TIP: Click on subject to list as thread! ANSI
echo: nthelp
to: Geo.
from: Rich
date: 2003-01-26 11:05:30
subject: Re: More fiction, more nonsense
From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_0100_01C2C52A.D7948B90
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   Couldn't be email as you can't play an ASF file with the background =
sound tags.  If you could then there would be an issue.  There isn't = though.

Rich

  "Geo."  wrote in message =
news:3e3419e4$1{at}w3.nls.net...

  "Rich"  wrote in message news:3e335e3e{at}w3.nls.net...
  >   The process starts with the user opening a web page just as the =
report
  you posted claims.

  Ok, granted the exploit is described as requiring someone to go to a =
web
  page first but since (imo) it's being kicked off by playing a media =
file it
  could just as easily have been an email (using the technique I used in =
this
  group to autoplay midi files). There is no requirement to have the =
user do
  anything with IE, it can be done with OE reading email or news as =
well.

  I'll reply in a new thread to another piece of your post that I would =
like
  to discuss further. I'm going to separate it from this thread in an =
attempt
  to untie the issue from what we are discussing here.

  Geo.


------=_NextPart_000_0100_01C2C52A.D7948B90
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








   Couldn't
be email as you =
can't play an=20
ASF file with the background sound tags.  If you could then there
= would be=20
an issue.  There isn't though.
 
Rich
 

  "Geo." <georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
wrote=20
  in message news:3e3419e4$1{at}w3.nls.net..."Rich"=20
  <{at}> wrote in message news:3e335e3e{at}w3.nls.net...>=
  =20
  The process starts with the user opening a web page just as the =
reportyou=20
  posted claims.Ok, granted the exploit is described as =
requiring=20
  someone to go to a webpage first but since (imo) it's being kicked =
off by=20
  playing a media file itcould just as easily have been an email =
(using the=20
  technique I used in thisgroup to autoplay midi files). There is no =

  requirement to have the user doanything with IE, it can be done =
with OE=20
  reading email or news as well.I'll reply in a new thread to =
another=20
  piece of your post that I would liketo discuss further. I'm going =
to=20
  separate it from this thread in an attemptto untie the issue from =
what we=20
  are discussing
here.Geo.

------=_NextPart_000_0100_01C2C52A.D7948B90--

--- BBBS/NT v4.01 Flag-4
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/1.45)
SEEN-BY: 633/267 270
@PATH: 379/1 633/267
SOURCE: echomail via fidonet.ozzmosis.com

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.