Outlook Express preview pane dangers and why source code will be useless

H

Helstrom

Guest
THis is just another example of why every security site tells you to disable the preview pane in Outlook Express.... cause it can run malicious code!

I'm really kind of surprised that Gabe and the bunch actually use the preview pane, though... if you get 100 emails a day I can understand the need to quickly view and prioritize your emails.

In the end the leaked source code will not create the flood of cheats as most people believe for the simple fact that Valve will (and is as we speak) adding new updated coding to the source so that the previous source code will not be able to log in for online play and those that used an older compiled version will be logged and tracked.

I have little doubt that this re-coding of the source is the reason for HL2's delay.

The source code will in the end be useless to most people as you cannot integrate it into other games without someone finding out, and then your into deep s**t.
 
hehe n00b question...how do you actually disable the preview pane?

can't seem to find the option for that anywhere...
 
Makes you think, if only they'd use Mozilla Mail or something, anything more safe than Outlook...
 
Why don't they sue Microsoft for this obvious lapse in security... just like CA is doing :p
 
Originally posted by rob.derosa
Why don't they sue Microsoft for this obvious lapse in security... just like CA is doing :p
Click to expand...

For the same reason all those people that were affected by the blaster worm and other malicious code don't sue M$.... cause they never bothered to download the patch or ignored the warnings.

In the end it was just a simple oversight that was exploited by some nasty information thief. Unlike the past where industrial espionage required a person to physically infiltrate, co-erce or bribe an employee to gain access to restricted materials, today you can do it from home (if your stupid) or any online terminal.

It's especially difficult to catch and punish the person(s) responsible if they live outside North America. The international community has been slow to adopt any real policies regarding online hacking.

In my opion all companies should only have their working files on a local network that is not connected to the internet at all. That way there is no way to infect it from outside.
 
Originally posted by rob.derosa
Why don't they sue Microsoft for this obvious lapse in security... just like CA is doing :p
Click to expand...
If you could do that easily, Microsoft wouldnt be today, it would have collapsed long time ago...
 
How exactly do you rewrite the damn code? Re-arrange it? In my eye, rewriting the code changes the game...
 
They would make it so that if you were trying to connect to an updated server, the updated code would identify the older build of the code (as all of them have a build number) and then the new code would log and track that specific person. Because of the code that they added into the new build.
 
There's this thing called a EULA- End User License Agreement. You AGREE to it before the software/OS is even installed on your PC. Once you click AGREE, you are waiving your right to sue them and you are accepting the fact that they can not guarantee ANYTHING as far as securing your files/information is concerned.
 
Despite wheather or not they should be using Outlook or something else, doesnt it seem a little odd that the Computer(s) that housed the Source Code and whatever else had to be connected? Whats wrong with a standalone Network that doesnt have anything to do with external entities, wouldnt that be better than any Security Feature.

Plus you cant say that it had to be online for them to test it with Steam, surely and intranet version of Steam could be set up? If you look at it that way Valve obviously didnt deserve this but its something that was overlooked and cost them dearly.

...
 
It blows my mind that anyone uses Microsoft anything. I swear I hear of some new problem with a Microsoft product every month like some major exploit blah blah blah god am I glad I don't have to deal with it.
 
Who said anything about outlook express? Outlook has a preview pane too doesn't it?
 
It blows my mind how many of you kids think that you're security experts.
 
If you don't use microsoft you don't use directx and therefore you won't be playing hl2, which kind of begs the question what the hell are you doing here?
 
One other note:

Gabe
Our speculation is that these were done via a buffer overflow in Outlook's preview pane.
Click to expand...

They're not actually sure that outlook is at fault here.

EDIT: And for the record, I hate outlook myself and do not use it.
 
Your right.... I'm not sure Outlook is at fault, but Gabe appears to believe it might be, and there are many warnings regarding the dangers of using the preview pane... hence my topic.

In the end I believe this unfortunate incident will serve as a wake up call to all the professional game developers out there. I have little doubt that they will all conduct security checks on their systems to block off any possible threat of this happening to them.

The fact that something like this happened to a high profile game and developer like VALVe proves that more serious attention needs to be paid to online security.

Hopefully VALVe will inform it's colleagues of the method it's attackers used so that the whole industry can benefit from this fiasco.
 
There was Class-Action filed against Microsoft about security. Maybe Valve can join it now :).
details
 
I SO hope you're right. But for Valve the real problem is that they have the entire developing world being able to check their entire code. And possible lawsuits against them for making stuff like Havok public. Don't know if the MS API's for speech are supposed to be public either.
 
Originally posted by MooCow
If you don't use microsoft you don't use directx and therefore you won't be playing hl2, which kind of begs the question what the hell are you doing here?
Click to expand...
Why can't you just run dx under wine or something?
 
Originally posted by theGreenBunny
Makes you think, if only they'd use Mozilla Mail or something, anything more safe than Outlook...
Click to expand...
:cheers: Mozilla rocks...I'm currently using Thunderbird, and I never get hacked through email.
 
You must log in or register to reply here.

Similar threads

MFL
Fascinating look at the ongoing psychological evolution of flat hieirarchies.
Replies
2
Views
2K
Tollbooth Willie
Tollbooth Willie
CombineAdvisor3
Source 2 expectations?
Replies
1
Views
3K
Clan Wolf 2
Clan Wolf 2
Omnomnick
Dota 2 Update Hints At Separate Source 2 Client
Replies
0
Views
3K
Omnomnick
Omnomnick
Omnomnick
Dota 2 "Reborn Beta" Source 2 Client Revealed
Replies
20
Views
8K
Aizawa
Aizawa
Omnomnick
Examining The Files Of "SteamVR Performance Test" & "Aperture Robot Repair"
Replies
27
Views
91K
MFL
MFL
Back
Top