Re: VCard Security Hole under Outlook/Outlook Express

From: Stephen D. Williams (
Date: Sun Feb 25 2001 - 08:23:49 PST

"Joseph S. Barrera III" wrote:
> Stephen D. Williams writes:
> > I never have used Outlook or Outlook Express and am amazed that anyone does
> > with all of the security problems and instability it has.
> Well, when I worked at Microsoft I tended to run all Microsoft
> software, because, well, it was all free and it was what I used at
> work (obviously). But I don't know what anyone else's excuse is. :-)
> > MS clean (on my main laptop/workstation and all servers anyway, not counting
> > VMWare/Win98 for testing) for 3 years!
> I'm getting there. I finally converted all my mail to emacs/vm, which
> was probably the biggest hurdle, given how many GB of outlook .pst
> files I have. I hope sometime in the next month to convert my laptop
> (where I do everything) (a Dell Inspiron 7500) to FreeBSD. (BSD 4.2
> was my first Unix, and CMU used BSD/Mach, so it's what I'm used to.)

Ok, I haven't checked into this, but people ask me occasionally how to
get their email out of outlook formats... How do you do it? If I want,
say, mbox format email, what tools do you use, etc.? (By using Imap and
running a full server, I avoid email storage format issues: it's all
mbox (and maybe someday MH style with current ReiserFS efficiency).)

At least with Exchange server based email, you could use Imap to grab
everything. (I'm still looking for a good recursive IMAP move utility.
I'll have to write my own soon.)

> > She had had so many lost harddrives, locked up Windows computers,
> > etc. that I couldn't stand hearing about it anymore.
> Oddly, Windows (9x, NT, 2K, XP) has always been incredibly reliable

You're lucky. In any case, some of her failures have been chronic or
catastrophic hard drive failures. Using a server, RAID1, remote ssh
rsync's to an identical server I keep for her, tape backup, easy CDR
backup, and a more stable server OS, I've built so many layers she'll
never completely lose any of her data. I can even counter-to-counter a
fresh system with current data in less than one day. It was a nice 2
weekend project.

My next phase is to get an autofed USB HP scanner setup with easy and
simple document management to CDR. Should be fun.

> for me. In fact I'm currently running Whistler (XP) beta 1 and I
> haven't had a single problem with it. Beta 1!

As soon as I get the software together to play DVD's under Linux and
VMWare gets good passthrough 3D hardware support, I'll have no reason to
ever run an MS OS outside of VMWare... (Post-MS) Life is good.

An interesting thought: VMWare should market a cheap single-app wrapper
license directly to software houses to allow particular apps to be run.
For hard to port things like the AOL client, this would make sense. Of
course dealing with the MS WinX license is an issue.

> I'm not quite ready to switch Juliet over to Unix yet, but I am going
> to switch her from Outlook (with security patch) to something else,
> maybe Eudora? How secure is Eudora?
> - Joe
> --
> Joseph S. Barrera III
> Software Architect, Broadbase Software, Inc.
> _________________________________________________________
> 1.650.219-4557 (cell) / 1.650.588-4801 (home)
> / /
> / /
> "Sorry, did I say something wrong? Pardon me for breathing, which I never
> do anyway so I don't know why I bother to say it, oh God I'm so depressed."


Stephen D. Williams         Insta, Inc./Jabber.Com, Inc./CCI
43392 Wayside Cir,Ashburn,VA 20147-4622 703-724-0118W 703-995-0407Fax 

This archive was generated by hypermail 2b29 : Fri Apr 27 2001 - 23:18:30 PDT