Received: from theactivedesktop.com (theactivedesktop.com [192.41.28.118]) by nemisys.nwinternet.com (8.8.8/8.8.8) with ESMTP id VAA00867 for ; Thu, 4 Nov 1999 21:15:40 -0800 (PST) Received: from PAUL (remote2.ss.hurontario.net [209.135.125.18]) by theactivedesktop.com (8.8.5) id WAA07627; Thu, 4 Nov 1999 22:13:52 -0700 (MST) X-Authentication-Warning: theactivedesktop.com: Host remote2.ss.hurontario.net [209.135.125.18] claimed to be PAUL Reply-To: From: "Paul Fitzpatrick" To: "'pchelp'" Subject: RE: WinSec Date: Fri, 5 Nov 1999 00:12:19 -0500 Message-ID: <000801bf274c$5650d900$127d87d1@PAUL> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Importance: Normal In-Reply-To: <3.0.3.32.19991104180422.009367c0@nwinternet.com> PCHelp, Thanks for your feedback and suggestions. If we receive a notification from a user suspects that they've downloaded a virus or trojan horse, our current policy is to immediately download the file and scan it with the latest version of Symantec Antivirus, and to forward a copy of the report (without the reportee's e-mail address or name) to the author. In the past month or so, we've had about a dozen reports without any confirmed viruses or trojan horses. For the WinSec program that was previously listed on our site, we were unable to download and scan the file from xoom.com -- both the author's Web site, and the URL to the file return a "File not found 404" error, and we were unsuccessful at contacting the author by e-mail. paul@softseek.com -----Original Message----- From: pchelp [mailto:pchelp@nwi.net] Sent: Thursday, November 04, 1999 9:04 PM To: paul@softseek.com Subject: WinSec Hello, Paul. On my website at http://www.nwi.net/~pchelp/index.html I maintain a public notice regarding the matter about which I earlier corresponded with you and Liz -- the "WinSec" application which was a trojan. I received email many days sgo from Bill Machrone indicating that Softseek could be expected to take a more responsible course of action on the matter, but a visit to softseek.com reveals nothing of the kind, and I have received no communication from Softseek on the matter. I understand some personal circumstances have taken your small staff's attention; undoubtedly it's been a difficult time. I hope all is now well or soon will be. Time is important. Some of your site's visitors undoubtedly harbor the trojan unknowingly, and their risk increses by the hour. It has already been far too long, but to do something, anything, is certainly better than nothing. Please respond, not only to me, but to the situation. In only a few minutes, it should be possible to at least post a cautionary notice; if not on your site's front page, then at least in place of the former entry which misdirected your users. As time permits, I think you should go much further. I believe you should establish, clearly articulate for the public, and then adhere to a policy which involves at least limited testing and monitoring of your site's directory entries. pchelp -- http://www.pc-help.org http://www.nwi.net/~pchelp/