Re: Embedded image security?

["Tom Metro-12" <user=71@nabble.blu.org>]

 Scott R. Ehrlich wrote: 
> I received an email spam...that, when read with Firefox 3... 

What steps did you take to open it in Firefox and why? Did you not 
suspect that it was spam? 

I have Thunderbird configured to open messages in a separate window, 
which avoids automatic rendering of messages as you work through the 
message list. Of course I also have it set not to render images from 
unknown senders (I think it comes set that why by default now). (Both of 
these precautions have more to do with privacy (avoiding making HTTP 
requests for images that have identifying information embedded in the 
URL) than avoiding malware.) 

Then I use Thunderbird's "View | Message Source" to inspect any messages 
that are the slightest bit suspicious. In that mode there is no attempt 
to render images or HTML, so the risk is fairly non-existent. 


> ...on my Ubuntu Linux box, produced an image... 
> Would I be considered immune enough to not need a reinstall? 

Ummm...I'm not sure I follow. You viewed some image spam and now you 
think your system might be infected? 

That's not entirely paranoid, as there have been image rendering 
vulnerabilities for WMF and PDF files, but JPEG, GIF, and PNG 
vulnerabilities have been pretty rare. 

More importantly, I'd say the vast majority of image spam uses images 
for no purpose other than to evade spam filters. 

  -Tom 

-- 
Tom Metro 
Venture Logic, Newton, MA, USA 
"Enterprise solutions through open source." 
Professional Profile: http://tmetro.venturelogic.com/

-- 
This message has been scanned for viruses and 
dangerous content by MailScanner, and is 
believed to be clean. 

_______________________________________________ 
Discuss mailing list 
[hidden email] 
http://lists.blu.org/mailman/listinfo/discuss