Thanks Rich,
As the recent Ombudsman web page problem illustrates, even supplying a link to a "clean" site can be spoofed in a convincing enough way to trick people onto a bogus website. Asking the departments to take the responsibility for notifying our faculty, staff and students may compound the problem, since people receiving mail from more than one source may receive multiple warning messages, rather than a single message from a authoritative voice representing the campus network. In terms of policy, I don't really think you can have it both ways anymore: you need to either never send mass mailings, or expand your policy to cover virus/trojan/worm announcements as a legitimate circumstance for sending such a mailing out.
The only reason my Faculty and Staff received a warning message yesterday is beacuse I happened to be working after 5pm when some of the first warning messages were sent to MSUNAG and other internal MSU lists. (I received your first message around 8:50pm.) It never occurred to me to send an email to the Law College students because, if the problem was this bad, I simply assumed that was the responsibility of Academic Computing & Network Services to send such a notice. I took your message and added some additional information before forwarding it onto my faculty and staff, figuring that would cover my responsibilities.
I've been seeing dozens of students each hour since we opened our help desk at 8:00am, and even the students who didn't try to open the ZIP files have repeatedly asked me "Why didn't someone at MSU warn us?" The opinion of the students I've spoke with so far has been, they would rather have had an email from some official source waiting in their inboxes this morning to tell them about the problem.
So I say, when the impact is potentially this damaging, send the mass email. In the immortal words of Dennis Miller, "... but that's just my opinion, I could be wrong."
John A. Resotko
Head of Systems Administration
MSU - Detroit College of Law
208 Law College Building
East Lansing, MI 48824-1300
email:
[log in to unmask]Phone: 517-432-6836
Fax: 517-432-6861
A couple of folks have asked if we have done or will do a mass mailing
about the Beagle / Bagle storm. Thus far we have not. I guess our
feeling is it is hard to combat a mass mailing with a mass mailing.
It could lead to even more confusion. Our help desk phones are
quite busy already.
Computer support folks in departments could help if you have
channels for reaching your faculty, staff, or students.
____
The mail team is now blocking mail from sending addresses known
to be bogus and used by the worm:
[log in to unmask][log in to unmask][log in to unmask][log in to unmask]____
In the past, we talked at NAG about the idea of an official
repository for all mass e-mailings MSU (e.g. memos to
all students or to deans, directors, and chairs). This most
recent storm may cause us to revisit that idea. One thought
would be to put the bulk of each official message up on a
Web repository (officialnotices.msu.edu? ANGEL? other?) and
send the target audience an introductory paragraph and a
hyperlink. A single, well-known, trusted and invariant
Web address would allow people to quickly know whether a
mass mailing was bogus or real. Thoughts?
/rich
