[tex-live] Install file of the TL should have unique name
Zdenek Wagner
zdenek.wagner at gmail.com
Fri Jan 10 10:23:41 CET 2014
2014/1/10 Reinhard Kotucha <reinhard.kotucha at web.de>:
> On 2014-01-09 at 21:19:59 +0100, Zdenek Wagner wrote:
>
> > 2014/1/9 Lars Madsen <daleif at imf.au.dk>:
> > > I agree with Philip, it is a really annoying Win feature.
> > >
> > >From my point of view it is even one of the most dangerous
> > misfeatures. If a user clicks "infectme.txt" assuming to open it in a
> > notepad and it is in fact "infectme.txt.exe", the user's computer will
> > be infected. The Windows users should be educated to:
> >
> > 1. configure Windows to display all extensions
> >
> > 2. do not click anything unless (1) is done
> >
> > 3. report this security risk to Microsoft
>
> Microsoft is aware of it but they don't care. There was the famous
> I-love-you-Virus in 2000 which caused a lot of trouble worldwide.
> It was an e-mail attachment with the file name
>
> LOVE-LETTER-FOR-YOU.TXT.vbs
>
> http://en.wikipedia.org/wiki/ILOVEYOU
>
> The setup.exe files are quite dangerous too unless you exactly
> remember where you got them from. A .exe file can contain arbitrary
> code. So if you don't remember where a particular setup.exe file came
> from and/or what it contains, it's better to throw it away. The .msi
> installer files are less dangerous because the extension .msi is
> associated with a particular program which doesn't execute arbitrary
> code.
>
> Similarly, there is no need to execute a self-extracting ZIP file.
> It's much safer to change the extension .exe => .zip before clicking
> on it. I still don't know what self-extracting ZIP files are good
> for at all.
>
30 years ago ZIP utilities were not free, so self-extracting files was
advantageous because an author could distribute zipped files without
forcing others to buy pkunzip. I think nowadays free archiving SW is
easily available and even bundled in other programs as Norton
Commander etc.
> It's also advisable to be very careful with executable files in your
> working directory. A severe bug is that Windows looks for executable
> files in the current working directory first. Even worse, this
> behavior cannot be turned off. No other OS has such a silly bug.
> The only solution is to be careful.
>
It comes from MS-DOS, so it is present also in OS/2 and eComStation.
> > 4. spread this knowledge to other Windows users
>
> Yes, the best protection against malware is knowledge. But many
> Windows users told me that they insist on convenience and don't want
> to be bothered with these things. They assume that someone else is
> responsible for security.
>
> This reflects German mentality somehow. If a German is killed in a
> car accident, everything is fine if the other one is the culprit.
> Thus it's impossible to establish a speed-limit on German highways.
>
> http://www.youtube.com/watch?v=B3h2Rw1mHew
>
> Regards,
> Reinhard
>
> --
> ----------------------------------------------------------------------------
> Reinhard Kotucha Phone: +49-511-3373112
> Marschnerstr. 25
> D-30167 Hannover mailto:reinhard.kotucha at web.de
> ----------------------------------------------------------------------------
> Microsoft isn't the answer. Microsoft is the question, and the answer is NO.
> ----------------------------------------------------------------------------
--
Zdeněk Wagner
http://hroch486.icpf.cas.cz/wagner/
http://icebearsoft.euweb.cz
More information about the tex-live
mailing list