Jargons of Info Tech industry

Tim Tyler tim at tt1lock.org
Tue Oct 18 10:12:23 CEST 2005


Gordon Burditt <gordonb.8p4v4 at burditt.org> wrote or quoted:

> Before worrying about the possible bugs in the implementations,
> worry about security issues present in the *DESIGN*.  Email ought
> to be usable to carry out a conversation *SAFELY* with some person out
> to get you.  Thus features like this are dangerous (in the *design*,
> not because they *might* hide a buffer-overflow exploit):
> 
> - Hyperlinks to anything *outside* the email in which the link
>   resides ("web bugs").

Acceptable risk, IMO.

> - Any ability to automatically generate hits on sender-specified
>   servers when the email is read.

I hadn't though of that one.  As well as use in DDOS attacks, that
can help let spammers know if they have reached a human :-|

Even a link in a plain text email can be used (though with reduced
effectiveness) in such a context :-(
-- 
__________
 |im |yler  http://timtyler.org/  tim at tt1lock.org  Remove lock to reply.



More information about the Python-list mailing list