Re: Malware Triangle

From: Richard S. Westmoreland (richardsw_at_suscom.net)
Date: 11/24/04


Date: Wed, 24 Nov 2004 12:31:26 -0500


"Leythos" <void@nowhere.org> wrote in message
news:MPG.1c0e8c6edfd00e21989ad9@news-server.columbus.rr.com...
> You need to separate the delivery method from the result - the malicious
> HTML is something of a misnomer - HTML, of any type is not malicious,
> it's only ASCII, the content in the HTML is not malicious, it's the flaw
> in the browser that is a problem. Many browsers don't have a problem
> with what IE does, so it's an IE problem, not an HTML problem.
>
> I suppose, based on your argument, if I had a 30MB email limit and
> customers sent me 100MB of email, I should feed threatened by them?

I would consider that a threat to the Availability of incoming email, yes.
I wouldn't call it spam though unless it was unsolicited. My wife keeps
forwarding me goofy chainletters and a few with large images did put my
mailbox over the limit once, so I may very well put "Wives" on the Triangle.
;-)

I agree with what you are saying, it's all very good points. If I send you
an html email, that contains instructions that takes advantage of an exploit
in IE, and the result is some damage to your data or privacy, would you
agree that in one way or another my intent was malicious, and my email to
you was a threat? How would you classify this scenario?

-- 
Richard S. Westmoreland
http://www.antisource.com