Q.
If we
stop sending and opening email
attachments will we stop spreading most
computer viruses? Why couldn’t we just
cut and paste the information or
pictures we want to send into our email?
A. Since most people reading this are using Outlook or Outlook Express as
their email program, I’ll keep my
answers relative to them. If you use a
different email program, then you will
have to relate these comments to your
specific email program.
I could
answer this question with a simple yes,
BUT to qualify that yes, my response
will get quite verbose. (Verbose: A word
I learned from playing the text
adventure game “Zork -
The Great Underground
Empire",
on the Commodore 64.
If you don’t know what a “text
adventure” game or the Commodore 64 is,
then you probably weren’t around
computers in early 1980’s.)
If the
only things one wanted to send via
emails were plain text and pictures for
viewing, pasting (embedding) them
directly in the email would certainly
prevent almost all propagating of
malware. Here comes the BUT… that has
some problems.
In order
to receive an embedded picture in an
email, the receiving person has to have
their email set in such a manner to
allow pictures to be received. Many
people have their email set to receive
ONLY text, (Tools/Options/Read all
messages in plain text), regardless
of how it is sent, so they wouldn’t see
the pictures. They could also have it
set to “Block all images”,
(Tools/Options/Security) the default
setting with XP SP-2, and not see the
pictures.
Blocking
pictures embedded in an email is
important, and a setting I highly
recommend. Here’s why.
Emails containing pictures are in HTML
format, and that is the basic language
of web pages. This means that the email
is really just a web page, and the
pictures that are included may not
actually be in the email itself. The
email could just contain a hyperlink to
the picture.
The
pictures could be located on a server
anywhere in the world. When your email
is opened and tries to display the
picture, a request for it is sent to the
server where the picture is stored. In
order for the server to know where to
send back the requested picture, your
return address is sent with the request.
All this is fine, and the picture will
be displayed. BUT….
If the
server where the picture is located is a
“bad” server, your address could be used
for purposes other than just sending you
the picture. Your email address could be
put on a spam list as a verified active
address, opening you up for more
unwanted spam. All kinds of other
devious tricks can also be done without
your knowledge. Microsoft therefore
tries to prevent this from happening by
turning off the picture display in
emails by default.
With
this option set, you can click on the
bar that appears just above the message
to allow the pictures to be displayed on
a case by case basis. If the email
contains something that you want to see,
and you are sure it is from a reliable
source, just click this bar, and all the
pictures in the email will display,
providing they were actually sent.
The
sending person has to have their email
set to allow the sending of pictures.
This means that they are sending in HTML
format, and have the option to “Send
pictures with messages” checked. (Tools/Options/Send/HTML
Settings/Send pictures with messages)
Now,
assume that all the above were set
correctly to allow the sending and
receiving of embedded pictures. Suppose
the picture being sent (embedded in the
email) was in high resolution, intended
for something other than viewing on the
computer screen. The high resolution of
the picture would be reduced to that of
the email, generally quite a bit lower,
possibly making it unusable for anything
but viewing. Attaching the picture as a
file won’t change the resolution.
Other
than pictures, even copying and pasting
text could have problems. If the text
being embedded had any special
formatting like color, bold, italics,
indentation, etc, the formatting would
be lost if the receiving person was set
to receive “Plain Text” only. Even if
the sender and receiver had everything
set correctly, if the text to be sent
was in a preformed document like an
invoice, or something like a PDF
document, embedding it would not be
practical even if it were possible.
OK,
getting back to the original question.
If the only thing sent via email was in
plain text, copying and pasting
(embedding) the text would prevent
malware from being spread. If the
embedded picture was sent from a
properly configured email program, and
the person receiving the picture had
their computer configured to receive
embedded pictures, spreading of malware
would be greatly curtailed.
However,
embedding formatted text or pictures in
an email, in many cases, is not
practical even if it were possible. The
spreading of malware can be related to
an old saying I once heard about the
automobile. “Most accidents can be
attributed to a loose nut holding the
steering wheel.”
The best
defense against getting or passing on
malware is using good judgment when
displaying pictures or reading and
opening attachments. Anti-malware suites
help, but ultimately, it is the “nuts
holding the steering wheel” that bear
the greatest responsibility for
receiving and spreading malware.
