Re: Malware Triangle

From: Richard S. Westmoreland (richardsw_at_suscom.net)
Date: 11/24/04


Date: Wed, 24 Nov 2004 12:31:26 -0500


"Leythos" <void@nowhere.org> wrote in message
news:MPG.1c0e8c6edfd00e21989ad9@news-server.columbus.rr.com...
> You need to separate the delivery method from the result - the malicious
> HTML is something of a misnomer - HTML, of any type is not malicious,
> it's only ASCII, the content in the HTML is not malicious, it's the flaw
> in the browser that is a problem. Many browsers don't have a problem
> with what IE does, so it's an IE problem, not an HTML problem.
>
> I suppose, based on your argument, if I had a 30MB email limit and
> customers sent me 100MB of email, I should feed threatened by them?

I would consider that a threat to the Availability of incoming email, yes.
I wouldn't call it spam though unless it was unsolicited. My wife keeps
forwarding me goofy chainletters and a few with large images did put my
mailbox over the limit once, so I may very well put "Wives" on the Triangle.
;-)

I agree with what you are saying, it's all very good points. If I send you
an html email, that contains instructions that takes advantage of an exploit
in IE, and the result is some damage to your data or privacy, would you
agree that in one way or another my intent was malicious, and my email to
you was a threat? How would you classify this scenario?

-- 
Richard S. Westmoreland
http://www.antisource.com


Relevant Pages

  • Re: Malware Triangle
    ... >> include ASCII TEXT files also. ... >> concerned about in an ASCII Text file, and although, like in HTML, they ... > HTML isn't a threat. ... > emails in a day when your mailbox can only hold 1000 emails is a threat. ...
    (alt.computer.security)
  • Re: Malware Triangle
    ... >>in the browser that is a problem. ... >>with what IE does, so it's an IE problem, not an HTML problem. ... > I would consider that a threat to the Availability of incoming email, ... particular email address is part of the critical security ...
    (alt.computer.security)
  • Re: Malware Triangle
    ... because without it we would have only text - but wait...MIME itself isn't bad, it is a container ... for the multipurpose extended content which can be HTML or attached content or script within HTML or whatever ... threats as e-mail you could set a policy to not allow any - but all you really needed to do is not allow the script to run. ... Same with HTML files in general - you wouldn't need to disallow HTML to stop the threat, ...
    (alt.computer.security)
  • Re: Malware Triangle
    ... >> the fault of the HTML document, it's the rendering application. ... and the whole thing is the threat. ... But I disagree, the HTML is not the problem, neither is the script, it's ...
    (alt.computer.security)
  • Re: Malware Triangle
    ... > include ASCII TEXT files also. ... > concerned about in an ASCII Text file, and although, like in HTML, they ... HTML isn't a threat. ... Emails aren't a threat. ...
    (alt.computer.security)