North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Email virus protection

  • From: just me
  • Date: Wed Aug 20 17:43:18 2003

On Wed, 20 Aug 2003, Karsten W. Rohrbach wrote:

  just me([email protected])@2003.08.20 14:17:17 +0000:
  >
  > http://www.cert.org/advisories/CA-1997-14.html
  > http://www.cert.org/advisories/CA-1998-10.html
  >
  > Wow, the second one even mentions Mutt by name.

  The more recent of those two advisories is dated August 11, 1998.
  What are you trying to express, by citation of those pretty outdated
  CERT advisories? If you are trying to imply that software does not
  improve in a time frame of five years, go ahead and convince me. =)

It's happened before, it'll happen again. Please don't pretend that
your MUA-de-jour is somehow invulnerable by design, unless you've
audited every line of code yourself.

  On a different angle, the apparent problem of a software product being
  vulnerable to an exploit is not solved by deploying a - albeit
  well-patched - application monoculture worldwide. Risk is lowered by
  using more well-designed software packages out there. Diversity is the
  name of the game, it's nature's solution and it seems to work quite
  well.

I completely agree. Which is why I discourage people from using
Outlook Express as well as Mutt.

matto

[email protected]<darwin><
   Flowers on the razor wire/I know you're here/We are few/And far
   between/I was thinking about her skin/Love is a many splintered
   thing/Don't be afraid now/Just walk on in. #include <disclaim.h>