So Google got hit by a virus. How many million copies do you think they received in the last few weeks? and one got through.

I am aware of a > 10 000 employee UK company (not Internet related) that has had nearly a million virus payloads sent to it in the last few weeks.

It is your responsibility as the receiver of the email to verify that the originator is who they say they are, and that the content is intact and safe.

Never assume that anything is safe to open without checking it out first, as that is one of the major presumptions that helps to spread viruses.

Everyone who runs Windows, and has never gotten hit by a virus, please raise your hand now.

Everyone else, you know how easy it is to let your guard down, miss an anti-virus update on just one computer. Would you appreciate it if no one read your email again because you messed up once?

I'm sure Google learnt from the mistake, the IT department got chewed out, and they will be much more careful in the future.

Would you appreciate it if no one read your email again because you messed up once?

If I had an email newsletter that never sent out attachments and then one day it sent out a virus in an attachment to some subscribers and then I notified all my recipients that a virus was accidentally sent out then if only two days later a subscriber received an email saying it was from my newsletter with an uncustomary attachment then I would hope they would hit delete ASAP.

I think the point here is that Google did something wrong. A chink in the armor, so to speak.

They're media darlings, the darlings of the SEO world and commonly defended and accorded unprecented support by webmasters and others who drool over them like a hot date. Look at the posts in this thread for examples.

If Microsoft did this, it is fairly safe to assume that some of the same people would be calling for their heads...

True , But should we trust Google in further mail's or not? That's the Question . It was a accident , it wasn't porposely done, I'm sure Google won't do this again ,and hey , You can't trust anyone these days,
If it was your best friend who done it and you know it wasn't done on porpose , would you stop taking mail's from that person?

Sid

>> Everyone who runs Windows, and has never gotten hit by a virus, please raise your hand now.

Hand is up. There's a related problem though. Somebody else out there is always hit. This can be just as serious.

>> Would you appreciate it if no one read your email again because you messed up once?

The last couple of days, i've been sending out Sobig's it seems. Of course anyone with technical insight will know that it was not me (header info), but anyhow it's my email that gets inserted into the "From" field because someone out there is infected and has an email from me in their mailbox, and this is just getting copied by the virus.

It's a pain. These good people have now sent my email addy to a lot of addresses i could'nt ever dream of sending to myself. And all i get for notification is the "Mailer-Demon" bounced replies when their virus-spamming fails. Best of all, they didn't even know they were sending this stuff out. Anyway, they do since yesterday as i tracked them down, but still their virus did harm to me, by broadcasting my email address without ever infecting my own machine.

/claus

>Would you appreciate it if no one read your email again because you messed up once?

If anyone in my organization messed up in this way "once"....it would be the only time they would have that opportunity.

Any corporation that hasn't run a policy of basic network protection for the past 8 years or more needs to seriously think about its future.

I had our contract of employment changed in 1995 to make this type of act a dismissible offence......looks like Google needs to get with the times!

I am happy to say that in the past 8 years no one has fallen foul of this type of act!

Security is paramount to any serious software or Internet based company....be sloppy, be history:)

Yes, it shouldnt happen.. but I'm still getting around 100 to 200 sobigs a day from many of the Fortune 500 companies and many universities.

I cant afford to never trust emails from these guys again (several are clients and many are potential clients) and will just use my normal spam detection procedures just as I do with Google emails.

I just think some here are getting a bit carried away.

This is a problem that if we applied the same standards as people are suggesting here that we should for Google, then a great many corporates, including massive MNC's are also at fault and have also been bitten by a PR worm.

chiyo, I very much doubt that the sobig-f emails are really coming from fortune 500 companies. That is a forged email issue, and no one can easily solve that problem. People need to understand how forging works and then they wouldn't blame the wrong people.

In the Google case, it wasn't a forgery....it was them that sent out the virus ridden email....which is very different.

hi percentages. yes i will concede that. Seen enough "email rejected" messages back to me that i guess are from either email addresses published on the web, in spam databases, or in someone's email address box.

However i have had 3 people from these companies already sending personal apology emails to me for "Sending a virus". I would guess that is just a part of the iceburg of companies who were caught, as it wuld only represent a small percentage of those affected i guess, and not just forged emails.

Preception is also reality. I'm assuming that 98% who receive one of these things from my email address will blame me, but I hope they are not as fast as you to not trust me or ban me from sending them email..

I got a e-mail called "Failiure Delivury" from my SMTP/POP3 servver ,checked the attachments, and guess what? A Sobdig, My mail server is sending me Sobdig's for gods sake, I reported by Web host ,they worked on it , they said it was attacked by a Hacker which made my mail server send out Sobdig's to all the messages I sent.

Errr, that isn't how it works.

Someone that you know has the virus on their machine. That machine is the one that is sending out the virus. Those messages have a fake email address on them. That faked address is the address of someone known to the person who owns the infected machine. In fact, the messages have your email address on them. Some of the sent messages fail to reach their target and are returned to sender. Since the (faked) email headers say that you sent them, then they get returned to you (rather than to the real place they came from). That is what you are seeing.

Isn't that amazing, that there are still webmasters that are not aware of forged emails?

What really get to me, are these autoresponders or spam filters that automatically send back or bounces back the forged emails to me because my addy is in the 'from' field when any human can see from the headers that the email did not originate from my server.

In my wish list...a standardize intelligent email filter that would compare the 'from' field to the host server in the 'received from' of the header, any email that fail this test is immediately send to the black hole.

Well, personally i keep getting bounce-backs today. I have mixed feelings about it: I agree it's annoying as it's definitely not my machine sending out all that virus-spam, but on the other hand i'm glad.. well, not exactly... aware that my email address has now been broadcasted to half the globe, so it's time to change... that, in turn annoys me big time, as there is no way i can inform all the people out there that has this email address already (and is supposed to have it)

/claus

AOL Postmaster keeps sending bouncebacks to me. Typical.

I can't believe Google PR is using Windoze. Hello, QuarkXPress came out for OSX already, get with the program.

"Is anybody sure Google has Windows or do they just have Linux or something , because when I fetched server headers for www.google.com , I get that they have this server:
GWS/2.1 , this can be "Google Web Server" or something else."

Google do indeed use Linux for the Google websites and as an operating system for Google web search. What we need to remember is it was not Google directly that was attacked it was Googles PR department. Normal office set-up with windows pc's all with email access. One got through and caused all this.

Mack.