Hello Michael,
Thursday, October 20, 2005, 11:13:25 AM, you wrote:
> And if there are 2250 people who can not decide which eMail they can
> trust - it's neither my fault nor my problem. You would have to turn
> the whole Internet off to save them from themselves. Even if you
> code them an email-client that can just display 7bit-encoded emails
> in a shell without any possibility of clicking on links, opening
> attachments or whatever.
I'm very disheartened to hear that you care so very little for your
fellow man. That's part of the problem with the world today. Nobody
cares, it's never anyone's fault, and it's always someone else's
problem.
We all know warnings don't do squat. People just ignore them.
So.. Let's take this thread in a new direction. Instead of trying to
convince each other that it's good or bad, let's come up with a way to
implement it where it would be safe. At least it would get us back
on-topic.
Be a part of the solution. You say you have many years of IT
background and are working on your Masters degree. Make TB better,
apply your knowledge to implementing the feature safely.
I'll even start it off.
1. When a message comes in that contains outside images it should be
checked against a whitelist.
a. How is that whitelist enabled
- Should not be based on sender address (spoofing)
- Should be based on website url
a. if based on url, to which part?
- base domain won't work for shared servers i.e.
http://www.pcwize.com/~dave so we need to go deeper to
ensure integrity that http://www.pcwize.com/~bill can't
do bad things.
- If we go too deep, then the whitelist is not effective.
i.e. http://www.pcwize.com/geocaching/images could be
whitelisted, but what about
http://www.pcwize.com/galleries/images? If we trust
www.pcwize.com explicitly then we'd have to whitelist all
the urls we expect images from.
2. Do we only accept file references to an actual image and not a page
designed to display an image? See below:
- How do we ensure the integrity of the referenced script? If
http://www.pcwize.com/image.php?myDog has been compromised to
what extent can that compromise be mitigated on our end?
a. Verify binary header of the returned file to ensure it is a
JPG, PNG, GIF, BMP etc.
b. Will not display anything not meeting above criteria.
c. Warn the user that the received data was not what was
expected and give them no option to override the protection
to attempt to display it anyway.
3. We'd need to tie into the anti-virus to ensure that even though the
received data is an actual image, it doesn't contain an exploit:
http://antivirus.about.com/od/securitytips/a/jpgflaw.htm
Hmmm. Ran out of time. That's a start, you can work on finishing it.
--
TBUDL/BETA/DEV/TECH Lists Moderator / PGP 0x6C0AB16B
__ ____ ____ ____ Geocaching: http://gps.PCWize.com
( ) ( ___)(_ _)( ___) TBUDP Wiki Site: http://www.PCWize.com/thebat/tbudp
)(__ )__) _)(_ )__) Roguemoticons & Smileys: http://PCWize.com/thebat
(____)(____)(____)(__) PHP Tutorials and snippets: http://www.DevTek.org
I went to a general store. They wouldn't let me buy anything specific.
________________________________________________________
Current beta is 3.61.13 (Echo) | 'Using TBBETA' information:
http://www.silverstones.com/thebat/TBUDLInfo.html
IMPORTANT: To register as a Beta tester, use this link first -
http://www.ritlabs.com/en/partners/testers/
