On Tue, Dec 11, 2012 at 06:24:35PM -0500, Rich Kulawiec wrote: > On Tue, Dec 11, 2012 at 12:06:03PM -0600, Derek Martin wrote: > > HTML provides all of the features [...] > > HTML also provides all of the bugs.
No, it doesn't. The implementation does. > 1. It is very difficult to conduct a technical exploit against a plaintext > MUA. Not really. There have been plenty of them over the years. I would be extremely surprised if Mutt had none now. It's more that it isn't interesting to exploit them now, as we are the miniscule minority. > 2. HTML email is a spammer/phisher's best friend: > > <a href="http://notyourbank.example.com";>YourBank</a> > > Add a million variations using scripting and redirectors and > shorteners and typosquatting and everything else. This is an EASY problem to fix. E-mail must not EVER link to external resources. Mail clients should simply ignore external links. The problem is, USERS want this. Ask them, they will tell you. The advertisers want it more, but a lot of users want it almost as badly. You and I don't, but we'll (hopefully) have Mutt 2.0, that handles HTML mail sanely. > 3. HTML enables web bugs, an excellent means to invade the privacy of > users...and worse. See above. Same solution. HTML is not the only way to do this via an e-mail message though... Maybe we should just outlaw e-mail entirely. > Anyway, my point is that a huge amount of data is being gleaned > from web bugs all day, every day. I don't dispute that, but again, THIS IS NOT THE FAULT OF HTML. It's the fault of the client implementors. > 4. HTML markup in email is uniformly awful. Really. Go look at > some of it. Same arguments as above. It need not be that way. And for the most part, it's also not very interesting... if it displays reasonably in your client, that's about all that matters. Despite the crap HTML in many such messages, it's rare that I receive one from someone I actually want to communicate that formats so badly that it's unintelligible; it's not really even very common that I receive one that's even remotely hard to read. And actually, it's not /uniformly/ awful... There are varying degrees of awfulness. For the most part, the HTML mail I do receive -- those messages written by a human, specifically intended for me -- have HTML formatting that's not so unreasonable. Bloated, yes... but not nearly as bad as you describe. You're mostly talking about spam as far as I can tell, and that's really an entirely separate problem. There are better ways to filter out spam than automatically chucking everything that's in HTML. > 5. HTML markup in email bloats it. Horribly. I've seen messages expanded > by 2000%. Same arguemnt as above. Also this is mostly not interesting anymore[1]. When you compare this to the amount of bandwidth consumed by things like streaming video, it's a drop in the bucket. Welcome to 2012. -=-=-=- [1] It's really only interesting for those inclined to archive all their mail, including that from a bunch of mailing lists they're on. Solution: don't do that. Most of it is garbage anyway... keep only the truly useful/interesting bits. And even on technical mailing lists which have a high signal-to-noise ratio, even the truly useful information has a shelf life, typically 2-5 years tops. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
pgpVqzuvXJCVM.pgp
Description: PGP signature
