[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#46472: Make lisp/mail/uce.el obsolete
|
From: |
Stefan Kangas |
|
Subject: |
bug#46472: Make lisp/mail/uce.el obsolete |
|
Date: |
Tue, 12 Oct 2021 10:29:16 -0700 |
Eli Zaretskii <eliz@gnu.org> writes:
>> I'd suggest installing the change as attached on emacs-28. If that's
>> not possible, I'd like to install it on master, but add the same text to
>> the package "Commentary" section on emacs-28.
>
> On master, please.
It is really unfortunate if we can't even document serious security and
privacy issues in Emacs 28 at this point. I do not see how such
documentation could possibly affect the release date.
> And I don't see why have the same text twice.
I removed the duplicates in the new patch. Did I send the wrong patch?
Or maybe my suggestion was not clear:
- Emacs 28: Documentation changes only. Do not merge to master.
- Emacs 29: Warning only, no documentation changes.
>> +- You will confirm that your email address is valid, thus ensuring
>> + you get more spam.
>> +
>> +- You will leak information (e.g. on your email server and
>> + setup), thus opening yourself up for further attack. They are
>> + likely to find your IP and \"geolocation\"), which often makes
>> + it trivial to find e.g. your home address and phone number.
>
> The first paragraph is a special case of the second one.
Yes, it is also the one that immediately shows why this is
counter-productive, so it is worth making into its own item.
>> +- You confirm that the email did not land in your spam folder.
>> + (This helps them refine their methods of spamming.)
>
> This is also the same as what you already said.
It is subtly different:
1. Spammers can use the information that your address is valid.
2. They can also use the information that their email has been crafted
in such a way that they can evade some spam filters.
>> +- Scammers have been known to threaten, intimidate, and use other
>> + forms of criminal manipulation. Replying to spam can lead down
>> + a path that you may not want to be on.
>
> This is the same as "open yourself to ..." paragraph.
It is hammering home the point to a certain extent, sure. I think it is
motivated and useful. There is no specific reason to keep this text
very brief: it is much more important that it accurately conveys the
dangers involved.
- bug#46472: Make lisp/mail/uce.el obsolete, Stefan Kangas, 2021/10/12
- bug#46472: Make lisp/mail/uce.el obsolete, Eli Zaretskii, 2021/10/12
- bug#46472: Make lisp/mail/uce.el obsolete, Stefan Kangas, 2021/10/12
- bug#46472: Make lisp/mail/uce.el obsolete, Eli Zaretskii, 2021/10/12
- bug#46472: Make lisp/mail/uce.el obsolete,
Stefan Kangas <=
- bug#46472: Make lisp/mail/uce.el obsolete, Eli Zaretskii, 2021/10/12
- bug#46472: Make lisp/mail/uce.el obsolete, Stefan Kangas, 2021/10/14
- bug#46472: Make lisp/mail/uce.el obsolete, Eli Zaretskii, 2021/10/15
- bug#46472: Make lisp/mail/uce.el obsolete, Stefan Kangas, 2021/10/15
- bug#46472: Make lisp/mail/uce.el obsolete, Eli Zaretskii, 2021/10/15
- bug#46472: Make lisp/mail/uce.el obsolete, Stefan Kangas, 2021/10/16
- bug#46472: Make lisp/mail/uce.el obsolete, Eli Zaretskii, 2021/10/16
- bug#46472: Make lisp/mail/uce.el obsolete, Stefan Kangas, 2021/10/17
- bug#46472: Make lisp/mail/uce.el obsolete, Stefan Kangas, 2021/10/16