Hi Ana,
Even tho the short answer is simple -- the message is an old xmca posting --
I've suggested a couple of methods to verify this assertion, as mass mailer
worms seem to be using old messages to disguise their payload, with
increasing frequency:
You can always ask Alfred directly if he sent a message to you -- but use the
email address from your address book rather than replying to the message. If
the message from Alfred is the carrier of the virus, then its return address
will most likely be incorrect. The problem with this method is that some mm
viruses (older ones) do not disguise the return address and it is identical
to that of the victim's. In this case trying to contact the person over email
usually fails because their inbox is filled with replies, some of which may
have been made by mass mailers that have installed themselves on others
computers.
It seems likely, however, that the email is an old message sent to xmca,
since the subject line is identical to the one i received. Another way to
check, if you are nervous about opening the message, is to compare the
subject heading to that of old xmca messages. That can be done either thru
sorting old mail by subject headings, or by putting the contents of the
subject line into google. Google finds everything (I wish i had a google for
my socks) and it 's what i used to find out that the message i received was
an old xmca mail.
Mike's rule relies upon redundancy in the social network, which to a great
degree is enacted through the computer medium. Yet the medium is what is
threatened by mm viruses, as they exploit the social network
fossilized/materialized in email address books. One might think that there
is an inherent vulnerability in using the thing threatened to insure safety
-- but if the definition of "odd attachments" applies to those attachments
you are not expecting because of a history of interaction, then the rule is a
pretty good one. I've been burned by an exception to the rule: I opened an
attachment that i was expecting from a student because her project was due.
The virus definitions on my computer were not up to date, and i ended up
having to completely reinstall the system software.
Hopefully the trend for third party utilities to become built into system
software (like "window shade" on the mac, or "defrag" on the PC) will be true
for antivirus software and spam filters. But I don't think that technology
alone will solve social problems.
bb
On Friday 04 October 2002 11:19 pm, Ana Marjanovic-Shane wrote:
> I also received an e-mail from Alfred Lang but I have not opened it yet.
> In the meantime, I did get this virus, but my virus scan program caught it
> and erased it right away.
> Should I open Lang's mail at all or just delete it??
> It's subject is: Re: The human condition: CHAT and my interests
>
> What do you say, Bill?
>
> Ana
>
>
>
>
> ----------------------------------------
> Ana Marjanovic-Shane
> home: 1-215 - 843 - 2909
> mobile:+267 -334-2905
>
> -----Original Message-----
> From: Bill Barowy [mailto:wbarowy@attbi.com]
> Sent: Friday, October 04, 2002 6:58 PM
> To: xmca@weber.ucsd.edu
> Subject: computer virus alert
>
> Looks like an xmca'er in Brazil has a mass mailer computer worm. Please
> make
> sure to be careful about opening attachments that seem to come directly to
> you
> from ANY xmca'er. Scan the attachment first. Make sure your virus
> definitions
> are up to date
>
> The worm is pulling out old messages from the victim's mailbox and sending
> them
> to people who are in the addressbook. It fakes the return address to look
> like
> the message came from someone else. The message i received is below.
>
> (I thought it strange that Alfred's email address would be from Brazil
> (note the ".br" at the end)
>
> And if you are in brazil and you are able to read this message, better do a
> virus scan -- allegro
>
> bb
>
> ---------- Forwarded Message ----------
>
> Return-Path: <alfred.lang@uol.com.br>
> Received: from ginsberg.uol.com.br ([200.221.4.48]) by sccrgwc04.attbi.com
> (InterMail vM.4.01.03.37 201-229-121-137-20020806) with ESMTP
> id
> <20021004215745.HOXW28731.sccrgwc04.attbi.com@ginsberg.uol.com.br>
> for <wbarowy@attbi.com>; Fri, 4 Oct 2002 21:57:45 +0000
> Received: from nome-1wy7k2k6gy ([200.158.176.222])
> by ginsberg.uol.com.br (8.9.1/8.9.1) with SMTP id SAA06585;
> Fri, 4 Oct 2002 18:38:12 -0300 (BRT)
> Date: Fri, 4 Oct 2002 18:38:12 -0300 (BRT)
> Message-Id: <200210042138.SAA06585@ginsberg.uol.com.br>
> From: Alfred Lang <alfred.lang@uol.com.br>
> Subject: Re: The human condition: CHAT and my interests
> MIME-Version: 1.0
> Content-Type: multipart/alternative;
> boundary="----------1I6BX5J1PD0G9OI"
> Status: R
> X-Status: N
> <HTML><HEAD></HEAD><BODY>
> <iframe src=cid:V6Xc8z2Nq4f5Y height=0 width=0>
> </iframe>
> <FONT></FONT>
> Eric, Nate, Ricardo, and others,<br>
> <br>
> Eric, I'm indeed familiar with Jaan Valsiner, he has been teaching <br>
> here for several weeks. Our approaches to culture inclusive <br>
> psychology are sort of co-evolving for a couple of years alread
> </BODY></HTML>
>
> -------------------------------------------------------
This archive was generated by hypermail 2b29 : Fri Nov 01 2002 - 01:00:06 PST