, nor do i use a mail client which uses its engine - same for scripting host, scheduler, addressbook, etc.).