Full Disclosure mailing list archives
Re: (no subject)
From: Valdis.Kletnieks () vt edu
Date: Thu, 14 Aug 2008 11:58:27 -0400
On Wed, 13 Aug 2008 10:18:13 -0000, ff0000 () hushmail com said:
Is it safe to follow the link in this email? Yes, it is safe to visit the Hushmail web site by following the link provided.
Which is, of course, what any miscreant who wanted you to visit a site that will drop malware into your browser would say. The risk is mitigated quite a bit for *this* e-mail because the link is in a text/plain, so you're either cut-n-pasting the link and can see where you're going, or your MUA has linkified it but you still can see the actual target. Unfortunately, most users can't tell the difference between a link in a text/plain and <a href="http://127.0.0.1">http://www.goodstuff.com</a> (and you probably should double-check what your MUA did with the above line :)
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- (no subject) Bernhard Mueller (Aug 05)
- Re: (no subject) Ureleet (Aug 05)
- Re: (no subject) Bernhard Mueller (Aug 05)
- <Possible follow-ups>
- (no subject) ff0000 (Aug 13)
- Re: (no subject) Ureleet (Aug 14)
- Re: (no subject) Valdis . Kletnieks (Aug 14)
- Re: (no subject) Ureleet (Aug 05)