[Bug 153090] Security settings: HTML external references -- provide specific types
Maciej Pilichowski
bluedzins at wp.pl
Thu Nov 29 17:23:29 GMT 2007
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.kde.org/show_bug.cgi?id=153090
------- Additional Comments From bluedzins wp pl 2007-11-29 18:23 -------
Thomas, thanks for explanation. However please consider several possible cases today and for this wish.
> Therefore I am against this wish, as it would weaken security considerably,
> as many people would not understand the consequences.
Case -- "dumb" people. Can they today load external sources? Yes. So where is security issue? If you split option into two there is no security improvement (for such case) nor regression.
Case -- total security. Can they block external sources? Yes. Will they block ext. sources? Yes. No change in security.
Case -- balanced security (on purpose). Impossible to do today. With this wish I would be able to do this, without sacrifying completely readability and security.
I see no regression here, but for some users improvement actually.
> It was designed to block everything which loads from an external server,
It would be still possible to do, there is no change.
> because that can track you (even if it is just a PNG, the server can track
> when and how long you read the mail).
Unrelated question, but I am curious -- how it is possibl, I mean how long I read mail? Server sends gif file and...? (note: consider only "static" data)
More information about the Kdepim-bugs
mailing list