Cypherpunks response to viral stimuli

[Riad S. Wahby]

Tyler Durden <camera_lumina at hotmail.com> wrote:
> And then, is it possible to create some kind of filter that stops these 
> replies?

If it's the type of virus that delivers its payload as soon as it's
viewed (relying on bugs in MSOE or whatever), then it's possible that
such a thing could go undetected, especially if AV signatures haven't
been updated to stop it.  Of course, you could also just put a web bug
in an HTML email sent to the list and wait for people to view the
message in the proper viewer (read: MSOE, &c).

Other than relying on bugs (or "features") of the mail client,
however, it seems that any such system relies on the user opening a
malicious attachment.  Any reasonably clueful person knows not to do
this, so the answer to the filter question is yes; lack of stupidity
is a filter that will stop this sort of attack.  Of course, this
assumes that the mail client doesn't automagically execute the
payload; on the other hand, it could be argued that using such a
client is itself an act of stupidity.

There's another answer as well: subscribe to a moderated node that
demimes messages before passing them on.  Viruses won't get through at
all, nor will HTML email.  LNE used demime before its demise;
pro-ns.net and al-qaeda.net do as well.

-- 
Riad Wahby
rsw at jfet.org
MIT VI-2 M.Eng