Shortly after I sent the message to virus I got another message from the
admin. person who sent it to me <and about a hundred other people>
apologizing for not recognizing the hoax and urging us not to distribute the
message ....
I'm not sure how effective that person's antibodies will be now ... as they
felt they were doing their job. I'm not sure if the resolution will be
"Don't forward warnings" or "Forward warnings to security personnel for
their evaluation". <Depends on how Dilbert-ish their management is> I'm not
sure if the admin. person's understanding of technology would ever be able
to differentiate between a hoax and a potential threat.
So now its possible that a response that was potentially useful to the
organization .... warning of a technological threat ... has been dampened
.... ostensibly the organization has a security group that will keep us safe
from harm ... but I can't help but think that a it should be possible for a
disgruntled employee to scam an EMail account from an outside provider,
write a program for clearing the C Drive, attach it to a tempting message,
and then send it to the entire company. I wonder how many people who
received that warning message would run the program anyway?
My point would be that the first part of the threat in the original message
could be real, while the second part was bullshit .... The hackers are
essentially boiling a frog <the organization> ... they've turned up the heat
enough on some admin. people so they won't cry wolf even if it bites them
... but not enough for the organization to try to educate people on the
mechanisms threats are likely to take.
This seems like a good example of the types of conscious but pointless
engineering that sophomore meme-hackers <meme-vandals?> love.
----------