mailing list archives
Re: Email virus protection
From: "Karsten W. Rohrbach" <karsten () rohrbach de>
Date: Thu, 21 Aug 2003 00:12:34 +0200
just me(matt () snark net)@2003.08.20 14:41:02 +0000:
Please don't pretend that your MUA-de-jour is somehow invulnerable by
design, unless you've audited every line of code yourself.
Mutt and similar MUAs are prone to misconfiguration, which makes them
vulnerable to some degree, but this fact alone does not expose enough
surface for implementation of an internet-wide worm attack ;-)
Perhaps, Outlook is a secure and performant email solution - in, say, 3
to 4 years from now, but this means a drastic change of course for the
In end-user application design, finding the right mix between security
and and convenience (which tend to be mutually exclusive, in one way or
the other) is a critical design decision.
You get the point.
On a different angle, the apparent problem of a software product being
vulnerable to an exploit is not solved by deploying a - albeit
well-patched - application monoculture worldwide. Risk is lowered by
using more well-designed software packages out there. Diversity is the
name of the game, it's nature's solution and it seems to work quite
I completely agree. Which is why I discourage people from using
Outlook Express as well as Mutt.
So the interesting question in context of this email thread is: what do
you encourage them for?
Among economists, the real world is often a special case.
webmonster.de -- InterNetWorkTogether -- built on the open source platform
http://www.webmonster.de/ - ftp://ftp.webmonster.de/ - http://www.rohrbach.de/
GnuPG: 0xDEC948A6 D/E BF11 83E8 84A1 F996 68B4 A113 B393 6BF4 DEC9 48A6
Please do not remove my address from To: and Cc: fields in mailing lists. 10x
Re: Email virus protection Karsten W. Rohrbach (Aug 20)
Re: Email virus protection JC Dill (Aug 20)
Re: Email virus protection chuck goolsbee (Aug 21)
Re: Email virus protection Stephen J. Wilcox (Aug 21)
- Re: Email virus protection, (continued)