here's a reply on how viruses could be transmitted on email. I have seen encoded messages on my email, but tend to dump them as I do not have time to decode them. Anita Cohen-Williams; Reference Services; Hayden Library Arizona State University, Tempe, AZ 85287-1006 PHONE: (602) 965-4579 FAX: (602) 965-9169 INTERNET: [log in to unmask] Owner: HISTARCH *** Forwarding note from HENDRICK--CMSNAMES 12/05/94 11:07 *** Return-Path: <[log in to unmask]> Received: from ASUVM.INRE.ASU.EDU (NJE origin LISTSERV@ASUACAD) by ASUVM.INRE.ASU.EDU (LMail V1.2a/1.8a) with BSMTP id 3742; Mon, 5 Dec 1994 11:07:12 -0700 Date: Mon, 5 Dec 1994 10:05:16 PST Reply-To: "Lief M. Hendrickson" <[log in to unmask]> Sender: General Anthropology Bulletin Board <[log in to unmask] > From: "Lief M. Hendrickson" <[log in to unmask]> Subject: Forwarded: Second Virus Warning To: Multiple recipients of list ANTHRO-L <[log in to unmask]> Ref: posting by Anita Cohen-Williams on Dec 5: >From: Anita Cohen-Williams >Subject: Second Virus Warning #2 > This came in from ARTIFACT today. > > There is a virus on America Online being sent by email. If you get >anything with the header "Good Times", DON'T read it or download it. It is a >virus that will erase your hard drive. > > Yes, I know that it is quite possible that these warnings are simply hoaxes >or computer folklore, but better safe than sorry. -------------- Response: While polymorphic viruses are out there, there is a limit, at least currently, to their powers. As far as I know, a virus has to get into an executable file to do it's damage. It can be in a stand-alone *.exe or *.com file or work its way into memory via an application file. It's highly unlikely that a sequence of characters could be in a message file that would cause your email-read software to put the virus code into memory. What you have to watch out for is certain types of "attached files". Executable files can be put in an encoded format of text characters that have to be decoded by some software for the executable files to be formed. This is a way to send executable files by email software that only handles text characters. The attached file would be at the end of a message file and look like a bunch of random text characters. (I'd give an example of random text characters, but someone might think it's a virus!) You could read these characters, but they wouldn't make any sense until they were decoded. Simply looking at them doesn't make the virus pop out. If virus code were embedded, it wouldn't cause damage until it's formed by decoding the file. Most email-read utilities don't automatically decode attachments though yours may be different. It's always a good policy to back up your critical files and check your disk with a good virus-detecting utility on a regular basis. It's indeed "better to be safe than sorry". However, the ultimate being safe is to not connect your computer to any outside communication. After all, if someone is smart enough to embed virus code that can be formed by an email read utility, they may also be smart enough to mask headers. It could then be transmitted with a variety of headers- making all messages suspicious.