lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: shrdlu at deaddrop.org (Etaoin Shrdlu)
Subject: NEVER open attachments

Frank de Wit wrote:
> 
> just ignore a major part of the world who don't use your mailer...
> and they will ignore your emails... simple
> just ask yourself what is more important to you
> you emailing, or people reading your emails ;-)

Well, now, this is this a pissing contest, or an IQ test? Either way, you
are going to lose.

It might be true, in some sort of corporate structure, that using Outlook
as a mailreader holds some sort of majority. However, on this list, or any
security list, using such a creature is a fool's errand. First of all, if
someone posts here, and signs a message, it's more likely that YOU (i.e.
Frank de Wit & Co) need to read what "they've* said. Do folk posting
security related messages care whether or not people who insist on using
the virus vector from Redmond (aka Outlook) can read those posts? My guess
would be no, not at all.

I realize that english is not your first language, I saw the smiley, but
you still need to get a clue. I don't personally sign messages, because I'm
not making any statements here that you need to check on. If something
shows up from Redhat, or Suse, or Cisco, and it's a security warning about
something you need to patch, it's going to be signed. If you miss it, tough
for you. Do they care? Nope. The messages is a courtesy from them (and we
appreciate it). It's important that it be verified, hence it is signed, and
in a manner appropriate for most of us.

> ----- Original Message -----
> From: "Nico Golde" <nion@....net>
> To: <full-disclosure@...ts.netsys.com>
> Sent: Saturday, March 20, 2004 11:56 AM
> Subject: Re: [Full-Disclosure] NEVER open attachments
> 
> i think the philosophy of never open attachments is only true if your mailer
> sucks.
> regards nico

While this is true (and it is), more importantly, it is foolish to read a
mailing list populated by such a wide range of security folk, and expect
*them* to change their mailing agents to please the "less educated" (or
perhaps I should say "less aware of security") newcomers. Just because (for
example) someone like Paul Schmehl makes posts about securing Windows (and
I believe that he is successful in his methodology), doesn't meant that
he's foolish enough to read this list using Outlook. In fact, I notice he's
on MacOS X (at least lately), which makes sense to me (best of both worlds,
if you must live in an environment that has to cooperate with MS).

If you're here, and you're new (and you've read this far), remember that
the old adage of lurking for a while, before posting, holds true here as
well as anywhere else.

--
Because the innovator has for enemies all those who have
done well under the old conditions, and lukewarm defenders
in those who may do well under the new.
        Niccolo Machiavelli, _The Prince_, Chapter VI

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ