From: Jeff Weinstein <jsw@netscape.com>
To: “Dr. Frederick B. Cohen” <fc@all.net>
Message Hash: 1e0b3f2bbb1a91cd9fc8cc8de4ea53aa5e6313972098a7affb0af5059522b875
Message ID: <3084F191.56FE@netscape.com>
Reply To: <9510181156.AA11525@all.net>
UTC Datetime: 1995-10-18 12:26:48 UTC
Raw Date: Wed, 18 Oct 95 05:26:48 PDT
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 18 Oct 95 05:26:48 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Postscript in Netscape
In-Reply-To: <9510181156.AA11525@all.net>
Message-ID: <3084F191.56FE@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain
Dr. Frederick B. Cohen wrote:
>
> Jeff Weinstein - Electronic Munitions Specialist Wrote:
>
> ...
> > If a user configures a postscript viewer that has not had the
> > file operations disabled as a helper app to any web browser then
> > they are opening themselves up for a world of hurt. The same is
> > true if they just download the file and run their viewer on it
> > manually. The same is true if they configure /bin/sh as an
> > external viewer.
> >
> > Obviously everyone should heed perry's warnings and emasculate
> > their postscript interpreters before using them to view files
> > of unknown origin.
>
> WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
> be secure - regardless of the user's use of their product. Otherwise,
> the ads should read:
>
> "Netscape can be used securely by sufficiently knowledgeable
> users who have emasculated their postscript interpreters before
> using them to view files of unknown origin, and who have removed
> all other known, unknown, and/or undisclosed security holes from
> their systems. Otherwise, Netscape is insecure and should not be
> trusted."
Why did I know you would be showing up in this discussion? You
wouldn't be related to alice de 'nonymous would you?
I don't believe that Netscape claims to be some magic bullet that
will suddenly make your system secure when you install it. We also
don't claim that it will detect viruses.
Dont you think we've wasted enough bandwidth on this? I'm sure
most readers of this list are sick of it by now.
--Jeff
--
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.
Return to October 1995
Return to “Westcan1@softnc1.softnc.com (West Canadian Graphics)”