Re: Misplaced flamewar... WAS: RE: in case nobody else noticed it, there was a mail worm released today

• From: Rachael Treu
• Date: Wed Jan 28 13:10:23 2004

On Wed, Jan 28, 2004 at 12:07:36PM -0500, Patrick W.Gilmore said something to the effect of:
> 
> On Jan 28, 2004, at 11:56 AM, james wrote:
> Not sure why that is the case.  Web browsers know better than to 
> execute things, or at least to execute them in a sandbox, and there 
> seems to be much more "abuse" capabilities in IE / Netscape than 
> $RandomMailReader.
> 
> How hard is it to tell a mail reader "NEVER execute a binary"?  If 

w00t. 

> someone really wants to run a program that was e-mailed to them, they 
> can save the attachment and run it outside the mail reader or 
> something.  So things like "virus.doc.exe" won't get executed by $luser 
> who thinks it was a word doc.

I don't think it's that it's hard, so much as inconvenient.  
C-level-officer types ;) want point-and-click to open and launch, 
not to be ordered to port and manipulate attachments to access them.  
And since that might be too much effort...heck...why not give users 
a peep-hole preview function that allows them to split the screen and 
peak into the email without clicking on anything at all?  Back-office 
IT heads would roll if that went away...

We _can_ thank M$ for setting the bar on this one; no one expected 
irresponsible features like instant access to attached goodies until 
the Internet-for-Idiots and SMTP-for-the-generally-challenged 
revolutions were ushered in to the sounds of "Where do you want to go 
today, and how much do you want to break/spend/consume while you're 
there?"

I wish I could end this with "Friends don't let friends use Outlook,"
but I have to agree that the fault still lies primarily in the users
that continually refuse to heed the warnings of 
  A) shut that preview pain^N^Nne shee-yit off
  B) don't execute attachments in email, even/especially if it looks
	like it might be a really k00l screen saver...

Long live mutt.  ;)

ymmv,
--ra
-- 
K. Rachael Treu, CISSP     [email protected]
..this email has been brought to you by the letters 'v' and 'i'..


> 
> There are ways around this (copy/paste an executable into a word doc, 
> then type "Click here!" in the Word doc), but it might help.
> 
> Might.... :)
> 
> -- 
> TTFN,
> patrick

• Follow-Ups:
  • Re: Misplaced flamewar... WAS: RE: in case nobody else noticed it, there was a mail worm released today Lou Katz

• References:
  • Misplaced flamewar... WAS: RE: in case nobody else noticed it, therewas a mail worm released today Dave Temkin
  • Re: Misplaced flamewar... WAS: RE: in case nobody else noticed it, there was a mail worm released today james
  • Re: Misplaced flamewar... WAS: RE: in case nobody else noticed it, there was a mail worm released today Patrick W.Gilmore

• Prev by Date: Re: Misplaced flamewar... WAS: RE: in case nobody else noticed it, there was a mail worm released today
• Next by Date: Re: Misplaced flamewar... WAS: RE: in case nobody else noticed it, there was a mail worm released today
• Date Index
• Thread Index
• Author Index
• Historical