Bill R wrote:
You are correct on both points but the plain truth is that
millions of people are just not computer savvy. Tom was
just posting the information for those in that group. It
has been reported that many people ARE clicking on the link
and just maybe the warning will prevent one of our gardening
friends from getting hit.

The problem is, those people who didn't already know (or at least
suspect) that something was amiss with the rogue post wouldn't see Tom's
warning in time. Either they were zapped already, or they're reading the
posts (or threads) in chronological order, and will be zapped before
getting to this thread.

It was a nice gesture. But even if it came yesterday, it was too late.

The lesson that can be reinforced to the rest of us is to remember that
warnings never come fast enough for the gullible. Anyone who just *has*
to see "news" photos before they're released (we'll ignore the
unlikelihood of them being in rec.gardens before being on every TV
station on the dial) really needs to take a breath, and weigh the
possibility of damage over the need to know something a little ahead of
everyone else. At least wait for either the warnings, or for it to
become public knowledge.

Same goes for your bank, credit card company, or anyone else you do
business with needing to confirm information right away. If they need it
so quickly that you don't have the chance to call them on the phone to
confirm it's really them, then it's something bad for you.

I'm sure we'll see plenty of these for years to come, and the real
lesson (which I know we already know) is don't let them rush you. Don't
let them come up with *any* reason that convinces you to act faster than
the warnings can come, or faster than you can confirm something. The
most basic part of any con is getting you to act fast. Too fast.

Most of the people who act too fast in most cons knew better to begin
with. They just forgot. Think before acting. Ask before acting. That's
the message that needs to constantly be hammered into our human heads,
and Tom's message has been a catalyst for this discussion.

BTW... This doesn't just apply to downloading files, or opening
messages, or even computers. It applies to watching out when someone
offers us a tool or a plant, and tries to entice us to act faster than
we should. Impulse buys are fun if it's your impulse. If it's someone
else playing you into making an impulsive decision, you'll get burned.
And again, the warnings won't come along fast enough to save the most
impulsive of us.

Any one who can say they've never been conned either is lying, or
they're so dumb they haven't even realized they've been conned yet! And
most of us, given a long enough life, will fall victim again. But the
more we repeat the lesson to think before acting, perhaps the fewer
times we'll be suckered while we're still around.

--
Warren H.

==========
Disclaimer: My views reflect those of myself, and not my
employer, my friends, nor (as she often tells me) my wife.
Any resemblance to the views of anybody living or dead is
coincidental. No animals were hurt in the writing of this
response -- unless you count my dog who desperately wants
to go outside now.
Blatant Plug: Books for the Pacific Northwest gardener:
http://www.holzemville.com/mall/nwgardener/index.html

Neither Norton Anti-Virus (Symantec), CIAC (Dept of Energy),
US-CERT (Dept of Homeland Security), CERT (Carnegie-Mellon), nor
CVE (Mitre) report such a threat.

According to CIAC, a valid warning has the following
characteristics:
* There is a link to a report at an authoritative source (e.g., a
member of FIRST http://www.first.org/ but not a news
organization).
* The warning is digitally signed (e.g., via PGP) so that its
origin can be authenticated and the integrity of its content can be
verified.
* It does not say, "Tell all your friends."

--

David E. Ross
http://www.rossde.com/

I use Mozilla as my Web browser because I want a browser that
complies with Web standards. See http://www.mozilla.org/.

Thanks to Tom.

And just a heads up to William Wagner and anyone else out there
that doesn't know...

William, can you check something out for me ?

https://www.grc.com/x/ne.dll?bh0bkyd2

If that link doesn't work, try:

http://www.grc.com/default.htm

Scroll down to the ShieldsUp! link and see if you can get that
to work ? It is a port scanner that will identify any open ports
on your system. Your Snitch software will probably alert you
to quite a few a things. There should be a "Common Ports"
link that you should try before trying to do all ports. I'm a
little ignorant on whether that webpage will work on a MacIntosh
system.

As far as any computer goes, PC's or Mac's or other, IP addresses
are being contacted constantly. I am not familiar with what "Little
Snitch" is, so I assume it is firewall software. My IP address is
contacted about 10 to 40 times a minute, every minute of the day,
and it doesn't matter that my IP address changes. The reason this
happens is because there are a lot of people out there that are
probing just about every port on the Internet. A good firewall will
hide your system and drop incoming packets that are sniffing your
system. Not only are people scanning ports trying to detect open
systems, but virally infected systems may do the same and there
seem to be a lot of virally infected systems out there. It seems as
if most people program a virus to do a couple things:

1) open a port on the infected system,
2) broadcast the open port to people that want to know,

And then there are the other type of viral programs. The ones above
are really called worms because they burrow into your system and
create a hole for other worms to crawl in. :-)

Viral programs tend to contact a system, may or may not open the
system up for Internet communications, but these are the ones you
generally hear about that infect a floppy drive, a CD and so on.
Their goal isn't so much to open the system up for contact, but is
to spread their infection around.

Then there are the viral worms that exhibit both behaviours.

I have noticed that a lot of worms are not detected by anti-viral
software. For PC systems, folks are told to get commercial anti-
viral software, a firewall as well as two other anti-tracking
softwares. :-/ The fact that Microsoft built the operating system
so openly, provides PCs with a lot of freedom, but certain
corporate entities decided to abuse that freedom and create
intrusive software.

http://www.lavasoft.de has the LavaSoft AdAware software
that is free and one of the most highly recommended tools to
install on any Microsoft Windows operating system.

http://www.safer-networking.org/ has SpyBot Search & Destroy.
This is more free software that should be installed on every
Microsoft Windows system.

http://www.grisoft.com/ has a free anti-viral software product as
well, but I've noticed that it is not recognizing some older viruses.
This is some more free software, and it's currently the only anti-
virus product I am using on this system. So I do recommend to
others that a commercial anti-viral product like Symantec or
Macafee's but I don't use those myself. :-/ I guess I am one of
those guys that doesn't practise what I preach. :-( So I pass this
on with that disclaimer.

The firewall software that is generally used on a PC is called Zone
Alarm and is available on a trial basis at www.zonelabs.com or
you can get a freeware earlier version from www.oldversions.com.
It's PC only software though.

Hope I've cleared up some things.

--
Jim Carlock
http://www.microcosmotalk.com/
Post replies to the newsgroup.

"William Wagner" wrote:
In article, William Wagner wrote:

Nice little program "Little Snitch" shareware lets me know about
anyone trying to contact my machine. For Mac's but PC folks may have
something similar.
William (Bill)

Now back to garden stuff.

--
Zone 5 S Jersey USA Shade Earth sometimes.
There is atleast one word misspelled deliberately in the above post. )
http://www.oxymorons.info/ lots of word fun!

In article ,
"Jim Carlock" wrote:

Thanks to Tom.

And just a heads up to William Wagner and anyone else out there
that doesn't know...

William, can you check something out for me ?

https://www.grc.com/x/ne.dll?bh0bkyd2

Interesting Jim!

Here our my results for my MAC


"Attempting connection to your computer...
Shields UP! is now attempting to contact the Hidden Internet Server
within your PC. It is likely that no one has told you that your own
personal computer may now be functioning as an Internet Server with
neither your knowledge nor your permission. And that it may be serving
up all or many of your personal files for reading, writing, modification
and even deletion by anyone, anywhere, on the Internet!

Preliminary Internet connection refused!
This is extremely favorable for your system's overall Windows File and
Printer Sharing security. Most Windows systems, with the Network
Neighborhood installed, hold the NetBIOS port 139 wide open to solicit
connections from all passing traffic. Either this system has closed this
usually-open port, or some equipment or software such as a "firewall" is
preventing external connection and has firmly closed the dangerous port
139 to all passersby. (Congratulations!)

Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED.
(This is very uncommon for a Windows networking-based PC.) Relative to
vulnerabilities from Windows networking, this computer appears to be
VERY SECURE since it is NOT exposing ANY of its internal NetBIOS
networking protocol over the Internet."

--
Zone 5 S Jersey USA Shade Earth sometimes.
There is atleast one word misspelled deliberately in the above post. )
http://www.oxymorons.info/ lots of word fun!

there is also one that announces Schwarzenegger's suicide - it too contains
a virus.

"TOM KAN PA" wrote in message
...
Reports of bin Laden's death are viral lure

Beware of clicking

By INQUIRER staff: Saturday 24 July 2004, 18:46

NEWS.COM and other wires report that sensational messages spreading on
USENET
and by email which flash news of the death of Osama bin Laden's death are
really lures to trap the unwary into downloading a Trojan horse.

According to news.com, the message purports to have a picture of the
arch-terrorist committing suicide. But click on the picture and before you
know
where you are you've got an infection. µ

there is also one that announces Schwarzenegger's suicide - it too contains
a virus.

"TOM KAN PA" wrote in message
...
Reports of bin Laden's death are viral lure

Beware of clicking

By INQUIRER staff: Saturday 24 July 2004, 18:46

NEWS.COM and other wires report that sensational messages spreading on
USENET
and by email which flash news of the death of Osama bin Laden's death are
really lures to trap the unwary into downloading a Trojan horse.

According to news.com, the message purports to have a picture of the
arch-terrorist committing suicide. But click on the picture and before you
know
where you are you've got an infection. µ

we need to get these people into gardening on a grand scale. They have
waaaaay too much time on their hands!
madgardener whose own garden is now overgrown, half blown out, and the
grasses that she "doesn't have" are up to her knees in the pathways between
the beds running down the slope..............to the patch of weeds that
slipped in quietly in the night under cover of the rains and are now great
woods eating things..................

--
Humankind has not woven the web of life.
We are but one thread within it.
Whatever we do to the web, we do to ourselves.
All things are bound together.
All things connect." Chief Seattle
"Jutta Haas" wrote in message
.rogers.com...
there is also one that announces Schwarzenegger's suicide - it too
contains
a virus.

"TOM KAN PA" wrote in message
...
Reports of bin Laden's death are viral lure

Beware of clicking

By INQUIRER staff: Saturday 24 July 2004, 18:46

NEWS.COM and other wires report that sensational messages spreading on
USENET
and by email which flash news of the death of Osama bin Laden's death
are
really lures to trap the unwary into downloading a Trojan horse.

According to news.com, the message purports to have a picture of the
arch-terrorist committing suicide. But click on the picture and before
you
know
where you are you've got an infection. µ

madgardener wrote:
we need to get these people into gardening on a grand scale. They have
waaaaay too much time on their hands!



I don't think "those type" of people are into gardening.

Here is what is going on: the file contains a "backdoor"
trojan that, once installed on a computer (and all you have
to do is click on the link for it to be installed), allows
them to use (control) that computer to send spam mail to
thousands of people daily. It also can be used to make a
person's computer "a pornography file server" or other such
device (it has been reported that terrorist use it to send
messages back and forth but I haven't seen any proof of that).

A very good (free) program that you can use to make sure
that none of these type of programs are installed on your
computer is Ad-Aware 6.0 and is available from the Lavasoft
web site, http://www.lavasoftusa.com/

Be sure to keep it updated and scan your computer at least
once a week.
--
Bill R. (Ohio Valley, U.S.A)

Digital Camera: HP PhotoSmart 850

For pictures of my garden flowers visit
http://members.iglou.com/brosen

Remove NO_WEEDS_ in e-mail address to reply by e-mail

"madgardener" wrote in message
...
we need to get these people into gardening on a grand scale. They have
waaaaay too much time on their hands!
madgardener whose own garden is now overgrown, half blown out, and the
grasses that she "doesn't have" are up to her knees in the pathways
between
the beds running down the slope..............to the patch of weeds that
slipped in quietly in the night under cover of the rains and are now great
woods eating things..................

Good to see this post. I was worried the hyperlink fix I suggested might
have caused you trouble............ Did you try it?

"Jutta Haas" wrote in message
.rogers.com...
there is also one that announces Schwarzenegger's suicide - it too
contains
a virus.

"TOM KAN PA" wrote in message
...
Reports of bin Laden's death are viral lure

Beware of clicking

On Sun, 25 Jul 2004 12:58:39 -0400, Bill R wrote:

madgardener wrote:
we need to get these people into gardening on a grand scale. They have
waaaaay too much time on their hands!



I don't think "those type" of people are into gardening.

Here is what is going on: the file contains a "backdoor"
trojan that, once installed on a computer (and all you have
to do is click on the link for it to be installed), allows
them to use (control) that computer to send spam mail to
thousands of people daily. It also can be used to make a
person's computer "a pornography file server" or other such
device (it has been reported that terrorist use it to send
messages back and forth but I haven't seen any proof of that).

A very good (free) program that you can use to make sure
that none of these type of programs are installed on your
computer is Ad-Aware 6.0 and is available from the Lavasoft
web site, http://www.lavasoftusa.com/

Be sure to keep it updated and scan your computer at least
once a week.


If you use Internet Explorer you better scan every day or 2 at the
very least.

I was under the naive impression that these newsgroup forums were monitored by
a group moderator whose duties included removing viruses, spam, etc. I protect
my emails with programs that look at messages on my server before I download
them to my computer. I do not have such a recourse with the newsgroup messages.
It's very scary to use the newsgroups, even though I am protected every way I know
how.

TOM KAN PA wrote:

Reports of bin Laden's death are viral lure

Beware of clicking

By INQUIRER staff: Saturday 24 July 2004, 18:46

NEWS.COM and other wires report that sensational messages spreading on USENET
and by email which flash news of the death of Osama bin Laden's death are
really lures to trap the unwary into downloading a Trojan horse.

According to news.com, the message purports to have a picture of the
arch-terrorist committing suicide. But click on the picture and before you know
where you are you've got an infection. µ

sherwindu wrote:
I was under the naive impression that these newsgroup forums were
monitored by
a group moderator whose duties included removing viruses, spam, etc.
I protect
my emails with programs that look at messages on my server before I
download
them to my computer. I do not have such a recourse with the newsgroup
messages.
It's very scary to use the newsgroups, even though I am protected
every way I know
how.

Very few newsgroups are moderated. Maybe a hundred out of a few thousand
groups. This isn't one of them. (Nearly all that are moderated have the
word moderated in the title.) However, just because a group is moderated
doesn't make it any safer. It's easy enough to fake the headers that
authorize the release of a message. (Yes, it's against the rules, but so
is distributing viruses.)

It's not hard to protect yourself. Number one on the list is don't open
any attached files. There is no legitimate reason for anyone to post a
file in a non-binary newsgroup such as this one.
alt.binaries.pictures.gardens is available for that. If you're nervous
about how safe it is, don't go to that group. (Many ISP's will either
strip the attachment off of posts to non-binary groups, or they'll
simply drop the posting all together.)

Second, don't follow links to unsafe websites. A link (supposedly) to a
story about Sadam hanging himself is probably not safe if it's posted in
a gardening newsgroup. So what about a link to something garden-related?
It may or may not be a safe site. Look at who's posting it. Is it a
regular poster to the group? Is there content in their message other
than just an invite to the link? Have others commented on the link? Does
the site name look okay?

Worried that the link doesn't go where it says it goes? Well, that isn't
a problem in a plain text message, which is one of the many reasons why
people prefer newsgroup messages to be in plain text instead of html. If
the post isn't plain text, but formatted html, it might go someplace
other than what the text shows. Instead of clicking on the link, copy
the link, and paste it in your browser. Then you'll go where it says,
not to some hidden link under it.

Lastly, most newsreaders have an option to only download headers. The
messages are only downloaded if you click on the header. Be judicious in
which posts you read. Evaluate whether or not you view the message by
looking at the subject line, who posted it, and the size of the message
(as in, is it so big that it must have an attachment.)

Just following these common sense guidelines will keep you safe. I have
been reading newsgroups for over a decade now, and I have never had a
problem. I scan about two dozen newsgroups a day, some are binary
groups, too. I probably look at two hundred messages a day. I pass over
far more than I read. Having worked for some ISP's and other technology
companies, I have the skills to deal with things that could go wrong
better than most, but I'm sure you'll find that many of the
non-technical people who read this group can give you similar stories of
never having a problem. Good judgment and technical skills are not
synonymous.

You lock the doors of your house. You keep your car doors locked. You
don't walk in deserted areas at night. Unless you're agoraphobic, you
leave your house each day, and use good judgment that has allowed you to
come home unharmed nearly every day of your life. Yes, there are plenty
of things out there that can harm you, and it's possible that no matter
how careful you are, something will. But that doesn't keep you from
going out, and living your life. Likewise, use good judgment online, and
live your online life. Don't let fear keep you from the rich content
that is available in many of the thousands of newsgroups.

--
Warren H.

==========
Disclaimer: My views reflect those of myself, and not my
employer, my friends, nor (as she often tells me) my wife.
Any resemblance to the views of anybody living or dead is
coincidental. No animals were hurt in the writing of this
response -- unless you count my dog who desperately wants
to go outside now.
Blatant Plug: Books for the Pacific Northwest gardener:
http://www.holzemville.com/mall/nwgardener/index.html

sherwindu wrote:
I was under the naive impression that these newsgroup forums were
monitored by
a group moderator whose duties included removing viruses, spam, etc.
I protect
my emails with programs that look at messages on my server before I
download
them to my computer. I do not have such a recourse with the newsgroup
messages.
It's very scary to use the newsgroups, even though I am protected
every way I know
how.

Very few newsgroups are moderated. Maybe a hundred out of a few thousand
groups. This isn't one of them. (Nearly all that are moderated have the
word moderated in the title.) However, just because a group is moderated
doesn't make it any safer. It's easy enough to fake the headers that
authorize the release of a message. (Yes, it's against the rules, but so
is distributing viruses.)

It's not hard to protect yourself. Number one on the list is don't open
any attached files. There is no legitimate reason for anyone to post a
file in a non-binary newsgroup such as this one.
alt.binaries.pictures.gardens is available for that. If you're nervous
about how safe it is, don't go to that group. (Many ISP's will either
strip the attachment off of posts to non-binary groups, or they'll
simply drop the posting all together.)

Second, don't follow links to unsafe websites. A link (supposedly) to a
story about Sadam hanging himself is probably not safe if it's posted in
a gardening newsgroup. So what about a link to something garden-related?
It may or may not be a safe site. Look at who's posting it. Is it a
regular poster to the group? Is there content in their message other
than just an invite to the link? Have others commented on the link? Does
the site name look okay?

Worried that the link doesn't go where it says it goes? Well, that isn't
a problem in a plain text message, which is one of the many reasons why
people prefer newsgroup messages to be in plain text instead of html. If
the post isn't plain text, but formatted html, it might go someplace
other than what the text shows. Instead of clicking on the link, copy
the link, and paste it in your browser. Then you'll go where it says,
not to some hidden link under it.

Lastly, most newsreaders have an option to only download headers. The
messages are only downloaded if you click on the header. Be judicious in
which posts you read. Evaluate whether or not you view the message by
looking at the subject line, who posted it, and the size of the message
(as in, is it so big that it must have an attachment.)

Just following these common sense guidelines will keep you safe. I have
been reading newsgroups for over a decade now, and I have never had a
problem. I scan about two dozen newsgroups a day, some are binary
groups, too. I probably look at two hundred messages a day. I pass over
far more than I read. Having worked for some ISP's and other technology
companies, I have the skills to deal with things that could go wrong
better than most, but I'm sure you'll find that many of the
non-technical people who read this group can give you similar stories of
never having a problem. Good judgment and technical skills are not
synonymous.

You lock the doors of your house. You keep your car doors locked. You
don't walk in deserted areas at night. Unless you're agoraphobic, you
leave your house each day, and use good judgment that has allowed you to
come home unharmed nearly every day of your life. Yes, there are plenty
of things out there that can harm you, and it's possible that no matter
how careful you are, something will. But that doesn't keep you from
going out, and living your life. Likewise, use good judgment online, and
live your online life. Don't let fear keep you from the rich content
that is available in many of the thousands of newsgroups.

--
Warren H.

==========
Disclaimer: My views reflect those of myself, and not my
employer, my friends, nor (as she often tells me) my wife.
Any resemblance to the views of anybody living or dead is
coincidental. No animals were hurt in the writing of this
response -- unless you count my dog who desperately wants
to go outside now.
Blatant Plug: Books for the Pacific Northwest gardener:
http://www.holzemville.com/mall/nwgardener/index.html

I was under the naive impression that these newsgroup forums were monitored
by
a group moderator whose duties included removing viruses, spam, etc.

Not all newsgroups are monitored. This one is not. Sometimes the spam even gets
into the monitored ones.
Iris,
Central NY, Zone 5a, Sunset Zone 40
"If we see light at the end of the tunnel, It's the light of the oncoming
train."
Robert Lowell (1917-1977)

I was under the naive impression that these newsgroup forums were monitored
by
a group moderator whose duties included removing viruses, spam, etc.

Not all newsgroups are monitored. This one is not. Sometimes the spam even gets
into the monitored ones.
Iris,
Central NY, Zone 5a, Sunset Zone 40
"If we see light at the end of the tunnel, It's the light of the oncoming
train."
Robert Lowell (1917-1977)