Spam on qubes-users E-Mail list
31 views
Skip to first unread message
Jeremias E.
Jul 20, 2016, 11:07:23 AM7/20/16
to qubes-devel
Hello,
the two emails below are spam. Please delete them from the qubes-users list.
Be aware that this email:
Courier was unable to deliver the parcel, ID00204044
also has a .zip file attached. I assume with malicious content.
https://groups.google.com/forum/#!topic/qubes-users/XRjz_SIOYVU
https://groups.google.com/forum/#!topic/qubes-users/zXlsltjrcRU
Best regards
J. Eppler
the two emails below are spam. Please delete them from the qubes-users list.
Be aware that this email:
Courier was unable to deliver the parcel, ID00204044
also has a .zip file attached. I assume with malicious content.
https://groups.google.com/forum/#!topic/qubes-users/XRjz_SIOYVU
https://groups.google.com/forum/#!topic/qubes-users/zXlsltjrcRU
Best regards
J. Eppler
Andrew David Wong
Jul 20, 2016, 6:10:48 PM7/20/16
to Jeremias E., qubes-devel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Please understand that this is a public mailing list. It is not possible to
prevent all spam from being sent to a public mailing list, and it is
(thankfully) not possible to delete messages after individuals have downloaded
those messages to their local machines. Deleting a message in Google Groups
will not delete it from people's inboxes, from Gmane, or from any other entity
that might be mirroring the mailing list. Since attempting to police Google
Groups for spam would provide very little benefit (at a non-zero cost), we've
decided to take a hands-off approach. This means that we will typically not
delete messages from Google Groups once they've been successfully sent to our
mailing lists. (Note, however, that there *is* a Google Groups spam filter,
and it *does* prevent a lot of spam from showing up in the first place.)
Please also understand that we make it a point to trust as little of the
infrastructure we use as possible. This includes things like the mailing
lists, GitHub, the website, and all the servers they run on. Those servers are
all controlled by third-party entities, not us. This is why we stress the
importance of verifying signatures [1] on ISOs and emails. We also encourage
Qubes users to adopt this same attitude of distrusting the infrastructure. In
fact, empowering users to do this -- to have a secure endpoint that only *you*
control -- is why Qubes exists. You *should* assume that those ZIP files are
malicious, but thanks to Qubes, you don't have to worry that opening one will
compromise your entire digital life. (In this case, since it's just spam, you
have no reason to open those attachments. But if you have to open a suspicious
attachment, do it in a DispVM or an untrusted AppVM!)
[1] https://www.qubes-os.org/doc/verifying-signatures/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXj/bdAAoJENtN07w5UDAwvtEP/AmJv3mQgrJ1slQCns72dc/C
y9AeBPPOjaT+XmH8RZUqPkW6xFvoSlMVM3UAYX7nQrL67Fsl/dbAZIk9mdv7I7jV
4l+c3jzH5pos3oNgOZjrYKMPS8sL+3Ms1kCoL6sJZf1zoT1v0QaEkwwntYmYx/dQ
UyCrULhc44R2SKzprXhpV50a4ZleyfVd/2BEgTRvqsUwf3CItqkG9ZZXrGRfTdll
vx8DaGG7UXcJGbPqMPMAmZc2o0WaCCUw1s4pjZCANvedLEgdz30yFnRW5aZREVGy
wFcq3uUMDe57yto1A3nxlLAsGxVbITrBbpKzK/bPBJJabUTCzGaH6g2aJAy6pHrT
e5f6J7+HNPYKlSqDjDo10BhAUsocpVnEfa4siC1o0oiHA0QMS+/6zhTmLG8L8UYK
yOh5HID5Y/FQVyYNqQvA8epXNZLiouC34JBnp/G+jVt9dpsNylIcLAnEGcz3dfYh
VH98i3TYpe23VBgqqPSGf4/XIVbcFReTZdmrhj8WJAMIE4+3L7acZ9Jci7SzWSXW
pmnOOVh6WDfS+fUM0vXwPcUVOH5u7T155Ljyg8TbQv7eqD5/Vq/o02cwDcqwPdlt
jZ8gslxjpu3/A263Y+/KcuWoliWwH+Rw8L1lgCkVXX7449wLC/TYyGAVjegDtgJI
/39CbadrSFHl0MQeYZqn
=/RXi
-----END PGP SIGNATURE-----
Hash: SHA512
prevent all spam from being sent to a public mailing list, and it is
(thankfully) not possible to delete messages after individuals have downloaded
those messages to their local machines. Deleting a message in Google Groups
will not delete it from people's inboxes, from Gmane, or from any other entity
that might be mirroring the mailing list. Since attempting to police Google
Groups for spam would provide very little benefit (at a non-zero cost), we've
decided to take a hands-off approach. This means that we will typically not
delete messages from Google Groups once they've been successfully sent to our
mailing lists. (Note, however, that there *is* a Google Groups spam filter,
and it *does* prevent a lot of spam from showing up in the first place.)
Please also understand that we make it a point to trust as little of the
infrastructure we use as possible. This includes things like the mailing
lists, GitHub, the website, and all the servers they run on. Those servers are
all controlled by third-party entities, not us. This is why we stress the
importance of verifying signatures [1] on ISOs and emails. We also encourage
Qubes users to adopt this same attitude of distrusting the infrastructure. In
fact, empowering users to do this -- to have a secure endpoint that only *you*
control -- is why Qubes exists. You *should* assume that those ZIP files are
malicious, but thanks to Qubes, you don't have to worry that opening one will
compromise your entire digital life. (In this case, since it's just spam, you
have no reason to open those attachments. But if you have to open a suspicious
attachment, do it in a DispVM or an untrusted AppVM!)
[1] https://www.qubes-os.org/doc/verifying-signatures/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXj/bdAAoJENtN07w5UDAwvtEP/AmJv3mQgrJ1slQCns72dc/C
y9AeBPPOjaT+XmH8RZUqPkW6xFvoSlMVM3UAYX7nQrL67Fsl/dbAZIk9mdv7I7jV
4l+c3jzH5pos3oNgOZjrYKMPS8sL+3Ms1kCoL6sJZf1zoT1v0QaEkwwntYmYx/dQ
UyCrULhc44R2SKzprXhpV50a4ZleyfVd/2BEgTRvqsUwf3CItqkG9ZZXrGRfTdll
vx8DaGG7UXcJGbPqMPMAmZc2o0WaCCUw1s4pjZCANvedLEgdz30yFnRW5aZREVGy
wFcq3uUMDe57yto1A3nxlLAsGxVbITrBbpKzK/bPBJJabUTCzGaH6g2aJAy6pHrT
e5f6J7+HNPYKlSqDjDo10BhAUsocpVnEfa4siC1o0oiHA0QMS+/6zhTmLG8L8UYK
yOh5HID5Y/FQVyYNqQvA8epXNZLiouC34JBnp/G+jVt9dpsNylIcLAnEGcz3dfYh
VH98i3TYpe23VBgqqPSGf4/XIVbcFReTZdmrhj8WJAMIE4+3L7acZ9Jci7SzWSXW
pmnOOVh6WDfS+fUM0vXwPcUVOH5u7T155Ljyg8TbQv7eqD5/Vq/o02cwDcqwPdlt
jZ8gslxjpu3/A263Y+/KcuWoliWwH+Rw8L1lgCkVXX7449wLC/TYyGAVjegDtgJI
/39CbadrSFHl0MQeYZqn
=/RXi
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages