[Dshield] "Disable preview pane" as a defense

Darren Spruell phatbuckett at gmail.com
Thu Aug 16 16:19:37 GMT 2007


> Low risk? Bah! Give a user a well crafted socially engineered email
> and the user will click on or do anything they are asked to 999 out
> of 1000.

> Tom Shaw's notion of a well crafted socially engineered email is
> right on. Even after thorough end-user education I am still amazed at what
> people will click on. I often wonder what kind of evil garbage resides on
> their home P.C's.

Thanks for the input, but I'm really wondering out the danger of
client-side attacks that _don't_ require user interaction. Typically
the response to them (think active content, rendering engines, etc.)
is to disable the preview pane. Are there cases (and I think the
answer is yes) where e.g. killing the preview pane does not protect
against those classes of attack? (Specifically not opening
attachments, clicking links, etc.)

DS


More information about the list mailing list