Ok, so a trojan by definition requires some user action to infect its target. In that case the user was a family member so it’s basically our responsibility if we got infected, but it still drives me mad to witness what kind of place the Net has turned into.
How much protection layers do we have to put up with? Our router comes with a built-in hardware firewall. Every Windows PC at home (not our FreeBSD box…) also runs a software firewall and a real-time antivirus, plus two spyware detection & removal programs that are launched periodically. Well it appears that’s not enough. “Trojan.Tooso.K” was released yesterday, probably spammed to millions of email addresses. We got one just before our antivirus definitions were updated, somehow clicked on the attachement, thus running the risk of seeing our system become a zombie for some underground operation. And loosing a good 30 minutes of quality family time in the process of fixing things.I realize there are ways to authenticate the sender of an email and I’ve experimented with solutions built around GPG/PGP. But email is about exchanging information and I simply cannot expect the vast majority of people I interact with to be familiar enough with encryption to make this another useful security layer. I guess I should still try convincing them anyway, though.
Obviously you shouldn’t click on anything that looks suspicious, be it an attachement or url. The problem here is that there are tens of millions of users out there who are not even interested in figuring out what suspicious means in our online world. And really: to what extent should they have to care?