Re; previous message(s) to Dosk: > Dosk, the truth is out there. > > The main problem is that Microsoft alone has extended HTML with tags > like IFRAME, which allow automated saving and execution of other code, > eg. from attachments. Yes. But as in most cases, the truth is multi-faceted. I still feel that saying one can get a virus by simply opening an email is an over-simplification of a partial truth. What is meant by that statement? Should a person then never open an email, never preview one, never then open an attachment? Listen, one cannot get a virus from simply opening a plain text email in O/E. (So far, at least) it is absolutely impossible, and one should not scare people into believing otherwise! Plain text code cannot initiate a virus! Period! (See url link below....) http://www.txla.org/pubs/tlj75_2/virus.html Attachments, as I said before, are another thing and all such should always be screened by a good anti virus program. But to never allow any of these attachments to load via your mail program is, IMO, a sorry thing. One misses out on a good deal of computer fun that way, and it gives the virus creators exactly the creepy victory they are looking for! Now, html code is different from plain text. And John Francis did us all a favor on this list when he gave us his informative link. (Repeated here, below.) There is good information in this link on how to set up your IE browser (and also OE) so as not to blindly accept active scripting, active-x; sneaky stuff that may be imbedded in the html code. Although this is a rarer way of transmitting viruses (it's a much harder thing to do, for more doubtful results, for one thing) it does happen and should be protected against. (This is also why people get mad when someone transmits an email message to them in html, when it is just so much safer and easier to do it in plain text!) This is John Francis's supplied link, for those who may have missed it... http://antivirus.about.com/compute/antivirus/library/weekly/aa121500a.htm This site, while containing lots of good info and links, I feel is still a bit over dramatic about things though. (There are software selling sponsors on this page looking to make a buck, after all...) One of the "open-an-email-get-infected" viruses (VB-Forgotten) they describe requires an OE user to have almost all of his IE browser and OE mail settings to be set to no security options at all for it to work. This email virus even asks the potential victim to first go into his browser settings and change them this way, then re-open the email. (Which by the way has the typical spammer subject line of "Financial Security" or some such garbage.) IMO, anyone falling for this crap is really reaching to become a victim... Another virus described is the "Kak" virus, which is a more interesting one. True, it is transmitted via an email signature file, but again it is embedded in html (not text) code, and again it requires the potential victim to have his security settings in his browser and email program set on low, or none! BTW, the About.com site John Francis gave us also has links to all the Microsoft patches that eliminate the need for fearing these security holes, even if one does not have their own IE security settings set on "high". To be really safe, one should download and apply these MS patches and then also set one's IE settings onto "high". Between doing these things, and then pre-screening all attachments onto disk prior to opening, one need have no fear (as of yet, of course) in opening email and attachments via IE and O/E 5.0....... See, I said all of that and not one mention of "paranoid...." Apologies to all, (and especially John Francis,) if my previous postings where too abrupt. It's been a rough week. Dosk (Skip) - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
