Email virus protection
Karsten W. Rohrbach
karsten at rohrbach.de
Wed Aug 20 22:12:34 UTC 2003
just me(matt at snark.net)@2003.08.20 14:41:02 +0000:
> Please don't pretend that your MUA-de-jour is somehow invulnerable by
> design, unless you've audited every line of code yourself.
I don't.
Mutt and similar MUAs are prone to misconfiguration, which makes them
vulnerable to some degree, but this fact alone does not expose enough
surface for implementation of an internet-wide worm attack ;-)
Perhaps, Outlook is a secure and performant email solution - in, say, 3
to 4 years from now, but this means a drastic change of course for the
vendor.
In end-user application design, finding the right mix between security
and and convenience (which tend to be mutually exclusive, in one way or
the other) is a critical design decision.
You get the point.
> On a different angle, the apparent problem of a software product being
> vulnerable to an exploit is not solved by deploying a - albeit
> well-patched - application monoculture worldwide. Risk is lowered by
> using more well-designed software packages out there. Diversity is the
> name of the game, it's nature's solution and it seems to work quite
> well.
>
> I completely agree. Which is why I discourage people from using
> Outlook Express as well as Mutt.
So the interesting question in context of this email thread is: what do
you encourage them for?
Regards,
/k
--
> Horngren's Observation:
> Among economists, the real world is often a special case.
webmonster.de -- InterNetWorkTogether -- built on the open source platform
http://www.webmonster.de/ - ftp://ftp.webmonster.de/ - http://www.rohrbach.de/
GnuPG: 0xDEC948A6 D/E BF11 83E8 84A1 F996 68B4 A113 B393 6BF4 DEC9 48A6
Please do not remove my address from To: and Cc: fields in mailing lists. 10x
More information about the NANOG
mailing list