|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: aleph1
securityfocus.comDate: Tue Aug 21 2001 - 13:48:50 CDT
While this is an interesting issue, I am killing this thread. The behavior
of email clients that automatically retrieving data from remote servers without
the users knowledge or consent when rendering HTML messages can be considered
a risk, and certainly is considered as such by some.
As described on the list in the past, similar behavior is exhibited by
other applications and document formats. For example, Microsoft Word
documents with embedded images.
It think we are all in agreement that email clients should at least alert
users when fetching remote content and ideally allow the user to disable
such behavior.
At this point a number of workarounds and suggestions for alternate mail
clients have been discussed. Further discussion is off-topic for the list.
If you want to continue discussion this issue the RISKS forum is more
appropriate.
-- Elias Levy SecurityFocus http://www.securityfocus.com/ Si vis pacem, para bellum
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]