[thelist] [OT - For USA] Got any special plans for November 2nd?
Ken Schaefer
ken at adOpenStatic.com
Wed Oct 20 02:35:41 CDT 2004
----- Original Message -----
From: "Allen Schaaf" <techwriter at sound-by-design.com>
Subject: Re: [thelist] [OT - For USA] Got any special plans for November
2nd?
> /TIP ----->
> Be very careful about posting any exe files that might
> have been created by Windows NT, 2000, XP, or any
> executable file like screen savers, GIF animations, etc.,
> to your web site.
>
> The reason is ADS - no, not advertising, but rather
> Alternate Data Streams. They work sort of like pre-OSX
> Mac file in that they have two forks. There is the visible
> one which is the cute greeting card or whatever and the
> other is quietly installing a back door or Trojan on the
> computer of the person who downloaded it.
>
> At the very least run all files through software
> like <adscheck.exe>.
a) I don't see the concern with placing .exe files onto your /own/ website.
Presumably, if you have the files you know they are safe. The question is
whether it's safe for you to download files from someone else's website
b) The article linked is incorrect in stating that most security software is
incapable of scanning ADS (whilst that may have been true when the words are
written, I've been assured by people in the AV industry that this is no
longer the case). Every major AV program is now capable of scanning ADS in
files as you access them. Keep your AV up-to-date.
Cheers
Ken
More information about the thelist
mailing list