1995-09-22 - Re: Another Netscape Bug (and possible security hole)
Header Data
From: Adam Shostack <adam@homeport.org>
To: dmandl@panix.com
Message Hash: 3bc2a4c0ba738cabc55c323337adc83b1bd08362008742ccd3412849fe5a0e49
Message ID: <199509222019.QAA16468@homeport.org>
Reply To: <Pine.SUN.3.91.950922154119.7388A-100000@panix.com>
UTC Datetime: 1995-09-22 20:19:43 UTC
Raw Date: Fri, 22 Sep 95 13:19:43 PDT
Raw message
From: Adam Shostack <adam@homeport.org>
Date: Fri, 22 Sep 95 13:19:43 PDT
To: dmandl@panix.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <Pine.SUN.3.91.950922154119.7388A-100000@panix.com>
Message-ID: <199509222019.QAA16468@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain
dmandl@panix.com wrote:
| On Fri, 22 Sep 1995, Adam Shostack wrote:
| > I keep hearing this thought. Isn't Win95 with its
| > 'executables in email' much more dangerous than Java, which at least
| > tries to address security?
|
| Is that the new MS-Word you're thinking of? I hear that it lets you
| imbed macros containing executable code in documents. That's got to
| be one of the most dangerous ideas ever cooked up.
No, this is a seperate problem. Its not auto-executing code
in Microsoft documents that worries me, so much as the ability to
include executables as clickable images in a mail message, with the
user having no control over what environment the program executes in.
If strong fences make good neighbors, where are the fences in
my network neighborhood?
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
Thread
Return to September 1995
- Return to “Adam Shostack <adam@homeport.org>”
- Return to “Aleph One <aleph1@dfw.net>”
- Return to “dmandl@panix.com”
- Return to “frenchie@magus.dgsys.com (SysAdmin)”
- Return to “futplex@pseudonym.com (Futplex)”
- Return to “goedel@tezcat.com (Dietrich J. Kappe)”
- Return to “Jon Lasser <jlasser@rwd.goucher.edu>”
- Return to “jsw@neon.netscape.com (Jeff Weinstein)”
- Return to ““Perry E. Metzger” <perry@piermont.com>”
- Return to “Ray Cromwell <rjc@clark.net>”
- Return to “sameer <sameer@c2.org>”
- Return to “Scott M Fabbri <m1smf99@FRB.GOV>”
- Return to “Thomas Grant Edwards <tedwards@Glue.umd.edu>”
Return to “Yih-Chun Hu <yihchun@u.washington.edu>”
- 1995-09-22 (Fri, 22 Sep 95 00:24:28 PDT) - Re: Another Netscape Bug (and possible security hole) - goedel@tezcat.com (Dietrich J. Kappe)
- 1995-09-22 (Fri, 22 Sep 95 00:53:01 PDT) - Re: Another Netscape Bug (and possible security hole) - jsw@neon.netscape.com (Jeff Weinstein)
- 1995-09-22 (Fri, 22 Sep 95 01:01:26 PDT) - Mosaic Bug (same as Netscape bug) (was Re: Another Netscape Bug) - futplex@pseudonym.com (Futplex)
- 1995-09-22 (Fri, 22 Sep 95 02:22:41 PDT) - Re: Mosaic Bug (same as Netscape bug) (was Re: Another Netscape Bug) - jsw@neon.netscape.com (Jeff Weinstein)
- 1995-09-22 (Fri, 22 Sep 95 05:43:45 PDT) - Re: Another Netscape Bug (and possible security hole) - “Perry E. Metzger” <perry@piermont.com>
- 1995-09-22 (Fri, 22 Sep 95 07:13:45 PDT) - Re: Another Netscape Bug (and possible security hole) - Scott M Fabbri <m1smf99@FRB.GOV>
- 1995-09-22 (Fri, 22 Sep 95 12:27:31 PDT) - Re: Another Netscape Bug (and possible security hole) - Adam Shostack <adam@homeport.org>
- 1995-09-22 (Fri, 22 Sep 95 12:47:17 PDT) - Re: Another Netscape Bug (and possible security hole) - dmandl@panix.com
- 1995-09-22 (Fri, 22 Sep 95 13:19:43 PDT) - Re: Another Netscape Bug (and possible security hole) - Adam Shostack <adam@homeport.org>
- 1995-09-23 (Fri, 22 Sep 95 17:53:21 PDT) - Re: Another Netscape Bug (and possible security hole) - Aleph One <aleph1@dfw.net>
- 1995-09-23 (Fri, 22 Sep 95 22:16:31 PDT) - Re: Another Netscape Bug (and possible security hole) - Ray Cromwell <rjc@clark.net>
- 1995-09-25 (Mon, 25 Sep 95 12:02:32 PDT) - Re: Another Netscape Bug (and possible security hole) - Jon Lasser <jlasser@rwd.goucher.edu>
- 1995-09-22 (Fri, 22 Sep 95 12:47:17 PDT) - Re: Another Netscape Bug (and possible security hole) - dmandl@panix.com
- 1995-09-22 (Fri, 22 Sep 95 13:04:54 PDT) - Re: Another Netscape Bug (and possible security hole) - frenchie@magus.dgsys.com (SysAdmin)
- 1995-09-22 (Fri, 22 Sep 95 14:08:40 PDT) - Re: Another Netscape Bug (and possible security hole) - sameer <sameer@c2.org>
- 1995-09-22 (Fri, 22 Sep 95 10:04:56 PDT) - Re: Another Netscape Bug (and possible security hole) - Yih-Chun Hu <yihchun@u.washington.edu>
- 1995-09-22 (Fri, 22 Sep 95 10:18:08 PDT) - Re: Another Netscape Bug (and possible security hole) - Thomas Grant Edwards <tedwards@Glue.umd.edu>
- 1995-09-22 (Fri, 22 Sep 95 00:53:01 PDT) - Re: Another Netscape Bug (and possible security hole) - jsw@neon.netscape.com (Jeff Weinstein)