Going GUI...er

Mark H. Wood mwood at iupui.edu
Mon Apr 6 15:47:00 UTC 2020


On Sun, Apr 05, 2020 at 05:57:53PM -0500, Greg Marks wrote:
> I realize this isn't an answer to Vegard Svanberg's original question,
> but I think it's a point worth raising: isn't the fact that mutt is
> text-based a security feature?
> 
> Thunderbird, which I consider the second-best e-mail client, does have
> security settings to prevent it from automatically loading certain
> content that might contain exploits.  But it seems to me that mutt does
> it one better by, for example, forcing users to take extra steps to click
> on hyperlinks, which is a bit of extra defense against spear phishing.
> Indeed, by seeing the raw HTML you can avoid a malicious hyperlink that
> doesn't match the link text displayed.

This is one of my big reasons for using Mutt:  it doesn't open *any*
attachment unless and until I tell it to.  If I don't trust an
attachment, I can copy it out and use my kit of file torture tools to
extract its secrets.

-- 
Mark H. Wood
Lead Technology Analyst

University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.mutt.org/pipermail/mutt-users/attachments/20200406/fbee0d5a/attachment.asc>


More information about the Mutt-users mailing list