Download Everyday Practical Electronics - 2000.09 - Vol

News . . .
A roundup of the latest Everyday
News from the world of
electronics
CAN E-MAILS CARRY VIRUSES?
Following on from recent headline-hitting virus attacks, Barry Fox
asks an all-important question.
that most people and companies
N
(except some PR folk!) are waking up
to the risks of sending binary files as EOW
mail attachments, the question most commonly asked is – can a virus hide inside an
E-mail sent as plain ASCII text, or in the
rich text format that wordprocessors like
Word provide as a save option.
Graham Cluley of anti-virus company
Sophos has tried to clear the air for us. At
the same time he makes positive suggestions and warnings.
Text and RTF Safe
Plain ASCII text is 100 per cent safe; but
if someone sends an HTML Web page
written in plain text, and the PC uses an
Internet Browser to view it, this could let
Active X (the Microsoft system which
allows programs to run inside Web pages)
release a hidden virus.
This can happen if the file is deliberately re-named. The original version of
Microsoft Outlook allowed this to happen automatically, it saw HTML and
took over to display it as a Web page.
Viruses Bubble Boy and Cakworm work
this way. A free software patch for
Outlook can be downloaded from the
Microsoft site to prevent this. But the PC
owner must be literate and be able to
handle download upgrades.
In its present form Outlook does not
automatically open attachments. “That’s
why any system of active E-mail would be
horrendous’’, says Cluley.
RTF in native form is safe too, because it
is plain text with a little fancy formatting.
It does not support macros. But there is
now a sneaky new virus, called Cap, which
waits until you try and save a Word document as RTF, silently intrudes to save it as
a virus-infected Word file, and sticks the
letters RTF at the end so that it looks safe
to open. Because Windows treats a Word
file as a Word file, whatever the letters on
the end, the virus springs to life when the
file opens.
Windows should also give the option to
disable all Macros, in a way that does not
let viruses turn the option back on.
Outlook should by default send only
ASCII – currently it may reply in HTML
if it receives HTML.
Cluley suggests that as a temporary safeguard users can remove the Windows
Scripting Host from Windows and disable
Active X. This will stop VBS batch files
running and will probably make no difference whatsoever to normal operation of
the computer. But the user has to know
how to burrow around inside the Windows
Settings Panel to Add/Remove programs,
and alter the Security Settings inside
Internet Explorer.
The Internet should be getting easier and
safer to use, not more risky and complicated.
The simple solution, says Cluley, is for
Microsoft to sell Windows in a default
state that is safe from viruses, and then let
users to change risky settings if they know
how and dare.
WAP Phone Viruses
Interestingly, Cluley believes that risk of
WAP cellphone viruses has been greatly
over-exaggerated. The Spanish virus
Timofonica connected to a Web site,
which then E-mailed short SMS messages
to random phone numbers. So it only
caused irritation. A side effect of the PC
LoveBug virus was to make a PC send
some of its code to any SMS address in the
Outlook address book. But it could not
spread itself that way because current cellphones do not have the processing power
or memory capacity to harbour viruses.
There have been no viruses yet for
Windows Pocket CE and Palm devices,
which do not support Macros.
“Virus writers want to infect the world’’,
says Cluley. “They will not waste time
infecting devices that cannot spread infection’’. But this may change as higher speed
mobile devices work hand in hand with PCs.
Terrestrial digital broadcaster On Digital
will soon provide Internet connection via
an add-one module and phone line. Will
this leave digital receivers open to infection that, for instance, re-flashes their
operating system chips?
“It all depends on the kind of digital signature they use’’ says Cluley. “The box
must ignore any update that arrives without the correct digital signature; it could be
PGP or Verisign, with private and public
key. But the general rule is simple – the
more bits the better.’’
TOOLS SITE
Advice to Microsoft
Cluley says Microsoft should change
Windows so that it checks the file extension against the embedded file identifier,
and only open a file if the extension and
identifier match. Currently Windows
ignores file extensions and relies on the
embedded identifier. “If they don’t match’’
says Cluley “this should tell Windows
there is something wrong’’.
Cluley says Windows should also stop
hiding file extensions which helps virus
writers get away with double extensions,
like File.jpg.exe.
SHESTO Ltd, specialist suppliers of tools and equipment for technicians and craftsmen, have opened their web-site. They describe it as “an ideal way to locate hard-tofind and innovative tools’’.
Over 900 products can be viewed and selected via this “easy to use and navigate’’
web site. It also features the latest news on exhibitions and events of interest to model
makers, electronics, hobby and DIY enthusiasts.
Each month special offers will be available at very advantageous prices, as well as
features on interesting new products that have come on the market. The site uses the
latest web security systems so you can order on-line with complete confidence.
The site is at www.shesto.com. Other contacts with Shesto Ltd can be made with
them at Unit 2, Sapcote Trading Centre, 374 High Road, Willesden, London NW10
2DH. Tel: 020 8451 6188. Fax: 020 8451 5450. E-mail: [email protected].
Everyday Practical Electronics, September 2000
655