Great Circle Associates List-Managers
(July 2002)

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: MUA elitism
From: J C Lawrence <claw @ kanga . nu>
Date: Sun, 07 Jul 2002 12:37:10 -0700
To: Chuq Von Rospach <chuqui @ plaidworks . com>
Cc: Bernie Cosell <bernie @ fantasyfarm . com>, list-managers @ greatcircle . com
In-reply-to: Message from Chuq Von Rospach <chuqui @ plaidworks . com> of "Sun, 07 Jul 2002 10:16:15 PDT." <B94DC56F . 46BA9%chuqui @ plaidworks . com>
References: <B94DC56F . 46BA9%chuqui @ plaidworks . com>

On Sun, 07 Jul 2002 10:16:15 -0700 
Chuq Von Rospach <chuqui @
 plaidworks .
 com> wrote:

> That works. JC is thinking instead of neutering it in the list server.

Responding more to your para below than the quote above:

  Yes, as a list owner I'm largely attempting to build and establish
  something of a safe house.  I would like, both at personal
  responsibility level and as a point of professionalism, to have my
  users know and trust that what they get from me and my systems is
  exactly what it pretends to be, no more, no less, and with no hidden
  baggage or less than shiny clean safe riders.

Idealistic?  Damned right, especially in these days of rampant mail
forgery.  But, its important to me and its something I'm not
particularly willing to back down on.  I like to consider that I run
lists well, that I do so in a professional and competent manner, and
that in doing so I build and operate something that is worthy of trust
even outside of its topic-content.  And that all means attempting to be
clever on user's behalf at the server level.

> I think at some point, however, you have to stop babysitting the user.
> Protecting them from dangerous code coming through the server is one
> thing.  Privacy issues ought to be left to the user to resolve, not
> the server.

Unfortunately the line is not so clear.  The innocuous HTML mail of
today with external links can be the pernicious mail of tomorrow by
simply changing the objects those links point at.  This is especially
true if you pass Javascript.  


Unfortunately I expect you're right however, if only on the basis of
triage.  We all know where it will end up.  Some will (perhaps wisely)
ostrich and strip HTML et al far into the future, a vast middle ground
will attempt to sanitise mail and will thus engage in an arms race with
the Bad Guys as they both counter-counter-adapt to each other's tricks,
and the rest will just pass everything -- and the users, as always, will

J C Lawrence                
---------(*)                Satan, oscillate my metallic sonatas. 
claw @
 kanga .
 nu               He lived as a devil, eh?  Evil is a name of a foeman, as I live.

Indexed By Date Previous: Re: MUA elitism
From: J C Lawrence <claw @ kanga . nu>
Next: Re: Please prune this list!
From: Nick Simicich <njs @ scifi . squawk . com>
Indexed By Thread Previous: Re: MUA elitism
From: Chuq Von Rospach <chuqui @ plaidworks . com>
Next: Re: MUA elitism
From: Chuq Von Rospach <chuqui @ plaidworks . com>

Search Internet Search