You're talking in circles again, what? You're going to need a host, to link to, and if you haven't already rooted the client your only other option is your own server, which would be like robbing a bank but leaving your driver's license. There's simply not much way this can be exploited, despite the obvious attempt of the author to distract from the Linux virus debacle.
No, I'm just trying to explain the obvious to someone who doesn't quite get it.
You're going to need a host, to link to, and if you haven't already rooted the client your only other option is your own server, which would be like robbing a bank but leaving your driver's license.
It isn't difficult to find a host to link to, without leaving any trace back to the perpetrator, if the perpetrator already has a pool of compromised servers to choose from. They won't last much longer than the time it takes to investigate and disassemble the worm, but by then the damage will already be done to everyone who fell for it.
And while you correctly pointed out that firewalls would limit propagation, one could always link back to the compromised system that was used to send the email. It won't work all the time, but it's not necessary for it to work every time. And it would distribute the task and make it much more difficult to stop the propagation.
There's simply not much way this can be exploited, despite the obvious attempt of the author to distract from the Linux virus debacle.
Wow, where do I begin?