[Nottingham] Unknown (at least to me) message
Jim Moore
jmthelostpacket at googlemail.com
Wed Dec 24 08:57:17 UTC 2008
Ron Wilton wrote:
> When I open Firefox I get a dialogue box with the following message.
>
> +++
> Opening a.asc
>
> You have chosen to open
>
> a.asc
>
> which is a: PGP/MIME-encrypted message header
> from:...a file on my harddrive
>
> What should Firefox do with this file?
> ...
> +++
>
> What does this mean, and am I safe to open it?
>
> Ta
>
> Ron
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Nottingham mailing list
> Nottingham at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/nottingham
On Linux, you could probably safely do this as downloaded files usually
have the "Execute" bit flipped off. The result would likely by garbage
on the screen. The NT kernel ignores or is unaware of this bit and
attempts to execute anything that even remotely looks like a script or
blob of code.
This can have several unfortunate effects from the installation of
malware (ie keyloggers, BHO toolbars, adbanner clients, mailbomb
servers), to the destruction of the operating environment (corruption of
the kernel, registry, etc.).
What you have there is likely an attempt by a piece of Javascript to
hijack your home page using a local file to install malware from a
remote server. Of course, if you're on Linux this won't work. All you
need do is reset your homepage and delete the offending file (if it
exists) from your hard drive.
--
TLP
- Last night I played a blank tape at full volume. The mime next door went nuts.
- No, I will not fix your computer.
- Thought: It must be a bitch to write your name in the snow in Arabic
*#* Signoff: labo-rat (find / -name \*yourbase\* -exec chown us:us {} \;)
More information about the Nottingham
mailing list