Text 5481, 775 rader
Skriven 2005-06-28 22:19:34 av Geo (1:379/45)
Kommentar till text 5462 av Rich (1:379/45)
Ärende: Re: An Army of Soulless 1's and 0's
===========================================
From: "Geo" <georger@nls.net>
This is a multi-part message in MIME format.
------=_NextPart_000_00AD_01C57C2F.76839850
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
You seem to be confused because I brought up two email programs OE and =
Outlook that are inconsistent in the way they provide email security, = but
perhaps it would be easier for you if you just try to explain why = outlook
doesn't allow one to run an executable attachment no matter what = you do
(short of getting your own exchange server) yet Outlook Express = which every
new user on the planet uses does allow you to run an = executable attachment
after you tick a silly checkbox that anyone could = find?
It's microsoft's email security strategy that is all over the map.
I mean think about it for a second, if one of the two Outlook or OE = needed to
be locked down it's surely OE not Outlook, and if an exchange = server was
going to be required for something wouldn't it make more = sense that it be
required to prevent a security feature from being = disabled instead of
allowing it to be disabled?
What I'm saying I'd like to see is something about halfway between the = two,
I'd like to see both programs work the same where the default is to = not even
show you an icon for an executable attachment unless the = security feature is
disabled (and by not show I mean not even in the = inbox view), I'd like the
disabling to only be possible via a registry = edit not a checkbox, and I'd
like the registry edit to require a = permission change before it could be
edited so that stupid ISP techs = couldn't easily walk a clueless user thru it
or have them download a = .reg file. And I don't think its proper to require
exchange for any of = this but if you wanted to make exchange able to lock the
security = feature so even a registry edit couldn't disable it that would be a
fine = feature that corp IS departments would probably appreciate.
Are you reading me now?
Geo.
"Rich" <@> wrote in message news:42c1806f@w3.nls.net...
You are all over the map as I expected. You complain that you can =
open attachments even with a bold warning and at the same time complain = that
you can't. Why do you believe that users susceptible to social = tricks like
tempting pictures or better still those that as instructed = saved a password
protected ZIP file, opened it with a supplied password, = extracted a file, and
ran it are going to be stopped by a checkbox?
Rich
"Geo" <georger@nls.net> wrote in message news:42c0f02d@w3.nls.net...
Of course it's the users being exploited with tricks like tempting =
pictures.
What I'm saying is that the email programs allowing users to just =
click on an icon in an email to open an attachment, and then allowing = that
attachment to run (even with an annoying dialog box) and then = allowing it to
run with permissions great enough to change the system or = install software,
is where the problem is.
I thought outlook stopping the attachment from even showing up if it =
was executable was a GREAT solution, the only fault I had with it was = that it
didn't have a hard to find off switch but instead required an = exchange server
to disable it. And the disabled mode should allow only = saving to disk not
execution. (now if they would just do that for OE)
Geo.
"Rich" <@> wrote in message news:42c0d228@w3.nls.net...
So you are saying that infections are due to the users and this =
is why you or I do not become infected running the same software that = others
do when they get trashed. I could agree with this. You though = are all over
the map. Tomorrow you will claim it is because you are = unable to distinguish
between your computer and everything else or = remind us all that you have
never see a warning message and the yellow = icon that is standard.
As for what I do, I suggest that my friends and family create =
separate Windows XP accounts for their children that are limited user =
accounts not adminstrator accounts and that they avoid any software that =
doesn't work with this. I also suggest that they do the same for = themselves
and use a separate administrator account only when necessary. =
My suggestion to you is the same.
The kids of relevance to me are younger than fifteen. =
Attachments are not and have never been a problem. In fact all the = instances
I can remember where attachments were an issue have been with = adults
exercising poor judgement. The problem with children is that = they download
crap like kazaa or some slimey game they came across. = Either way, running as
a limited user allows a foolish user to trash his = own account without
trashing the machine.
Rich
"Geo" <georger@nls.net> wrote in message =
news:42c0920f$1@w3.nls.net...
My computer isn't infected because I don't allow a 15 year old =
to use it. So if you had a 15 year old there who shared your computer = with
you, how would you keep it safe? Obviously you can't trust a child = to read
warning boxes and assuming it's a male child the Jennifer Lopez = thing is
going to be pretty tempting once those hormones kick in... Also = a 15 year old
is probably going to know more about the family computer = than his parents so
a setting to "not allow potentially dangerous = attachments" isn't going to be
worth squat.
Where is the parental lock?
Geo.
"Rich" <@> wrote in message news:42c015cd@w3.nls.net...
Disabled no. Ignore, yes. If it wasn't under your control =
your computers would all be infected, right? Are they? If not, why = not?
Rich
"Geo" <georger@nls.net> wrote in message =
news:42bfd08b$1@w3.nls.net...
Do you believe all the people or at least most of the people =
getting infected in this manner today have disabled the new safety = features
designed to protect them? Somehow I don't think you of all = people would think
that. So if not, then how are they getting infected?
Geo.
"Rich" <@> wrote in message news:42bef8bf@w3.nls.net...
Yes it does speak volumes about the real world. Most =
people do not think like you are care about the thinks you care about =
regardless of whether or not you think they should. Unfortunately, many = are
easily tricked into taking actions against their own interest. That = is what
is described in the lead in to the article that triggered this = thread.
Rich
"Geo" <georger@nls.net> wrote in message =
news:42bef565@w3.nls.net...
No I'm not giving up, just admitting that the latest =
versions don't suffer from the same UI flaws of previous versions. But = the
fact that so many people are still being fooled by this crap speaks = volumes
about the real world.
Geo.
"Rich" <@> wrote in message =
news:42bef4a3@w3.nls.net...
Now you give up on making false claims about safe =
and unsafe attachments. Are you incapable of admiting you are wrong?
Are you trying to suggest that someone that =
downloads a ZIP file, opens that file, opens something from that file, = and
then still ignores the warning about it being unsafe should blame = any
unwanted consequences on whom, you? How often do you infect = yourself this
way?
Rich
"Geo" <georger@nls.net> wrote in message =
news:42beee3d@w3.nls.net...
not if it's in a zip file.
"Rich" <@> wrote in message =
news:42beebc0@w3.nls.net...
To try to fool the few people like you that =
ignore all the other signs. When OE is configured to allow unsafe file = types
it displays the .scr extension even for the long path. It also = displays the
appropriate icon which for the example you give is an = application icon not a
JPEG icon. Outlook and OE still block it or warn = about it depending on
settings. =20
Rich
"Geo" <georger@nls.net> wrote in message =
news:42bec43b$1@w3.nls.net...
You don't believe the current UI with the way it =
displays an icon has had an effect?
Why then do email virus use such long attachment =
names?
Sheep.jpg =
.scr
explain that.
Geo.
"Rich" <@> wrote in message =
news:42be1eb8@w3.nls.net...
The icons reflect the icons elsewhere in =
the UI. I believe this makes sense and do not believe that this UI =
consistency makes users more likely to make bad choices.
File extensions being hidden or not, and =
they are not on file attachments, is not the issue. I realize that this = is a
topic you like to whine about because you believe that your = preference is
right for everyone. Do you really believe the the = clueless that ignore
warnings would pay attention to this? This is all = moot given that unsafe
email attachments are blocked and the article was = describing people
downloading from the web not opening an attachment.
As for your claim to show a difference, =
this happens in a very obvious way. Users are warned about dangerous = files
and not warned about safe ones. The problem is that many ignore = the
warnings. This is the topic discussed in the email to which you = replied and
one which you completely ignored in your reply.
Rich
"Geo" <georger@nls.net> wrote in message =
news:42be194e$1@w3.nls.net...
The answer is very simple, instead of hiding =
dangerous attachments, show the users that these are somehow different = from
other attachments, something as simple as changing the icon to a = skull and
crossbones. To make it so that profession users can't open an = attachment
without an exchange server is just plain rude.
The problem is MS has spent recent history =
trying to hide file extensions from the users, so now we have a bunch of =
clueless users when it comes to telling which file types are safe and = which
are not.
Geo.
"Rich" <@> wrote in message =
news:42be015f@w3.nls.net...
I don't see an easy answer. The issue =
is not that users are warned when there is no reason too, it's that they = got
lucky. A better analogy than a combination lock is Russian = roulette. It's
always dangerous which is why there is a warning. What = would you do?
On a related note, how do you make a =
user that just wants things to "work" and clicks OK because it doesn't = "work"
if he makes another choice to care about such choices? You can = remove the
choice which is the position taken with Outlook and dangerous = attachments.
There were plenty that complained including folks here = when that happened.
Rich
------=_NextPart_000_00AD_01C57C2F.76839850
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1505" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>You seem to be confused because I =
brought up two=20
email programs OE and Outlook that are inconsistent in the way they =
provide=20
email security, but perhaps it would be easier for you if you just try = to=20
explain why outlook doesn't allow one to run an executable attachment no =
matter=20
what you do (short of getting your own exchange server) yet Outlook =
Express=20
which every new user on the planet uses does allow you to run an =
executable=20
attachment after you tick a silly checkbox that anyone could =
find?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>It's microsoft's email security =
strategy that is=20
all over the map.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I mean think about it for a second, if =
one of the=20
two Outlook or OE needed to be locked down it's surely OE not Outlook, = and if
an=20
exchange server was going to be required for something wouldn't it make =
more=20
sense that it be required to prevent a security feature from being =
disabled=20
instead of allowing it to be disabled?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>What I'm saying I'd like to see is =
something about=20
halfway between the two, I'd like to see both programs work the same = where
the=20
default is to not even show you an icon for an executable attachment = unless
the=20
security feature is disabled (and by not show I mean not even in the = inbox=20
view), I'd like the disabling to only be possible via a registry edit = not
a=20
checkbox, and I'd like the registry edit to require a permission change =
before=20
it could be edited so that stupid ISP techs couldn't easily walk a = clueless
user=20
thru it or have them download a .reg file. And I don't think its proper = to=20
require exchange for any of this but if you wanted to make exchange able = to
lock=20
the security feature so even a registry edit couldn't disable it that = would
be a=20
fine feature that corp IS departments would probably = appreciate.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Are you reading me now?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV>"Rich" <@> wrote in message <A=20
href=3D"news:42c1806f@w3.nls.net">news:42c1806f@w3.nls.net</A>...</DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV><FONT face=3DArial size=3D2> You are all over the map =
as I=20
expected. You complain that you can open attachments even with a =
bold=20
warning and at the same time complain that you can't. Why do you =
believe=20
that users susceptible to social tricks like tempting pictures or =
better still=20
those that as instructed saved a password protected ZIP file, opened =
it with a=20
supplied password, extracted a file, and ran it are going to be =
stopped by a=20
checkbox?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A =
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42c0f02d@w3.nls.net">news:42c0f02d@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>Of course it's the users being =
exploited with=20
tricks like tempting pictures.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>What I'm saying is that the email =
programs=20
allowing users to just click on an icon in an email to open an =
attachment,=20
and then allowing that attachment to run (even with an annoying =
dialog box)=20
and then allowing it to run with permissions great enough to change =
the=20
system or install software, is where the problem is.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I thought outlook stopping the =
attachment from=20
even showing up if it was executable was a GREAT solution, the only =
fault I=20
had with it was that it didn't have a hard to find off switch but =
instead=20
required an exchange server to disable it. And the disabled mode =
should=20
allow only saving to disk not execution. (now if they would just do =
that for=20
OE)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42c0d228@w3.nls.net">news:42c0d228@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> So you are saying =
that=20
infections are due to the users and this is why you or I do not =
become=20
infected running the same software that others do when they get=20
trashed. I could agree with this. You though are all =
over the=20
map. Tomorrow you will claim it is because you are unable to =
distinguish between your computer and everything else or remind us =
all=20
that you have never see a warning message and the yellow icon that =
is=20
standard.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> As for what I do, I =
suggest that=20
my friends and family create separate Windows XP accounts for =
their=20
children that are limited user accounts not adminstrator accounts =
and that=20
they avoid any software that doesn't work with this. I also =
suggest=20
that they do the same for themselves and use a separate =
administrator=20
account only when necessary. My suggestion to you is the=20
same.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> The kids of =
relevance to me are=20
younger than fifteen. Attachments are not and have never =
been a=20
problem. In fact all the instances I can remember where =
attachments=20
were an issue have been with adults exercising poor =
judgement. The=20
problem with children is that they download crap like kazaa or =
some slimey=20
game they came across. Either way, running as a limited user =
allows=20
a foolish user to trash his own account without trashing the=20
machine.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A =
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42c0920f$1@w3.nls.net">news:42c0920f$1@w3.nls.net</A>...</DI=
V>
<DIV><FONT face=3DArial size=3D2>My computer isn't infected =
because I don't=20
allow a 15 year old to use it. So if you had a 15 year old there =
who=20
shared your computer with you, how would you keep it safe? =
Obviously you=20
can't trust a child to read warning boxes and assuming it's a =
male child=20
the Jennifer Lopez thing is going to be pretty tempting once =
those=20
hormones kick in... Also a 15 year old is probably going to know =
more=20
about the family computer than his parents so a setting to "not =
allow=20
potentially dangerous attachments" isn't going to be worth=20
squat.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Where is the parental =
lock?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: =
5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42c015cd@w3.nls.net">news:42c015cd@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> Disabled =
no. Ignore,=20
yes. If it wasn't under your control your computers =
would all be=20
infected, right? Are they? If not, why =
not?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: =
5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A=20
href=3D"mailto:georger@nls.net">georger@nls.net</A>> =
wrote in=20
message <A=20
=
href=3D"news:42bfd08b$1@w3.nls.net">news:42bfd08b$1@w3.nls.net</A>...</DI=
V>
<DIV><FONT face=3DArial size=3D2>Do you believe all the =
people or at=20
least most of the people getting infected in this manner =
today have=20
disabled the new safety features designed to protect them? =
Somehow I=20
don't think you of all people would think that. So if not, =
then how=20
are they getting infected?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: =
5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42bef8bf@w3.nls.net">news:42bef8bf@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> Yes it does =
speak=20
volumes about the real world. Most people do not =
think like=20
you are care about the thinks you care about regardless of =
whether=20
or not you think they should. Unfortunately, many =
are easily=20
tricked into taking actions against their own =
interest. That=20
is what is described in the lead in to the article that =
triggered=20
this thread.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A=20
href=3D"mailto:georger@nls.net">georger@nls.net</A>> =
wrote in=20
message <A=20
=
href=3D"news:42bef565@w3.nls.net">news:42bef565@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>No I'm not giving up, =
just=20
admitting that the latest versions don't suffer from the =
same UI=20
flaws of previous versions. But the fact that so many =
people are=20
still being fooled by this crap speaks volumes about the =
real=20
world.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42bef4a3@w3.nls.net">news:42bef4a3@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> Now you =
give up on=20
making false claims about safe and unsafe =
attachments. =20
Are you incapable of admiting you are =
wrong?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> Are you =
trying to=20
suggest that someone that downloads a ZIP file, opens =
that=20
file, opens something from that file, and then still =
ignores=20
the warning about it being unsafe should blame any =
unwanted=20
consequences on whom, you? How often do you =
infect=20
yourself this way?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A=20
=
href=3D"mailto:georger@nls.net">georger@nls.net</A>> wrote=20
in message <A=20
=
href=3D"news:42beee3d@w3.nls.net">news:42beee3d@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>not if it's in a =
zip=20
file.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42beebc0@w3.nls.net">news:42beebc0@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> To =
try to fool=20
the few people like you that ignore all the other=20
signs. When OE is configured to allow unsafe =
file=20
types it displays the .scr extension =
even for=20
the long path. It also displays the =
appropriate icon=20
which for the example you give is an application =
icon not=20
a JPEG icon. Outlook and OE still block it =
or warn=20
about it depending on settings. =
</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A=20
=
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42bec43b$1@w3.nls.net">news:42bec43b$1@w3.nls.net</A>...</DI=
V>
<DIV><FONT face=3DArial size=3D2>You don't =
believe the=20
current UI with the way it displays an icon has =
had an=20
effect?</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Why then do =
email virus use=20
such long attachment names?</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial=20
=
size=3D2>Sheep.jpg &=
nbsp; &n=
bsp; &nb=
sp; &nbs=
p;  =
; =
&=
nbsp; =20
.scr</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>explain =
that.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42be1eb8@w3.nls.net">news:42be1eb8@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> =
The icons=20
reflect the icons elsewhere in the UI. I =
believe=20
this makes sense and do not believe that this =
UI=20
consistency makes users more likely to make =
bad=20
choices.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> =
File=20
extensions being hidden or not, and they are =
not on=20
file attachments, is not the issue. I =
realize=20
that this is a topic you like to whine about =
because=20
you believe that your preference is right for=20
everyone. Do you really believe the the =
clueless=20
that ignore warnings would pay attention to=20
this? This is all moot given that unsafe =
email=20
attachments are blocked and the article was =
describing=20
people downloading from the web not opening an =
attachment.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> =
As for your=20
claim to show a difference, this happens in a =
very=20
obvious way. Users are warned about =
dangerous=20
files and not warned about safe ones. =
The=20
problem is that many ignore the =
warnings. This=20
is the topic discussed in the email to which =
you=20
replied and one which you completely ignored =
in your=20
reply.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: =
5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: =
0px">
<DIV>"Geo" <<A=20
=
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42be194e$1@w3.nls.net">news:42be194e$1@w3.nls.net</A>...</DI=
V>
<DIV><FONT face=3DArial size=3D2>The answer =
is very=20
simple, instead of hiding dangerous =
attachments,=20
show the users that these are somehow =
different from=20
other attachments, something as simple as =
changing=20
the icon to a skull and crossbones. To make =
it so=20
that profession users can't open an =
attachment=20
without an exchange server is just plain=20
rude.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>The problem =
is MS has=20
spent recent history trying to hide=20
file extensions from the users, so now =
we have=20
a bunch of clueless users when it comes to =
telling=20
which file types are safe and which are=20
not.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: =
5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: =
0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42be015f@w3.nls.net">news:42be015f@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial =
size=3D2> I don't=20
see an easy answer. The issue=20
is not that users are warned =
when there=20
is no reason too, it's that they got =
lucky. =20
A better analogy than a combination lock =
is=20
Russian roulette. It's always =
dangerous=20
which is why there is a warning. =20
</FONT><FONT face=3DArial size=3D2>What =
would you=20
do?</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2> On a=20
related note, how do you make a user that =
just=20
wants things to "work" and clicks OK =
because it=20
doesn't "work" if he makes another choice =
to care=20
about such choices? You can remove =
the=20
choice which is the position taken with =
Outlook=20
and dangerous attachments. There =
were plenty=20
that complained including folks here when =
that=20
happened.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial=20
=
size=3D2></FONT> </DIV></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOC=
KQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE><=
/BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQU=
OTE></BODY></HTML>
------=_NextPart_000_00AD_01C57C2F.76839850--
--- BBBS/NT v4.01 Flag-5
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)
|