Jargons of Info Tech industry
tim at tt1lock.org
Tue Oct 18 10:12:23 CEST 2005
Gordon Burditt <gordonb.8p4v4 at burditt.org> wrote or quoted:
> Before worrying about the possible bugs in the implementations,
> worry about security issues present in the *DESIGN*. Email ought
> to be usable to carry out a conversation *SAFELY* with some person out
> to get you. Thus features like this are dangerous (in the *design*,
> not because they *might* hide a buffer-overflow exploit):
> - Hyperlinks to anything *outside* the email in which the link
> resides ("web bugs").
Acceptable risk, IMO.
> - Any ability to automatically generate hits on sender-specified
> servers when the email is read.
I hadn't though of that one. As well as use in DDOS attacks, that
can help let spammers know if they have reached a human :-|
Even a link in a plain text email can be used (though with reduced
effectiveness) in such a context :-(
|im |yler http://timtyler.org/ tim at tt1lock.org Remove lock to reply.
More information about the Python-list