[svlug] Viruses (was: virus FUD)
kmself at ix.netcom.com
Mon May 8 01:54:08 PDT 2000
On Sat, May 06, 2000 at 11:06:24PM -0700, Jonathan Cobb wrote:
> To further criticize the author of the linuxplanet article:
> > What's worse is that there is almost no way of avoiding opening
> > HTML e-mail, at least in Netscape Messenger.... So HTML mail has
> > some ugly side effects, and they are largely the same on Linux
> > as they are in Windows.
> Hmmm... and these "ugly side effect" would be? Besides slow loading
> popup window, are there any real hazards to viewing HTML? Any more than
> you'd have surfing to the same page in your main browser window? I
> plugged -- like the one in NN2 that allowed a form with a "mailto"
> action to post itself to the originating webserver, thus giving the
> I'd be curious if anyone else knows of any significant "ugly side
There are several problems which come to mind:
- The above mentioned slow loads, etc., and impacts on network
performance, particularly on dialup connections.
exploits which have been uncovered in the past, for example, the
infamous CrackMonkey dual-boot wups-we're-sorry exploit.
- In the particular instance of spam, it's possible (and judging from
URLs I've seen, becoming common practice) to encode either pages or
image files with distinct URLs which allow for receipt-verification
of specific mail items. This is as good as saying "hi, yes, I'm a
valid email address, spam me please".
Using Mutt, I've taken to filtering all HTML email content through
'less' prior to viewing in a browser, whether console or graphical.
This probably isn't a significant threat, but it's an additional step to
personal privacy and spam reduction.
Note that the distinction is that having a page (or URL) sent to you is
not something that happens as a matter of course when you're
webbrowsing. You're selecting content, it's not selecting you. This
relationship is reversed in email.
Karsten M. Self <kmself at ix.netcom.com> http:/www.netcom.com/~kmself
What part of "Gestalt" don't you understand?
GPG fingerprint: F932 8B25 5FDD 2528 D595 DC61 3847 889F 55F2 B9B0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 232 bytes
Desc: not available
Url : http://lists.svlug.org/archives/svlug/attachments/20000508/991e0b24/attachment.bin
More information about the svlug