On Sat, May 21, 2005 at 07:52:59PM -0400, Peng wrote: > On 05/21/05 16:26, Boyd Stephen Smith Jr. wrote: > >On Monday 02 May 2005 04:33 pm, Neil Bothwick <[EMAIL PROTECTED]> wrote: > >>On Mon, 02 May 2005 21:00:30 +0000, Alex A. Smith MCP wrote: > >>>Time straped as it is, I'll type in what ever my Default Email prog > >>>wants me to, asking people to turn it off wont work much, better to > >>>make a better argument and ask the developers to dist it without html > >>>as default. > >>Remember that when you ask a question in HTML and the person that really > >>knows the answer does even read it because he is too "time straped" to > >>sort the message from the decorations. > >While I can't say I answer that many questions here, I am one of those > >troublesome users that refuses to read HTML email, even though my client > >(KMail or Firefox/Horde, > >depending on where I'm at) supports it. [I turn support off, as both a > >security precaution and personal preference.] > >I don't even read HTML replies to my own questions. I figure anyone that > >won't turn off HTML for mailing list posts couldn't possibly provide me with > >any useful information. ;) > > How is HTML a security risk? JavaScript could be, I suppose, but HTML? > -- > gentoo-user@gentoo.org mailing list >
One thing that frustrates me about HTML email is the fact that people put ping tags in it. Not much of a security issue, but I wouldn't like it if I accidentially opened up spam only to confirm my email address. As far as security, if the browser supports Java or JavaScript then bad things can happen. Or possibly an exploit for the HTML rendering engine. Many more chances for bad things to happen...thats why I use Mutt-ng :D -- David Stanek www.roninds.net GPG keyID #6272EDAF on http://pgp.mit.edu Key fingerprint = 8BAA 7E11 8856 E148 6833 655A 92E2 3E00 6272 EDAF
pgpuPeK9xyxjg.pgp
Description: PGP signature
