On 23 Jun 2000, at 8:09, Chris McEwen wrote:
> Side comment on the level of threat on embedded active content vs links to
> active content. In the case of links, the list member is taking the
> initiative. This is not the case in embedded content.
Is that true? I thought that with the KAK-virus patch for OE [from a
year ago] we had seen the last of problems from 'embedded' worms. AFAIK,
none of the recent headline-grabbers [nor any others I've seen go by in a
while now] cause any problem for anyone unless you have a gullible user
"taking the initiative"...
This is not to defend passing-through potentially-active-content, only to
clarify that to first order there isn't that much difference between link
vs embedded: in both cases, you need to hoodwink the user into telling
his mail client "go do it", and once you can do that *anything* [mostly
bad..:o)] can happen. You can argue [probably correctly] that "via link"
is harder to infect with [i.e., requires an even *denser* user], but
still in both cases the ultimate problem isn't really the email but the
"nut behind the wheel"...
/Bernie\
--
Bernie Cosell Fantasy Farm Fibers
mailto:[EMAIL PROTECTED] Pearisburg, VA
--> Too many people, too few sheep <--
