Re: [Nolug] FEEDBACK: Security blame games

From: Dustin Puryear <dpuryear_at_usa.net>
Date: Wed, 10 Sep 2003 14:21:27 -0500
Message-Id: <5.2.1.1.0.20030910141517.02584ae8@localhost port 111>

At 01:52 PM 9/9/2003 -0500, you wrote:
>Dustin Puryear <dpuryear@usa.net> writes:
>
> > http://www.secunia.com/advisories/8350/
>
>and later...
>
> > No automatic execution.
>
> >From the advisory:
>
> An input validation error in the Content-ID header allows
> insertion of arbitrary data, which is then passed to GTKHtml for
> rendering.
>
>So, does "No automatic execution" include "No automatic HTML
>rendering"? Should the user be presented with a warning every single
>time he wants to read an HTML email?

That's a good question. Should the email client fully render the HTML,
including images which can be used by spammers to validate addresses? It's
a complex topic. As far as what should and should not be done, well,
anything could potentially be used to attack a machine, even a simple text
email. So to limit this conversation somewhat I would say that for starters
any executable attachment shouldn't be executed by an email client. At
least force the user to manually save the file to disk.

That doesn't fix vulnerabilities in the email client itself of course
(i.e., the bug I referenced at the beginning of this thread).

>The problem with Outlook, as I understand it, is not that there are
>bugs, but that the design is wrong. If Evolution's designers do a
>better job (and, from what I've seen, they have), then Evolution
>shouldn't be the same sort of worm vector that Outlook is.
>
>All programs have bugs. How devastating those bugs are depends on
>the design of the program. If the program is designed not to be a
>vector for worms, then fixing the bugs should fix the problem.
>
>Outlook was designed for inter-office communication, not Internet
>email. As such, fixing bugs doesn't fix the underlying problem.

I don't agree with this. This is nothing inherently insecure about Outlook.
The issues can be generally blamed on bad implementation choices (i.e.,
running attachments by default) and some nasty bugs.

Fortunately, Outlook has proven its worth to the open source world by
showing what pitfalls to avoid. You can't beat that.

---
Dustin Puryear <dustin@puryear-it.com>
Puryear Information Technology, LLC <http://www.puryear-it.com>
Providing expertise in the management, integration, and
security of Windows and UNIX systems, networks, and applications.
___________________
Nolug mailing list
nolug@nolug.org
Received on 09/10/03

This archive was generated by hypermail 2.2.0 : 12/19/08 EST