Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: NEVER open attachments
From: "Jeremiah Cornelius" <jeremiah () nur net>
Date: Fri, 19 Mar 2004 12:09:59 -0800

Valdis.Kletnieks () vt edu <Valdis.Kletnieks () vt edu>, Nico Golde, Frank >
Knobbe, et al have wonderful things to say and contribute great 
things to this list, but i have never read anything they post because 
they post as attachments. 
Yes, granted, they are .txt attachments but that is no excuse as it's >
just a matter of time before they are exploited. 

These gentlemen do not post as attachments.  They SIGN their messages, and
some clients insist on representing inline S/MIME and OpenPGP messages as
attachments.

Five will get you 10, that you are using Outlook Express, or an MS Outlook
prior to OfficeXP.

The blinking signing is so that you CAN trust the source!  Assuming you have
verified the sender's key and trust them for safe practices, open
attachments 'till you get RSI!  The NEVER OPEN rule is a dogma for
unverified senders - you /knew/ that.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]