[thelist] RE: Email virii [was new Opera browser]

Judah McAuley judah at alphashop.com
Fri Dec 8 11:43:32 CST 2000 

At 02:21 AM 12/8/2000 -0800, you wrote:
>martin,
>
>:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>: From: martin.p.burns at uk.pwcglobal.com
>:
>: Um not the virii which are scripting in the
>: damn email.
>:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>still the fault of the user - not the email client.  scripting within an
>email can have it's uses (no matter how much it may be annoying).  it's up
>to the user to have their security set up in such a way as to prevent
>scripts from running.  script executing in the message is also a problem
>that eudora has so let's not point the finger just at outlook.

As far as I recall, Eudora only had one incident in the past year of a 
script execution problem leading to a self-replicating worm.  Eudora has 
been patched to take care of that, I believe.  Outlook, needless to say, 
has had a significant number of them.  That is one of the reasons I 
switched to Eudora from Outlook in the last year.  That, and the fact that 
Outlook crawls along like a glacier.


>:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>: It's not as idiotic as opening attachments.
>:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>ignoring security concerns when first setting up your email client *is* as
>idiotic as opening a suspect attachment.


The default security settings in Eudora are *much* more safe than in 
Outlook.  The default security settings are also what users are going to 
use unless the program prompts the user to review security through some 
sort of wizard.  To my knowledge, there isn't a mainstream product out 
there that does that yet.  Therefore, the playing field being roughly 
level, I blame Microsoft.

>:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>: Given that MS had to release a damn patch
>: plugging a damn hole the size of a bus, it's
>: not as much of a 'you must be stupid to get
>: infected' thing. The virii which have affected
>: me this year have *all* been Outlook specific.
>:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>and you could have gotten those virii just as easily using eudora.  it comes
>down to user responsibility.

The predominant class of self-replicating virii (worms) that have come 
through in the last year all take advantage of knowing the structure of the 
Outlook address book and being able to script it (with the hand-dany built 
in VB script engine).  If Microsoft was not so bound and determined to 
provide what they seem to think are "productivity enhancements" by tying 
the all their products together and into the OS, the worms wouldn't have 
become so prevalent so quickly.  Eudora, being built for cross-platform 
feature parity, has an inherently different model for all sorts of 
things.  This abstraction from the OS makes it more difficult to write 
these sorts of virii for Eudora.

And since this discussion has *nothing* to do with Opera, now for a tip...

<tip type="List etiquette">
When a rant becomes self-sustaining and continues to deviate from the 
original subject, it's time to give it a new subject with an appropriate 
reference to the previous subject that spawned the new thread.
</tip>

Judah

More information about the thelist mailing list