Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Mobile code security (was Re: rr style scanning of non-customers)

  • From: Paul Vixie
  • Date: Mon Jun 16 04:58:14 2003

> therefore
> 3) why would anyone ever run outlook

i love outlook2003.  no joke, i use it every day.  whenever i get an
attachment that seems reasonable and i need to open it, i put it in the
folder that outlook can see, and i read it.  i also share a calendar (in
three directions) using outlook's "iCalendar" support.  i edit my cell
phone's directory using a shared outlook address book.  for what it's
intended to do, outlook works really great.  it's only when you let it
open *all* the e-mail you get, that its weaknesses prevail.

moral of story: i think the security model is terrible, and i think the
fact that credible or similarly-dominant alternatives do not exist is
reprehensible, but the applications themselves, like outlook, seem to
work pretty well once you put them inside a lockbox.  (i guess hundreds
of companies are now in the business of selling such lockboxes, too.)

the real failure, the thing that actually burns my hash, is when my spam
complaints or noc correspondance are robotically bounced because they
contain dangerous mime attachments of type "message/rfc822" (spam
examples) or "text/plain" (traceroute or tcpdump output).  if your noc
or abusedesk has such a robot protecting it, you ought to be ashamed.

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.