AW: annoying HTML postings
mbartkow at ET.PUT.Poznan.PL
mbartkow at ET.PUT.Poznan.PL
Wed May 26 14:53:13 CEST 1999
> There's no more risk of getting a virus with HTML mail - the only difference
> with an HTML mail is that the message body MIME type is HTML rather than
> plain text, and HTML formatting tags are used.
> A virus would more easily pass on as a MIME attachment than something
> embedded in HTML (eg Tom's Happy99.exe post ;-) )
Unfortunatelly, sending as HTML increases the risk. Viruses may have a form
of JavaScript and Java programs embeded in HTML documents. HTML-based readers
attempt to execute them. Microsoft products are configured by default to run
the scripts without warning. I know, what I am saying, I have already seen
two examples of such behavior.
In its assumptions, Java is thought of as a "safe" scripting language, i.e.
the script is not allowed to write to disk etc. But it is not realized in
MS's implementation. Under Win95/98 there is enough security holes to be
completey unsafe. Be warned.
regards,
m.b.
--
Maciej Bartkowiak
========================================================================
Institute of Electronics and Telecommunication fax: (+48 61) 8782572
Poznan University of Technology phone: (+48 61) 8791016 int.171
Piotrowo 3A email: mbartkow at et.put.poznan.pl
60-965 Poznan POLAND http://www.et.put.poznan.pl/~mbartkow
========================================================================
More information about the Synth-diy
mailing list