|
|
Posted by nice.guy.nige on 09/30/07 23:41
While the city slept, Jonathan N. Little (lws4art@centralva.net) feverishly
typed...
> If you allow JavaScript to run in email and are dumb enough
> to click on links within emails, especially from unknown
> sources you deserve what you get!
I can't speak for current versions (because I don't have one), but I
remember when Outlook Express (probably the most widely used email client on
the planet) allowed javascript to be executed in emails / newsgroup messages
out of the box. I found this out when some scrote posted a message to a
newsgroup that contained "while(1==1) { window.open; }" in it... After I
rebooted the PC I found out that OE uses the IE internet "safety" settings,
and by default used the Trusted setting. Altering that setting was the only
way to stop OE from executing Javascript - this option wasn't available in
any of OE's own settings.
So your comment that "If you allow javascript to run in email ... you
deserve what you get" is not really fair because many people may be allowing
javascript to run in emails without even knowing it.
Cheers,
Nige
--
Nigel Moss http://www.nigenet.org.uk
Mail address will bounce. nigel@DOG.nigenet.org.uk | Take the DOG. out!
"Your mother ate my dog!", "Not all of him!"
Navigation:
[Reply to this message]
|