[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 2 Dec 2013, at 11:22, Adrian Midgley <amidgley@xxxxxxxxx> wrote: > I suppose really an attachment that is a zip file should trigger alarm. ZIP files are useful. In these cases unsolicited files of any sort should trigger alarms as it is such a common attack, and has been for a LONG time. Solicited files can be malware, as a friend found out when she emailed a friend for an Excel file and received an XLS file back quickly as a response (a dumb virus got lucky and happened to send the right file type through but they may well get smarter). But solicited files can also contain malware because it got infected before being sent manually. Oh and thanks to the genius of certain software vendors, even plain text can still be problematic in certain circumstances, so you really need to be aware than any file you open from an unverified source may take over your computer (worse on Windows, and Macs but largely because there is less diversity in how they are lucky to open a file with a given extension, and Linux users marginally less likely to open a file with a tool that mistake data for instructions). So if we can't trust unsolicited files, and we can't trust solicited files.... Basically you want folk to cryptographically sign files they send, and not using some dumb gateway crypto system, but one that verified they lovingly typed in their password and hit send, or use another system with similar difficulty with controls. We use a web service that makes folk login over https to get files, bit of a pain, but it allows us to track who read what, and should it ever be malware we'll be able to say who copied or opened it, it also versions it and very other handy functions, a better way than email, and yes if you are quick you can unshare a file after sending the link (by email if you like) if you didn't mean to. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq