Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

RE: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities

From: "Jay Stapleton" <jay.stapleton () computershare com>
Date: Thu, 2 Mar 2006 10:09:28 -0500
Or perhaps cache the images along with the message, to be deleted when
the message is.  That way one can open an email many times without
accessing a web resource each time. 

It would also allow someone to forward a message, and include the
content as it is currently, as opposed to how it may be in several
hours.

-Jay Stapleton.


[quote]
Hmmm. I didn't realise the "Show Images" setting got stored, and I
don't think that's the best strategy from a privacy point of view.  I
take it you mean "stored for that one message", and not "stored for
all messages from that sender", or "stored for all messages" - but
still .... it would be better to not store it at all, IMHO.  Users can
always add senders to their Address Book if they want to evade the
"block-images" feature.

How about displaying more option buttons when remote images have been
blocked ?
e.g. :
    Show remote images this time only
    Always show remote images when this message is viewed
    Always show remote images from this sender
    Always show remote images

Nick Boyce
--
Never fdisk after midnight
[/quote]

**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.

www.mimesweeper.com
**********************************************************************
Previous By Date Next
Previous By Thread Next

Current thread: