[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-pim
Subject: Re: [Kde-pim] Bug 262386 - allow HTML by default
From: Lindsay Mathieson <lindsay.mathieson () gmail ! com>
Date: 2011-12-06 7:49:59
Message-ID: CAEMkAmGin-wovMH0z061ppqncedwAgUjWddeZcOzp4suLmPd2Q () mail ! gmail ! com
[Download RAW message or body]
Even with just plain HTML, its much easier to disguise a link as legit
- many bank email scams rely on that.
2011/12/6 Kevin Krammer <kevin.krammer@gmx.at>:
> On Tuesday, 2011-12-06, Dr. Robert Marmorstein wrote:
>> > Some points I have missed?
>>
>> Yes. =A0Enabling HTML by default introduces a whole slough of security
>> issues. =A0Many phishing attacks, XSS problems, and other scams
>> depend on having HTML e-mail. =A0It is definitely better, from a security
>> standpoint, to enable only plain text by default. =A0Users who are more
>> technically savvy and aware of the various threats can easily change the
>> default in the settings. =A0Users who aren't technically proficient prob=
ably
>> should leave the default at plain text.
>
> But don't most of those problems depend on either loading additional cont=
ent
> or executing script?
> Both are deactivate separately in KMail's use of the render engine if I
> remember correctly.
>
> Cheers,
> Kevin
>
> --
> Kevin Krammer, KDE developer, xdg-utils developer
> KDE user support, developer mentoring
>
> _______________________________________________
> KDE PIM mailing list kde-pim@kde.org
> https://mail.kde.org/mailman/listinfo/kde-pim
> KDE PIM home page at http://pim.kde.org/
-- =
Lindsay
_______________________________________________
KDE PIM mailing list kde-pim@kde.org
https://mail.kde.org/mailman/listinfo/kde-pim
KDE PIM home page at http://pim.kde.org/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic