Ironically, one of the reasons I chose F-Secure over cheaper and faster products in 2001 is that they seemed capable of reliably scanning ZIP files for viruses (at the speed of a snail, which was the big downside of that vendor at the time, but I figured computers would only get faster). The standard hacker "solution" to AV, back at the time, was to ZIP the offending file and score a home run. There was a way to defeat even F-Secure on ZIP files, which I will not post here, but hackers seemed totally uninterested in exploiting it. You can maximize the number of credit card numbers hacked per second, or the percentage of computers hacked given no time limit... Which will it be?

Today's hackers seem to have given up on ZIP and moved on to RAR and 7z. We have stopped installing RAR and 7z decoders on new employee computers for this reason. These specialty compression formats seem to be the main compressed virus vectors nowadays, even though decoders do not come preinstalled. Sure, there are still tons of ZIP-borne viruses, but they rarely get through. I see RAR and 7z "invoices" and "lottery awards" and what not, every day.

  Eric

############################

To unsubscribe from the LSTOWN-L list:
write to: mailto:[log in to unmask]
or click the following link:
http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTOWN-L&A=1