On 2/11/2012 4:37 PM, Keith Medcalf wrote:
Unfortunately that's not under control of those businesses. This plain text email you sent comes across with clickable mailto and http links in your signature in most modern email clients despite you having sent it in plain text. "Helpful" email program defaults won't force people to copy and paste the URL. They just create the hyperlink for people based on the pattern in the plain text message. It seems anything beginning with www or http(s):// will be converted to a clickable link out of convenience to the user. It's always that endless struggle of security vs. convenience...
At least it is what is says, and the effect is precisely the same as if one copied and pasted the link into the browser.
What is truly evil is non text/plain email. Anyone who permits or assists in the rendering of non-plaintext email deserves whatever befalls them -- and they should not be permitted zero-liability for their stupidity and ignorance.
They end-user is of course entitled to cross-claim against the manufacturer of the defective system or device which rendered the message in a deceptive way (such as Dell and Microsoft in particular).
The average person won't know that "it is what it says" if it's possible for it not to be... which I think is what you're driving at with eliminating that as a possibility. And the effect is the same, but the time to do it is different. I wouldn't want to have to use web sites with no hyperlinks and I was expected to just copy and paste every URL I wanted to follow into the address bar. However, the vast majority of the Internet population (and human beings in general) like aesthetically pleasing things and therefore don't want to upgrade to mutt and lynx to be safe on the Internet. HTML based email looks much better despite embedded hidden <evil> tags. All recent email clients I've come across give you anti-phishing warnings in one way or another if the URL does not match the actual link. I honestly can't remember the last time I've seen a phishing email because they are so easy to detect before they even get to your inbox. Sure, you could also keep the HTML and disable the links (which I've seen done), but then you inconvenience people. Things take too long as it is now anyway despite the constant advancements we see constantly. We need to speed technology up more and make them easier AND safer. Technology needs to be unobtrusive to the end user and get out of their way. I personally don't believe the mantra of stripping away technology to solve problems rather than applying technology and advancing standards is the answer just because technology makes something dangerous for the average consumer. Despite all the car fatalities on a yearly basis and the constant safety advancements we have in the auto industry, I have never heard people say we should get rid of cars and go back to horses. Of course scam emails are much more prevalent than car fatalities by far, but they're also less serious. Most of the younger generation I know doesn't even use email. They have it as a formality because things require it and exchange everything via Facebook or video chat or IM... which simply means this concern over the trickery of immoral scammers on the average unsuspecting person will just shift mediums as has throughout history. It's already prevalent on these mediums now. Not sure what the jab at Dell was specifically other than the email address I posted from originally. As far as I have seen, Dell doesn't make email clients. That's like someone holding Sony/Samsung/LG liable because their TV showed them a TV program they didn't want to see. Anyway, just my $0.02 wrapped in rambling from a tired mind. Sorry if some of this didn't make sense as a result. :) -Vinny P.S. I prefer plain-text email. ;)