lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: hobbit at avian.org (*Hobbit*) Subject: A worm... if you wanted to deal with zip files you needed to download WinZip, PKZip or something similar, but now, thanks to Microsoft, all you have to do is double click. At least it still takes one manual step, from what I'm gathering. A step which a lot of idiots just casually do anyways, evidently. But this is a bad trend. When [not "if"] M$ and friends causes ZIP contents to be fully auto-execute by default from email messages or the preview pane, we will have lost one of the last bastions for people to encapsulate content for each other reasonably safely, that is still good for the point-n-click desktop crowd. It'll happen, sometime, because that's how it always seems to go with them. Maybe passworded ZIPs will still be okay, dunno. The command-line is all but dead, so you aren't going to get your "I just want it to work" executives understanding the equivalent of "base64 | rot13" or a return to tar-n-feather or whatever it will then take to make content available and unfiltered via email. So they'll just give up, and we all lose. Thanks yet again, Unca Bill. _H*
Powered by blists - more mailing lists