One thing I really like about Linux (and by extension, Mac OS-X) is that it is relatively safe from the ravages of social engineering attempts - most of the “click on me, tee-hee” stuff that marks the lot of nasty malware-hiding spams is either geared to the Windows x86 environment (which a lot of folks run using full administrator rights - BAD!!) or requires a user to execute the malware-activating code.

Of course, it is possible to do the same with OS-X or Linux, but the probability of successfully running the malware decreases with the tendency of Linux/OS-X to require root access as well as (in Linux) to make the script executable. There is the odd chance that one might find himself linking to a bad/untrustworthy Debian repository or flagging a file as executable, and/or running a untrustworthy shell script with SUDO… but all of that tends to take a little more effort than simply clicky-on-the-pretty-link many folks are accustomed to.

All of the extra keystrokes which Linux tends to require to setup and run a new program generally is sufficient to make a person consider and reconsider exactly what it is that he or she is doing, where as the one-time Windows click gives you maybe three nanoseconds of “Hanging Coyote Time“, where you realize that you’ve potentially just made one heck of a big boo-boo.

This is why I tend to only use my Linux box to check the several mail accounts that I have, as well as do my general web surfing.

But then, there’s my work computer - where I am forced by the kindness of Uncle Sam to use BillyWare (in this case, Windows XP).

Ah, the work computer. Supposedly protected by a nearly impenetrable wall of defenses, virus scanners, and Exchange server filters managed by a bunch of high-foreheaded spectacle wearing folks in a well-fortified place *somewhere in the USA*.

Which brings me to the meat of today’s post: The “E-Greetings” Spam.

Ordinarily, our Exchange server does a terrific job of catching spams - but lately we’ve been getting a lot of these:

I’ve already deleted two or three dozen of these, and suspect that someone or three in our rather large Active Directory has probably compromised themselves with whatever worm/payload that one of these mails triggers by opening the mail and clicking the link inside… thus making our entire AD vulnerable to these annoying (and potentially damaging) spams.

This is classic social engineering, and at least three of the variations (particularly the one marked from “You have received an egreeting from a [insert generic acquaintance such as classmate/co-worker/etc.]” spam which has been linked to a keylogging malware. Great for grabbing passwords and other confidential info.

It’s really effective too, in that it works off of a conditioning that some people (myself included) may have had from getting and sending e-cards from vendors like BlueMountain or Ynot!. (These e-cards are exceptionally popular in Japan, as well).

Some folks out there in virus-writing land never tire of trying to get into (your) data… and sadly, it will create havoc for an otherwise innocent industry of digital greetings, until those vendors come up with a more secure way of delivering their content. HTTPS comes to mind, but it all boils down to trust, and a small dose of common sense, especially when using with Windows and/or native MS products:

One must always be vigilant and even a tad paranoid when opening up email or attachments - and it never hurts to send an email or text/call your friend to be sure he or she sent it in the first place.

For those of you Americans who read (or stumble upon) my wee bloggie, please consider supporting Fred Thompson in his (expected) bid for the GOP nomination.

Although I figure most people are reticent to part with their hard-earned money to fill the coffers of yet another promise-making politico who will only do follow his (or her) own agenda once seated in office… I think Fred represents a very fresh wind of change for anyone on either side of the aisle (well, GOP mostly… which is very much in need of some serious overhauling - but if we can sway a few of the “Blue Dog” Democrats into supporting Fred, I certainly won’t object).

Fred is remarkable in that he is a trailing-edge member of the so-called “Silent Generation”, a generation so named because their voices were seldom heard, being caught between the outspoken Baby Boomers, who have largely shaped the present, and indeed, are in the halls of power… and the heroic “Greatest Generation”, who fought WW2 and had influenced that conservative body politic of the Cold War era that the Boomers protested against and whose values they ardently strove to replace with the failed liberalism of the 1970s.

What I see in Fred - is a desire to return to the old paths that have worked, tempered by a down-to-earth wisdom and an ability to effectively communicate and work with the many interests that make up America, while not compromising our integrity or our sovereignty.

Therefore, regardless if you are a Republican, Democrat, or Independent, please check out Fred - and if he is someone who you believe will help America do a good turn, by all means give him your support.