[14399] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: Reliance on Microsoft called risk to U.S. security

daemon@ATHENA.MIT.EDU (Kevin T. Neely)
Wed Oct 1 19:16:42 2003

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 01 Oct 2003 18:59:06 -0400
From: "Kevin T. Neely" <ktneely@astroturfgarden.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <Pine.LNX.4.58.0310011217490.25659@bolt.sonic.net>

bear allegedly wrote...

> "Can be relied on to _only_ deliver text" is a valuable and important
> piece of functionality, and a capability that has been cut out of too
> many protocols with no replacement in sight.

Is delivery really the problem, though?  You can deliver all the code you want to an e-mail account which I check using pine and none of it will ever run.  I think that the problem is that the mail clients in question have the ability to interpret the code.  HTML?  It's text-only, but contains a number of features that, when implemeted, produce what I think we'd all call undesirable results.

I could send a message that says:

helo somenastydomain.com
mail from spammer@nowhere.net
rcpt johndoe@yahoo.com
data
here's some viagra I'd like to sell you
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post