[GTALUG] email hygiene [was: Re: Federal agency warns critical Linux vulnerability being actively exploited}

D. Hugh Redelmeier hugh at mimosa.com
Wed Jun 5 10:37:12 EDT 2024 

| From: CAREY SCHUG via talk <talk at gtalug.org>

I changed the Subject.  I hope you don't mind.

| question still as a dummy.

Qustions are welcome.

| I try not to open emails from anybody I don't know, hovering over the 
| "from" if the subject is unexpected.

All this stuff depends on you "Mail User Agent" -- the program you use to 
read email.

I use alpine(1), a CLI MUA.  This is out of the 1990s, but it just doesn't 
automatically do things that cause problems.  So I don't know the joys and 
sorrows of a GUI MUA first hand.

| But sometimes the mail program jumps as I click, and I open something I 
| did not intend to open.

What do you mean by "open"?

A URL sends your web browser to some place selected by the email composer.  
Is that dangerous.  Potentially.  How safe is your browser?

The URL can send a payload of, for example, your email address or the 
particular message that you are responding to.

Sometimes email contains something like a .jpg or a spreadsheet.

- Pictures have been known to exploit bugs (rarely).  Usually those don't 
  target Linux.

- MS Office documents can definitely contain malware.  Usually those don't 
  target Open Office.

|  Or a malfeasor might have intercepted an email 
| I sent and crafted a reply from the person I sent it to.....or even have 
| compromised their machine and added code to every email from them.

Not likely unless you are a high-value target.

| Could a script in an email exploit this?

"this" means "this CVE", right?

Unlikely.

| I am not panicing, but I am concerned.

It's hard to know what to be concerned about.  I think I'm fairly 
knowledgeable about this stuff but I get surprised some times.

To my knowledge, I have not been attacked successfully on my Linux systems 
(over 25 years).  Of course I might not know about very successful 
attacks.

I get attacked at quite some frequency by Bad Guys trying to log into my 
systems via SSH.  Also: I get SPAM, just like everyone else.

More information about the talk mailing list