On Thu, Oct 17, 2013 at 10:47:08PM -0500, brian carroll wrote:
so you're saying the person is reading this on a two-line 80s electronic pager then?
Many people concerned with security use text-only MUAs, as that works well over low-bandwidth mobile links and gives less attack surface against compromises. The less complexity, the less lines of codes and code complexity and easier to debug. E.g. by not discarding HTML-only (but giving preference to plain text in multipart messages) I'm running risk for having this system compromised, even if I render via a text browser like links. That's ok, I consider this system sacrificial. Rendering rich content in a GUI is courting disaster. You will get nailed, and be it just malware from spam. You can assume that people who care know this, so text-only correlates with old hands and/or high clue.