[Info-vax] "Shanghai Stock Exchange" and OpenVMS

Bill Gunshannon billg999 at cs.uofs.edu
Thu Jan 22 13:20:09 EST 2009 

In article <lqZdl.5901$U5.52829 at newsb.telia.net>,
	Jan-Erik Söderholm   <jan-erik.soderholm at telia.com> writes:
> Richard B. Gilbert wrote:
>> johnwallace4 at yahoo.co.uk wrote:
>>> On Jan 22, 2:38 am, "Richard B. Gilbert" <rgilber... at comcast.net>
>>> wrote:
>>>> koeh... at spock.koehler.athome.net wrote:
>>>>> In article <6thdpsFb03n... at mid.individual.net>, billg... at cs.uofs.edu 
>>>>> (Bill Gunshannon) writes:
>>>>>> How many tmes you going to trot out this same tired story.  Getting 
>>>>>> hit with
>>>>>> a virus is not as much a OS or system problem as it is a user problem.
>>>>>    Which is why we get hit with virii on VMS every day?
>>>>>    Seriously, heavily trained Windows admins have not been able to 
>>>>> protect
>>>>>    our Windows systems.  Not if they're plugged in and turned on.
>>>> You can safely plug them in and turn them on.  It's when you connect
>>>> them to a network that you have to worry about "electronic organisms"
>>>> infecting your Windows systems.
>>>
>>> "It's when you connect them to a network that you have to worry"
>>>
>>> Or also when you allow storage devices or files originating from
>>> another box to be plugged in (eg via CD or USB stick) to the system
>>> we're considering - there are other virus transport mechanisms besides
>>> network connections (maybe you meant that but didn't say it as
>>> such)...
>>>
>>> So the choice would seem to be permanent isolation, or permanent
>>> worry, or keep taking the happy pills. It's obviously unthinkable to
>>> change the underlying OS, right?
>> 
>> Storage devices have been a vector for malware in the past, but you 
>> don't hear much about such incidents any longer!
>> 
>> Once upon at time the mad race to "steal" software fueled the flow of 
>> virii via floppy disks.  While it's still possible, to propagate a virus 
>> in this way, I don't think it's anywhere near as common as it used to be!
> 
> I saw a report from someone a few days ago where he had "fixed"
> an USB-stick so that it would, simply by inserting it into a PC,
> download anything he found "intersting" from the Windows box onto
> the stick. Without using keybord, mouse or antthing else. 

First, I don't believe it.  Just what constitutes "interesting"?
And, writing a program to just grab files could be done, but if 
the PC is set up properly, it will not "Auto-execute" and this will
simply fail.

>                                                           If he
> could do that, he could probably also write anything he liked
> to the PC.

Any decent AV software will stop that as will preventing "Auto-execute"
as mentioned above.  Hint:  if you stick in the driver disk for some
whiz-bang device you bought and it starts the install process all by
itself, your PC is mis-configured.

bill


-- 
Bill Gunshannon          |  de-moc-ra-cy (di mok' ra see) n.  Three wolves
billg999 at cs.scranton.edu |  and a sheep voting on what's for dinner.
University of Scranton   |
Scranton, Pennsylvania   |         #include <std.disclaimer.h>

More information about the Info-vax mailing list