Going GUI...er

Derek Martin invalid at pizzashack.org
Thu Apr 9 14:32:01 UTC 2020


On Wed, Apr 08, 2020 at 01:17:12PM +0100, Sam Kuper wrote:
> On Tue, Apr 07, 2020 at 09:23:34PM -0500, Derek Martin wrote:
> > On Sun, Apr 05, 2020 at 12:09:55AM +0100, Sam Kuper wrote:
> > Sorry, but this is an archaic way of looking at the problem.  People
> > have been doing this for decades now, has become the norm, common
> > practice, and really it is therefore WE who are being inconsiderate by
> > not accepting de facto standards that have been widely adopted for a
> > very long time.
> 
> I disagree.  You have made a "roads were built for cars" argument*: it
> assumes that today's "de facto standard" trumps historical precedent and
> considerate behaviour.
> 
> I've nothing against people sending emails with multiple attachments.
> But expecting the recipient's MUA to parse multiple attachments into
> some kind of combined document is presumptuous, because clearly not
> everyone's MUA does this.

There's a HUUUUUGE difference.  Roads existed for millenia before
cars.  By the time e-mail was in widespread use (the mid-90's... just
because you may have had it before then does not mean it was wide
spread before that), MIME was already a standard, and the vast
majority of e-mail clients had support for it.  The GUI ones had it
built in.  So your argument is a straw man.

> And even if yours does: should it?  As several people in this thread
> have pointed out (and as is also illustrated in the "Efail" paper by
> Poddebniak et al, linked in my footer), using such an MUA massively
> increases your attack surface.

Just because the current batch of GUI MUAs does this does not mean
yours *needs* to.  That would be the beauty of a GUI Mutt--it already
has the philosophy of not automatically exposing you to all those same
attack vectors.  After all, text-based Mutt has exactly the same
attack vetctors; it just does not expose you to them by default--you
have to take action to expose yourself to them.

And honestly, most mailers have the ability to avoid these attack
vectors--they just don't by default, because that's what the average
person wants.  Mutt users typically are not average e-mail users, and
know better.

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail due to spam prevention.  Sorry for the inconvenience.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mutt.org/pipermail/mutt-users/attachments/20200409/c400c880/attachment.asc>


More information about the Mutt-users mailing list