On Mon, Mar 12, 2001 at 03:22:58PM +0100, Kai Blin wrote: >On Wed, 7 Mar 2001, Jan Johansson wrote: > >Well, I usually say email is safe and I'm 18, so come on... but, >on the other hand, you can say email is safe for me (with >mutt/pine/whatever) because I'm smart enough. This email >attachment stuff seems like computer darwinism to me :) pine has problems, I can not find the advisory in the bugtraq archive now but if I am not misstaken there was something with executing local code when sending "badly" formatted attachments. I know there are about 4000 printf bugs waiting to happen. >> Default is to hide the file extension so that we also get the >> nice problem of sexygirl.jpg.vbs, is it a nice girl or a >> virus? > >Eudora tells you (or used to tell you, didnt use it for a while) >that where it saved the file with the full path and name, >doesn't it? How about http://www.securityfocus.com/archive/1/12915. >Anyway, I don't think a luser would refrain opening a file >called sexygirl.jpg.vbs if a friend of his sent it and said it >was a nice picture, would he? Lusers click on anything that is clickable without reading warnings. -- "OpenBSD put me out of business." - retired cracker
