AWARE SYSTEMS
TIFF and LibTiff Mail List Archive

Thread

2008.01.30 03:50 "[Tiff] RE: Test Request", by KimKay
2008.01.29 11:41 "[Tiff] Test Request", by 김경수
2008.01.29 16:59 "Re: [Tiff] Test Request", by Toby Thain
2008.01.29 15:23 "Re: [Tiff] Test Request", by Toby Thain
2008.01.29 15:31 "Re: [Tiff] Test Request", by Andy Cave
2008.01.29 16:09 "RE: [Tiff] Test Request", by Antonio Scuri
2008.01.29 17:59 "Re: [Tiff] Test Request", by Ron
2008.01.29 16:34 "RE: [Tiff] Test Request", by 김경수
2008.01.29 17:39 "Re: [Tiff] Test Request", by NandEx
2008.01.29 16:26 "Re: [Tiff] Test Request", by Toby Thain
2008.01.29 18:16 "Re: [Tiff] Test Request", by Gerben Vos
2008.01.29 18:26 "Re: [Tiff] Test Request", by Andy Cave

2008.01.29 17:59 "Re: [Tiff] Test Request", by Ron

Without leaping to any undue conclusions, but sharing Andy's well founded paranoia:

On Tue, Jan 29, 2008 at 02:09:33PM -0200, Antonio Scuri wrote:

   I downloaded and scan for virus. It seems to be clean. So I run it.

Do you think that any really sophisticated phish (which this well fits the pattern of, even if it's not) _would_ show up in existing virus checkers?

These things wouldn't get very far if they did.

   It's a nice tag viewer. It still has the same problems of other tagviewers:

Do you really think that any even half sophisticated phish would not look like this when you run it? If it pops up a dialog that says "haha I'm not a wooden horse", or looks like something totally different to what you expected to see, then its not really a _trojan_ is it?

And with all that said, if it was me phishing, and I really wanted a good haul from my trawling, I'd probably also chum the waters with a followup, using a different identity that was 'known' on the list for a couple of months, saying something like:

"it's ok guys, I checked it out, it's not a pod ...". ;)

So I'll leave it as an exercise for the reader to figure out a test that _does_ discriminate genuine naivety from Real Evil in the presence of even moderate amounts of paranoia...

But for you guys still running windows, Please do be careful. Your little accidents with things you should never have run directly equate to the level of my daily spam load (this message not excluded), among other ills...

In the meantime, while you are re-installing your system if you have run this, please resume thinking the world is a nice place, full of nice people, most of whom aren't quite as smart as you are, none of which are scheming to out-smart you, and that everything happens for a reason.[1]

Have a Nice Day!

 Ron

[1] - which of course is not true, but it's a powerful
      antidote to paranoia if you can buy it... ;)