Text 5489, 869 rader
Skriven 2005-06-28 20:15:34 av Rich (1:379/45)
Kommentar till text 5481 av Geo (1:379/45)
Ärende: Re: An Army of Soulless 1's and 0's
===========================================
From: "Rich" <@>
This is a multi-part message in MIME format.
------=_NextPart_000_031F_01C57C1E.248A1760
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Both Outlook and OE have the same behavior by default. OE provides =
an override for users that believe they are able to make wise decisions. =
Outlook does too though it limits some configurabilty to the server so =
that it is immune to client issues. These are different not = inconsistent.
In contrast you are inconsistent and hypocritical = complaining about one thing
and then complaining about the opposite. = You sound stupid.
I believe your suggestion to not identify that an attachment was =
blocked is a very bad one. If you don't tell users that you blocked an =
attachment and just hide it then there will be no difference between = having a
blocked attachment and none at all. How are they to recognize = that they be
missing something?
As for your registry suggestion, you are demonstrating that you are =
clueless again. Unless you think that 10 steps which are difficult for = a
user and trivial for an application protects you any more than one = step that
is trivial for a user too. If you think this would keep = stupid ISP tech
support from walking users through it, you are wrong = again. I've heard them
give people complex instructions to screw up the = security of their computers
to save the ISP some effort. They would do = this here if they felt it was to
the ISP's benefit.
Rich
"Geo" <georger@nls.net> wrote in message news:42c20562@w3.nls.net...
You seem to be confused because I brought up two email programs OE and =
Outlook that are inconsistent in the way they provide email security, = but
perhaps it would be easier for you if you just try to explain why = outlook
doesn't allow one to run an executable attachment no matter what = you do
(short of getting your own exchange server) yet Outlook Express = which every
new user on the planet uses does allow you to run an = executable attachment
after you tick a silly checkbox that anyone could = find?
It's microsoft's email security strategy that is all over the map.
I mean think about it for a second, if one of the two Outlook or OE =
needed to be locked down it's surely OE not Outlook, and if an exchange =
server was going to be required for something wouldn't it make more = sense
that it be required to prevent a security feature from being = disabled instead
of allowing it to be disabled?
What I'm saying I'd like to see is something about halfway between the =
two, I'd like to see both programs work the same where the default is to = not
even show you an icon for an executable attachment unless the = security
feature is disabled (and by not show I mean not even in the = inbox view), I'd
like the disabling to only be possible via a registry = edit not a checkbox,
and I'd like the registry edit to require a = permission change before it could
be edited so that stupid ISP techs = couldn't easily walk a clueless user thru
it or have them download a = .reg file. And I don't think its proper to require
exchange for any of = this but if you wanted to make exchange able to lock the
security = feature so even a registry edit couldn't disable it that would be a
fine = feature that corp IS departments would probably appreciate.
Are you reading me now?
Geo.
"Rich" <@> wrote in message news:42c1806f@w3.nls.net...
You are all over the map as I expected. You complain that you =
can open attachments even with a bold warning and at the same time = complain
that you can't. Why do you believe that users susceptible to = social tricks
like tempting pictures or better still those that as = instructed saved a
password protected ZIP file, opened it with a = supplied password, extracted a
file, and ran it are going to be stopped = by a checkbox?
Rich
"Geo" <georger@nls.net> wrote in message =
news:42c0f02d@w3.nls.net...
Of course it's the users being exploited with tricks like tempting =
pictures.
What I'm saying is that the email programs allowing users to just =
click on an icon in an email to open an attachment, and then allowing = that
attachment to run (even with an annoying dialog box) and then = allowing it to
run with permissions great enough to change the system or = install software,
is where the problem is.
I thought outlook stopping the attachment from even showing up if =
it was executable was a GREAT solution, the only fault I had with it was = that
it didn't have a hard to find off switch but instead required an = exchange
server to disable it. And the disabled mode should allow only = saving to disk
not execution. (now if they would just do that for OE)
Geo.
"Rich" <@> wrote in message news:42c0d228@w3.nls.net...
So you are saying that infections are due to the users and =
this is why you or I do not become infected running the same software = that
others do when they get trashed. I could agree with this. You = though are
all over the map. Tomorrow you will claim it is because you = are unable to
distinguish between your computer and everything else or = remind us all that
you have never see a warning message and the yellow = icon that is standard.
As for what I do, I suggest that my friends and family create =
separate Windows XP accounts for their children that are limited user =
accounts not adminstrator accounts and that they avoid any software that =
doesn't work with this. I also suggest that they do the same for = themselves
and use a separate administrator account only when necessary. =
My suggestion to you is the same.
The kids of relevance to me are younger than fifteen. =
Attachments are not and have never been a problem. In fact all the = instances
I can remember where attachments were an issue have been with = adults
exercising poor judgement. The problem with children is that = they download
crap like kazaa or some slimey game they came across. = Either way, running as
a limited user allows a foolish user to trash his = own account without
trashing the machine.
Rich
"Geo" <georger@nls.net> wrote in message =
news:42c0920f$1@w3.nls.net...
My computer isn't infected because I don't allow a 15 year old =
to use it. So if you had a 15 year old there who shared your computer = with
you, how would you keep it safe? Obviously you can't trust a child = to read
warning boxes and assuming it's a male child the Jennifer Lopez = thing is
going to be pretty tempting once those hormones kick in... Also = a 15 year old
is probably going to know more about the family computer = than his parents so
a setting to "not allow potentially dangerous = attachments" isn't going to be
worth squat.
Where is the parental lock?
Geo.
"Rich" <@> wrote in message news:42c015cd@w3.nls.net...
Disabled no. Ignore, yes. If it wasn't under your =
control your computers would all be infected, right? Are they? If not, = why
not?
Rich
"Geo" <georger@nls.net> wrote in message =
news:42bfd08b$1@w3.nls.net...
Do you believe all the people or at least most of the =
people getting infected in this manner today have disabled the new = safety
features designed to protect them? Somehow I don't think you of = all people
would think that. So if not, then how are they getting = infected?
Geo.
"Rich" <@> wrote in message news:42bef8bf@w3.nls.net...
Yes it does speak volumes about the real world. Most =
people do not think like you are care about the thinks you care about =
regardless of whether or not you think they should. Unfortunately, many = are
easily tricked into taking actions against their own interest. That = is what
is described in the lead in to the article that triggered this = thread.
Rich
"Geo" <georger@nls.net> wrote in message =
news:42bef565@w3.nls.net...
No I'm not giving up, just admitting that the latest =
versions don't suffer from the same UI flaws of previous versions. But = the
fact that so many people are still being fooled by this crap speaks = volumes
about the real world.
Geo.
"Rich" <@> wrote in message =
news:42bef4a3@w3.nls.net...
Now you give up on making false claims about safe =
and unsafe attachments. Are you incapable of admiting you are wrong?
Are you trying to suggest that someone that =
downloads a ZIP file, opens that file, opens something from that file, = and
then still ignores the warning about it being unsafe should blame = any
unwanted consequences on whom, you? How often do you infect = yourself this
way?
Rich
"Geo" <georger@nls.net> wrote in message =
news:42beee3d@w3.nls.net...
not if it's in a zip file.
"Rich" <@> wrote in message =
news:42beebc0@w3.nls.net...
To try to fool the few people like you that =
ignore all the other signs. When OE is configured to allow unsafe file = types
it displays the .scr extension even for the long path. It also = displays the
appropriate icon which for the example you give is an = application icon not a
JPEG icon. Outlook and OE still block it or warn = about it depending on
settings. =20
Rich
"Geo" <georger@nls.net> wrote in message =
news:42bec43b$1@w3.nls.net...
You don't believe the current UI with the way =
it displays an icon has had an effect?
Why then do email virus use such long =
attachment names?
Sheep.jpg =
.scr
explain that.
Geo.
"Rich" <@> wrote in message =
news:42be1eb8@w3.nls.net...
The icons reflect the icons elsewhere in =
the UI. I believe this makes sense and do not believe that this UI =
consistency makes users more likely to make bad choices.
File extensions being hidden or not, and =
they are not on file attachments, is not the issue. I realize that this = is a
topic you like to whine about because you believe that your = preference is
right for everyone. Do you really believe the the = clueless that ignore
warnings would pay attention to this? This is all = moot given that unsafe
email attachments are blocked and the article was = describing people
downloading from the web not opening an attachment.
As for your claim to show a difference, =
this happens in a very obvious way. Users are warned about dangerous = files
and not warned about safe ones. The problem is that many ignore = the
warnings. This is the topic discussed in the email to which you = replied and
one which you completely ignored in your reply.
Rich
"Geo" <georger@nls.net> wrote in message =
news:42be194e$1@w3.nls.net...
The answer is very simple, instead of =
hiding dangerous attachments, show the users that these are somehow = different
from other attachments, something as simple as changing the = icon to a skull
and crossbones. To make it so that profession users = can't open an attachment
without an exchange server is just plain rude.
The problem is MS has spent recent history =
trying to hide file extensions from the users, so now we have a bunch of =
clueless users when it comes to telling which file types are safe and = which
are not.
Geo.
"Rich" <@> wrote in message =
news:42be015f@w3.nls.net...
I don't see an easy answer. The =
issue is not that users are warned when there is no reason too, it's = that
they got lucky. A better analogy than a combination lock is = Russian
roulette. It's always dangerous which is why there is a = warning. What would
you do?
On a related note, how do you make a =
user that just wants things to "work" and clicks OK because it doesn't = "work"
if he makes another choice to care about such choices? You can = remove the
choice which is the position taken with Outlook and dangerous = attachments.
There were plenty that complained including folks here = when that happened.
Rich
------=_NextPart_000_031F_01C57C1E.248A1760
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2668" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2> Both Outlook and OE have =
the same=20
behavior by default. OE provides an override for users that = believe
they=20
are able to make wise decisions. Outlook does too though it limits =
some=20
configurabilty to the server so that it is immune to client = issues.
These=20
are different not inconsistent. In contrast you are inconsistent = and=20
hypocritical complaining about one thing and then complaining about the=20
opposite. You sound stupid.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> I believe your suggestion =
to not=20
identify that an attachment was blocked is a very bad one. If you =
don't=20
tell users that you blocked an attachment and just hide it then there = will be
no=20
difference between having a blocked attachment and none at all. = How
are=20
they to recognize that they be missing something?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> As for your registry =
suggestion, you=20
are demonstrating that you are clueless again. Unless you think = that
10=20
steps which are difficult for a user and trivial for an application = protects
you=20
any more than one step that is trivial for a user too. If you = think
this=20
would keep stupid ISP tech support from walking users through it, you = are
wrong=20
again. I've heard them give people complex instructions to screw = up
the=20
security of their computers to save the ISP some effort. They = would
do=20
this here if they felt it was to the ISP's benefit.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A =
href=3D"mailto:georger@nls.net">georger@nls.net</A>> wrote=20
in message <A=20
=
href=3D"news:42c20562@w3.nls.net">news:42c20562@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>You seem to be confused because I =
brought up two=20
email programs OE and Outlook that are inconsistent in the way they =
provide=20
email security, but perhaps it would be easier for you if you just try =
to=20
explain why outlook doesn't allow one to run an executable attachment =
no=20
matter what you do (short of getting your own exchange server) yet =
Outlook=20
Express which every new user on the planet uses does allow you to run =
an=20
executable attachment after you tick a silly checkbox that anyone =
could=20
find?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>It's microsoft's email security =
strategy that is=20
all over the map.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I mean think about it for a second, =
if one of the=20
two Outlook or OE needed to be locked down it's surely OE not Outlook, =
and if=20
an exchange server was going to be required for something wouldn't it =
make=20
more sense that it be required to prevent a security feature from =
being=20
disabled instead of allowing it to be disabled?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>What I'm saying I'd like to see is =
something=20
about halfway between the two, I'd like to see both programs work the =
same=20
where the default is to not even show you an icon for an executable =
attachment=20
unless the security feature is disabled (and by not show I mean not =
even in=20
the inbox view), I'd like the disabling to only be possible via a =
registry=20
edit not a checkbox, and I'd like the registry edit to require a =
permission=20
change before it could be edited so that stupid ISP techs couldn't =
easily walk=20
a clueless user thru it or have them download a .reg file. And I don't =
think=20
its proper to require exchange for any of this but if you wanted to =
make=20
exchange able to lock the security feature so even a registry edit =
couldn't=20
disable it that would be a fine feature that corp IS departments would =
probably appreciate.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Are you reading me now?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42c1806f@w3.nls.net">news:42c1806f@w3.nls.net</A>...</DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV><FONT face=3DArial size=3D2> You are all over the =
map as I=20
expected. You complain that you can open attachments even with =
a bold=20
warning and at the same time complain that you can't. Why do =
you=20
believe that users susceptible to social tricks like tempting =
pictures or=20
better still those that as instructed saved a password protected ZIP =
file,=20
opened it with a supplied password, extracted a file, and ran it are =
going=20
to be stopped by a checkbox?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A =
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42c0f02d@w3.nls.net">news:42c0f02d@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>Of course it's the users being =
exploited with=20
tricks like tempting pictures.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>What I'm saying is that the email =
programs=20
allowing users to just click on an icon in an email to open an =
attachment,=20
and then allowing that attachment to run (even with an annoying =
dialog=20
box) and then allowing it to run with permissions great enough to =
change=20
the system or install software, is where the problem =
is.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I thought outlook stopping the =
attachment=20
from even showing up if it was executable was a GREAT solution, =
the only=20
fault I had with it was that it didn't have a hard to find off =
switch but=20
instead required an exchange server to disable it. And the =
disabled mode=20
should allow only saving to disk not execution. (now if they would =
just do=20
that for OE)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42c0d228@w3.nls.net">news:42c0d228@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> So you are saying =
that=20
infections are due to the users and this is why you or I do not =
become=20
infected running the same software that others do when they get=20
trashed. I could agree with this. You though are all =
over=20
the map. Tomorrow you will claim it is because you are =
unable to=20
distinguish between your computer and everything else or remind =
us all=20
that you have never see a warning message and the yellow icon =
that is=20
standard.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> As for what I do, =
I suggest=20
that my friends and family create separate Windows XP accounts =
for their=20
children that are limited user accounts not adminstrator =
accounts and=20
that they avoid any software that doesn't work with this. =
I also=20
suggest that they do the same for themselves and use a separate=20
administrator account only when necessary. My suggestion =
to you is=20
the same.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> The kids of =
relevance to me=20
are younger than fifteen. Attachments are not and have =
never been=20
a problem. In fact all the instances I can remember where=20
attachments were an issue have been with adults exercising poor=20
judgement. The problem with children is that they download =
crap=20
like kazaa or some slimey game they came across. Either =
way,=20
running as a limited user allows a foolish user to trash his own =
account=20
without trashing the machine.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: =
5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A=20
href=3D"mailto:georger@nls.net">georger@nls.net</A>> wrote =
in message=20
<A=20
=
href=3D"news:42c0920f$1@w3.nls.net">news:42c0920f$1@w3.nls.net</A>...</DI=
V>
<DIV><FONT face=3DArial size=3D2>My computer isn't infected =
because I=20
don't allow a 15 year old to use it. So if you had a 15 year =
old there=20
who shared your computer with you, how would you keep it safe? =
Obviously you can't trust a child to read warning boxes and =
assuming=20
it's a male child the Jennifer Lopez thing is going to be =
pretty=20
tempting once those hormones kick in... Also a 15 year old is =
probably=20
going to know more about the family computer than his parents =
so a=20
setting to "not allow potentially dangerous attachments" isn't =
going=20
to be worth squat.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Where is the parental =
lock?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: =
5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42c015cd@w3.nls.net">news:42c015cd@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> Disabled =
no. Ignore,=20
yes. If it wasn't under your control your computers =
would all=20
be infected, right? Are they? If not, why=20
not?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: =
5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A=20
href=3D"mailto:georger@nls.net">georger@nls.net</A>> =
wrote in=20
message <A=20
=
href=3D"news:42bfd08b$1@w3.nls.net">news:42bfd08b$1@w3.nls.net</A>...</DI=
V>
<DIV><FONT face=3DArial size=3D2>Do you believe all the =
people or at=20
least most of the people getting infected in this manner =
today=20
have disabled the new safety features designed to protect =
them?=20
Somehow I don't think you of all people would think that. =
So if=20
not, then how are they getting infected?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42bef8bf@w3.nls.net">news:42bef8bf@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> Yes it =
does speak=20
volumes about the real world. Most people do not =
think=20
like you are care about the thinks you care about =
regardless of=20
whether or not you think they should. =
Unfortunately, many=20
are easily tricked into taking actions against their own =
interest. That is what is described in the lead in =
to the=20
article that triggered this thread.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A=20
=
href=3D"mailto:georger@nls.net">georger@nls.net</A>> wrote in=20
message <A=20
=
href=3D"news:42bef565@w3.nls.net">news:42bef565@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>No I'm not giving up, =
just=20
admitting that the latest versions don't suffer from =
the same=20
UI flaws of previous versions. But the fact that so =
many=20
people are still being fooled by this crap speaks =
volumes=20
about the real world.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42bef4a3@w3.nls.net">news:42bef4a3@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> Now =
you give up on=20
making false claims about safe and unsafe =
attachments. =20
Are you incapable of admiting you are =
wrong?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> Are =
you trying to=20
suggest that someone that downloads a ZIP file, =
opens that=20
file, opens something from that file, and then still =
ignores=20
the warning about it being unsafe should blame any =
unwanted=20
consequences on whom, you? How often do you =
infect=20
yourself this way?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A=20
=
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42beee3d@w3.nls.net">news:42beee3d@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>not if it's in a =
zip=20
file.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42beebc0@w3.nls.net">news:42beebc0@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> To =
try to fool=20
the few people like you that ignore all the =
other=20
signs. When OE is configured to allow =
unsafe file=20
types it displays the .scr extension =
even for=20
the long path. It also displays the =
appropriate=20
icon which for the example you give is an =
application=20
icon not a JPEG icon. Outlook and OE still =
block=20
it or warn about it depending on settings. =
</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; =
MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A=20
=
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42bec43b$1@w3.nls.net">news:42bec43b$1@w3.nls.net</A>...</DI=
V>
<DIV><FONT face=3DArial size=3D2>You don't =
believe the=20
current UI with the way it displays an icon =
has had an=20
effect?</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Why then do =
email virus=20
use such long attachment names?</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial=20
=
size=3D2>Sheep.jpg &=
nbsp; &n=
bsp; &nb=
sp; &nbs=
p;  =
; =
&=
nbsp; =20
.scr</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>explain=20
that.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: =
5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: =
0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42be1eb8@w3.nls.net">news:42be1eb8@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial =
size=3D2> The icons=20
reflect the icons elsewhere in the UI. =
I=20
believe this makes sense and do not believe =
that=20
this UI consistency makes users more likely =
to make=20
bad choices.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2> File=20
extensions being hidden or not, and they are =
not on=20
file attachments, is not the issue. I =
realize=20
that this is a topic you like to whine about =
because=20
you believe that your preference is right =
for=20
everyone. Do you really believe the =
the=20
clueless that ignore warnings would pay =
attention to=20
this? This is all moot given that =
unsafe email=20
attachments are blocked and the article was=20
describing people downloading from the web =
not=20
opening an attachment.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2> As for=20
your claim to show a difference, this =
happens in a=20
very obvious way. Users are warned =
about=20
dangerous files and not warned about safe=20
ones. The problem is that many ignore =
the=20
warnings. This is the topic discussed =
in the=20
email to which you replied and one which you =
completely ignored in your =
reply.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: =
5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: =
0px">
<DIV>"Geo" <<A=20
=
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42be194e$1@w3.nls.net">news:42be194e$1@w3.nls.net</A>...</DI=
V>
<DIV><FONT face=3DArial size=3D2>The =
answer is very=20
simple, instead of hiding dangerous =
attachments,=20
show the users that these are somehow =
different=20
from other attachments, something as =
simple as=20
changing the icon to a skull and =
crossbones. To=20
make it so that profession users can't =
open an=20
attachment without an exchange server is =
just=20
plain rude.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>The =
problem is MS has=20
spent recent history trying to hide=20
file extensions from the users, so =
now we=20
have a bunch of clueless users when it =
comes to=20
telling which file types are safe and =
which are=20
not.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: =
5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: =
0px">
<DIV>"Rich" <@> wrote in message =
<A=20
=
href=3D"news:42be015f@w3.nls.net">news:42be015f@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial =
size=3D2> I=20
don't see an easy answer. The =
issue=20
is not that users are warned=20
when there is no reason too, it's =
that they=20
got lucky. A better analogy than a =
combination lock is Russian =
roulette. It's=20
always dangerous which is why there is a =
warning. </FONT><FONT face=3DArial =
size=3D2>What would you do?</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2> On a=20
related note, how do you make a user =
that just=20
wants things to "work" and clicks OK =
because it=20
doesn't "work" if he makes another =
choice to=20
care about such choices? You can =
remove=20
the choice which is the position taken =
with=20
Outlook and dangerous attachments. =
There=20
were plenty that complained including =
folks here=20
when that happened.</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial=20
=
size=3D2></FONT> </DIV></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOC=
KQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE><=
/BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOCKQU=
OTE></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_031F_01C57C1E.248A1760--
--- BBBS/NT v4.01 Flag-5
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)
|