And thusly Fred Cisin spake:
On Thu, 14 Mar 2002, Allison wrote:
lessee,
I use OutlookExpress at times, with the right settings it's pretty solid
and can be made virus proof! Hint, disable VBSscripting! Why anyone
would link a programming language to email is beyond me. Disabling
COMx and ActiveX controls is easy enough. There is no excuse for
HTML unless someone set a system profile removing those controls
from reach, in that case us you own system not the companies.
Propagating bugs like Loveletter is an example of user ignorance.
User education could be improved.
I talked to somebody who thought that she would be safe because she always
checked everything in the "preview pane" to see if it would be OK
(thinking that it was like a peephole in a front door?)
"Social engineering" is still a primary problem. Twice I have received
e-mail that purported to be from Microsoft with a 170K attachment
(Q216309.EXE). It said to run that to patch security holes. yeah,
right. MICROS~1 does NOT mail unsolicited security patches.
Is there any reason why I should switch away from PINE on a TELNET
session?
There is no reason to switch from pine, but there is a very good reason to
switch from telnet to ssh. With telnet your entire session and password is
sent as clear text. Using at least version 1 of ssh is a *very* good thing.
And using scp instead of ftp is also a very good thing, for the same reason.
Cheers,
Bryan