Friday, June 26, 2009

Security Snake Oil: The Bogus Email Address

This is the first post in what I think may be a series of security snake oil e-mails and ideas that are forwarded my way. However, before reading this, know that the best way to handle your computer security is outlined here;

Just received this forward on how to "protect" your e-mail address book from worms:

How to protect your e-mail address book:

A computer repairman says this is like having gold. This is a good thing. I learned a computer trick today that's really ingenious in its simplicity.

First dead giveaway that this isn't real is that the fix is "simple". There's no panacea for computer security.

As you may know, when/if a worm virus gets into your computer it heads straight for your email address book, and sends itself to everyone in there, thus infecting all your friends and associates.

This trick won't keep the virus from getting into your computer, but it will stop it from using your address book to spread further, and it will alert you to the fact that the worm has gotten into your system.

Here's what you do:

First, open your address book and click on 'new contact,' just as you would do if you were adding a new friend to your list of email addresses. In the window where you would type your friend's first name, type in ' A'.

For the screen name or email address, type AAAAAAA@AAA.AAA

Now, here's what you've done and why it works:

The 'name 'A' will be placed at the top of your address book as entry #1..

First problem is that may not be the case. Just because you see it first does not mean that it'll be the first e-mail stored on the drive. Data is stored in the way that the computer can access it the quickest or perhaps as you've added it. Then when the computer goes to show you the details, it will sort that data into a human readable format. However for the worm, it'll get it in the quickest order the computer can hand it back.

This will be where the worm will start in an effort to send itself to all your friends.

When it tries to send itself to AAAAAAA@AAA.AAA, it will be undeliverable because of the phony email address you entered. If the first attempt fails (which it will because of the phony address), the worm goes no further and none of your friends will be infected.

Second place this breaks down is assuming the worm will stop on error. It won't for 2 reasons:

  1. Internet mail delivery doesn't work this way. It takes the e-mail and then tells the app it's received it. The app then moves on while the mail delivery system tries to deliver the message.
  2. No worm writer would stop on a bad e-mail address. Even if it did get immediate failure, it would just skip to the next address and keep going.

Here's the second great advantage of this method: If an email cannot be delivered, you will be notified of this in your In Box almost immediately. Hence, if you ever get an email telling you that an email addressed to AAAAAAA@AAA..AAA could not be delivered, you know right away that you have the worm virus in your system. You can then take steps to get rid of it!

This is the only valid point in this article. Having a bad e-mail address in your address book would guarantee a failure you may catch. However, it doesn't matter much as your computer already has a problem. And this problem could be stealing your identity, invading your privacy and generally causing problems. The best bet is not to try and catch the problem to fix it, but to keep it from happening in the first place.

No comments: