Should the List allow attachments?
Locked
 
|
Martin Wessendorf-2 |
Should the List allow attachments?
|
*****
To join, leave or search the confocal microscopy listserv, go to: http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy ***** Dear all-- Guy Cox and others have raised a good point about the List not allowing attachments. In the past we prohibited attachments to avoid clogging e-mail accounts; when necessary, people have posted images on their own web sites or on a public site. Clogging e-mail accounts is less of an issue now with faster connection speeds; moreover, we could configure the List to allow only attachments that are smaller than, say, 100 kbytes. However, there is also the issue of viruses and trojans. Executable code apparently can be embedded in images, both in the metadata and in the image itself (--see https://threatpost.com/png-image-metadata-leading-to-iframe-injections/104047 ). I doubt that any member of the List would knowingly post an infected image, but it's unclear how serious a risk would remain. Are there security-savvy people out there who can offer advice? Thanks-- Martin Wessendorf Confocal List Supervisor -- Martin Wessendorf, Ph.D. office: (612) 626-0145 Assoc Prof, Dept Neuroscience lab: (612) 624-2991 University of Minnesota Preferred FAX: (612) 624-8118 6-145 Jackson Hall, 321 Church St. SE Dept Fax: (612) 626-5009 Minneapolis, MN 55455 e-mail:[hidden email] |
|
|
Bruce Stanley |
Re: Should the List allow attachments?
|
|
*****
To join, leave or search the confocal microscopy listserv, go to: http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy ***** A good solution if it can be implemented is what the ABRF (Assoc of Biomolecular Ressource Facilities) does with their excellent listserv, which is to strip off attachments from emails but store them on a server and include a link to that stored attachment (instead of the attachment itself) in the email sent out to listserv members. That way, no mailbox clogging, but interested people can still see the attachments (can't remember if they automatically can scan for viruses/trojan horses or if they just include a caveat emptor warning about opening attachments, but either way this seems to be a good way to allow useful attachments without overflowing mailboxes). --Bruce ************************************************* Bruce A. Stanley, Ph.D. Director, Scientific Programs Section of Research Resources H093, Room C1734 Director, Mass Spectrometry and Proteomics Facility Co-Director, CTSI Translational Technologies Core Services Unit (TTCSU) Penn State College of Medicine 500 University Drive Hershey, PA 17033-2390 Office/Lab: (717) 531-5329 FAX: (717) 531-0239 Email: [hidden email] WEB page: http://med.psu.edu/web/core/bruce-stanley-research ************************************************* *****E-Mail Confidentiality Notice***** This message (including any attachments) contains information intended for a specific individual(s) and purpose that may be privileged, confidential or otherwise protected from disclosure pursuant to applicable law. Any inappropriate use, distribution or copying of the message is strictly prohibited and may subject you to criminal or civil penalty. If you have received this transmission in error, please reply to the sender indicating this error and delete the transmission from your system immediately. On Mar 10, 2014, at 1:00 PM, Martin Wessendorf <[hidden email]> wrote: > ***** > To join, leave or search the confocal microscopy listserv, go to: > http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy > ***** > > Dear all-- > > Guy Cox and others have raised a good point about the List not allowing attachments. In the past we prohibited attachments to avoid clogging e-mail accounts; when necessary, people have posted images on their own web sites or on a public site. Clogging e-mail accounts is less of an issue now with faster connection speeds; moreover, we could configure the List to allow only attachments that are smaller than, say, 100 kbytes. However, there is also the issue of viruses and trojans. Executable code apparently can be embedded in images, both in the metadata and in the image itself (--see https://threatpost.com/png-image-metadata-leading-to-iframe-injections/104047 ). > > I doubt that any member of the List would knowingly post an infected image, but it's unclear how serious a risk would remain. Are there security-savvy people out there who can offer advice? > > Thanks-- > > Martin Wessendorf > Confocal List Supervisor > > -- > Martin Wessendorf, Ph.D. office: (612) 626-0145 > Assoc Prof, Dept Neuroscience lab: (612) 624-2991 > University of Minnesota Preferred FAX: (612) 624-8118 > 6-145 Jackson Hall, 321 Church St. SE Dept Fax: (612) 626-5009 > Minneapolis, MN 55455 e-mail:[hidden email] |
|
|
Kurt Thorn |
Re: Should the List allow attachments?
|
|
In reply to this post by Martin Wessendorf-2
*****
To join, leave or search the confocal microscopy listserv, go to: http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy ***** I think allowing attachments up to 200 kB would be useful to allow people to post images. I'm don't think the added risk from allowing images on the listserv is very large, given the number of emails I get sent to me with images included and the number of web sites I visit with embedded images. It's also easy to configure most mail readers to not automatically load images, which would probably mitigate much of the risk. I think in this case the benefits outweigh the risks. Kurt On 3/10/2014 10:00 AM, Martin Wessendorf wrote: > ***** > To join, leave or search the confocal microscopy listserv, go to: > http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy > ***** > > Dear all-- > > Guy Cox and others have raised a good point about the List not > allowing attachments. In the past we prohibited attachments to avoid > clogging e-mail accounts; when necessary, people have posted images on > their own web sites or on a public site. Clogging e-mail accounts is > less of an issue now with faster connection speeds; moreover, we could > configure the List to allow only attachments that are smaller than, > say, 100 kbytes. However, there is also the issue of viruses and > trojans. Executable code apparently can be embedded in images, both in > the metadata and in the image itself (--see > https://threatpost.com/png-image-metadata-leading-to-iframe-injections/104047 > ). > > I doubt that any member of the List would knowingly post an infected > image, but it's unclear how serious a risk would remain. Are there > security-savvy people out there who can offer advice? > > Thanks-- > > Martin Wessendorf > Confocal List Supervisor > -- Kurt Thorn Director, Nikon Imaging Center http://nic.ucsf.edu/blog/ |
|
|
Kirsten Miles |
Re: Should the List allow attachments?
|
|
*****
To join, leave or search the confocal microscopy listserv, go to: http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy ***** I think the benefits of including images, should we be able to manage it safely, could really expand the capacity for collaborative problem solving. Kirsten Kirsten Miles P.I. Outcomes 434-960-5193 [hidden email] http://scienceimageintegrity.org/ On Mon, Mar 10, 2014 at 1:46 PM, Kurt Thorn <[hidden email]> wrote: > ***** > To join, leave or search the confocal microscopy listserv, go to: > http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy > ***** > > I think allowing attachments up to 200 kB would be useful to allow people > to post images. I'm don't think the added risk from allowing images on the > listserv is very large, given the number of emails I get sent to me with > images included and the number of web sites I visit with embedded images. > It's also easy to configure most mail readers to not automatically load > images, which would probably mitigate much of the risk. > > I think in this case the benefits outweigh the risks. > > Kurt > > > On 3/10/2014 10:00 AM, Martin Wessendorf wrote: > >> ***** >> To join, leave or search the confocal microscopy listserv, go to: >> http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy >> ***** >> >> Dear all-- >> >> Guy Cox and others have raised a good point about the List not allowing >> attachments. In the past we prohibited attachments to avoid clogging >> e-mail accounts; when necessary, people have posted images on their own web >> sites or on a public site. Clogging e-mail accounts is less of an issue now >> with faster connection speeds; moreover, we could configure the List to >> allow only attachments that are smaller than, say, 100 kbytes. However, >> there is also the issue of viruses and trojans. Executable code apparently >> can be embedded in images, both in the metadata and in the image itself >> (--see https://threatpost.com/png-image-metadata-leading-to- >> iframe-injections/104047 ). >> >> I doubt that any member of the List would knowingly post an infected >> image, but it's unclear how serious a risk would remain. Are there >> security-savvy people out there who can offer advice? >> >> Thanks-- >> >> Martin Wessendorf >> Confocal List Supervisor >> >> > > -- > Kurt Thorn > Director, Nikon Imaging Center > http://nic.ucsf.edu/blog/ > |
|
|
John Oreopoulos |
Re: Should the List allow attachments?
|
|
*****
To join, leave or search the confocal microscopy listserv, go to: http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy ***** I agree with Kurt and Kirsten. Seeing the images with our own eyes instead of going by what people describe they see in text is much better for troubleshooting things. Of course it's also a good way to convey ideas with computer drawn diagrams, etc. I would welcome this change to the listserver if done safely. John Oreopoulos Staff Scientist Spectral Applied Research Inc. A Division of Andor Technology Richmond Hill, Ontario Canada www.spectral.ca On 2014-03-10, at 2:49 PM, Kirsten Miles wrote: > ***** > To join, leave or search the confocal microscopy listserv, go to: > http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy > ***** > > I think the benefits of including images, should we be able to manage it > safely, could really expand the capacity for collaborative problem solving. > > Kirsten > > Kirsten Miles > P.I. Outcomes > 434-960-5193 > [hidden email] > http://scienceimageintegrity.org/ > > > On Mon, Mar 10, 2014 at 1:46 PM, Kurt Thorn <[hidden email]> wrote: > >> ***** >> To join, leave or search the confocal microscopy listserv, go to: >> http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy >> ***** >> >> I think allowing attachments up to 200 kB would be useful to allow people >> to post images. I'm don't think the added risk from allowing images on the >> listserv is very large, given the number of emails I get sent to me with >> images included and the number of web sites I visit with embedded images. >> It's also easy to configure most mail readers to not automatically load >> images, which would probably mitigate much of the risk. >> >> I think in this case the benefits outweigh the risks. >> >> Kurt >> >> >> On 3/10/2014 10:00 AM, Martin Wessendorf wrote: >> >>> ***** >>> To join, leave or search the confocal microscopy listserv, go to: >>> http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy >>> ***** >>> >>> Dear all-- >>> >>> Guy Cox and others have raised a good point about the List not allowing >>> attachments. In the past we prohibited attachments to avoid clogging >>> e-mail accounts; when necessary, people have posted images on their own web >>> sites or on a public site. Clogging e-mail accounts is less of an issue now >>> with faster connection speeds; moreover, we could configure the List to >>> allow only attachments that are smaller than, say, 100 kbytes. However, >>> there is also the issue of viruses and trojans. Executable code apparently >>> can be embedded in images, both in the metadata and in the image itself >>> (--see https://threatpost.com/png-image-metadata-leading-to- >>> iframe-injections/104047 ). >>> >>> I doubt that any member of the List would knowingly post an infected >>> image, but it's unclear how serious a risk would remain. Are there >>> security-savvy people out there who can offer advice? >>> >>> Thanks-- >>> >>> Martin Wessendorf >>> Confocal List Supervisor >>> >>> >> >> -- >> Kurt Thorn >> Director, Nikon Imaging Center >> http://nic.ucsf.edu/blog/ >> |
|
|
Kathleen Pullin |
Re: Should the List allow attachments?
|
|
In reply to this post by Martin Wessendorf-2
*****
To join, leave or search the confocal microscopy listserv, go to: http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy ***** I think it is so easy to host images on imgur and other sites, then simply post a link, that adding the risk of allowing attachments is unnecessary. Kleo Pullin On Monday, March 10, 2014, Martin Wessendorf <[hidden email]> wrote: > ---------------------- Information from the mail header > ----------------------- > Sender: Confocal Microscopy List <[hidden email]<javascript:;> > > > Poster: Martin Wessendorf <[hidden email] <javascript:;>> > Subject: Should the List allow attachments? > > ------------------------------------------------------------------------------- > > ***** > To join, leave or search the confocal microscopy listserv, go to: > http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy > ***** > > Dear all-- > > Guy Cox and others have raised a good point about the List not allowing > attachments. In the past we prohibited attachments to avoid clogging > e-mail accounts; when necessary, people have posted images on their own > web sites or on a public site. Clogging e-mail accounts is less of an > issue now with faster connection speeds; moreover, we could configure > the List to allow only attachments that are smaller than, say, 100 > kbytes. However, there is also the issue of viruses and trojans. > Executable code apparently can be embedded in images, both in the > metadata and in the image itself (--see > > https://threatpost.com/png-image-metadata-leading-to-iframe-injections/104047 > ). > > I doubt that any member of the List would knowingly post an infected > image, but it's unclear how serious a risk would remain. Are there > security-savvy people out there who can offer advice? > > Thanks-- > > Martin Wessendorf > Confocal List Supervisor > > -- > Martin Wessendorf, Ph.D. office: (612) 626-0145 > Assoc Prof, Dept Neuroscience lab: (612) 624-2991 > University of Minnesota Preferred FAX: (612) 624-8118 > 6-145 Jackson Hall, 321 Church St. SE Dept Fax: (612) 626-5009 > Minneapolis, MN 55455 e-mail:[hidden email]<javascript:;> > -- ------------------------------------------------------------------------------------------------------------------ Kleo (Kathleen) Pullin PO Box 1774 Nederland CO 80466 209-610-0555/303-258-3227 [hidden email] |
|
|
kspencer007 |
Re: Should the List allow attachments?
|
|
In reply to this post by Kirsten Miles
*****
To join, leave or search the confocal microscopy listserv, go to: http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy ***** Dropbox? Kathy Spencer -----Original Message----- From: Confocal Microscopy List [mailto:[hidden email]] On Behalf Of Kirsten Miles Sent: Monday, March 10, 2014 11:50 AM To: [hidden email] Subject: Re: Should the List allow attachments? ***** To join, leave or search the confocal microscopy listserv, go to: http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy ***** I think the benefits of including images, should we be able to manage it safely, could really expand the capacity for collaborative problem solving. Kirsten Kirsten Miles P.I. Outcomes 434-960-5193 [hidden email] http://scienceimageintegrity.org/ On Mon, Mar 10, 2014 at 1:46 PM, Kurt Thorn <[hidden email]> wrote: > ***** > To join, leave or search the confocal microscopy listserv, go to: > http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy > ***** > > I think allowing attachments up to 200 kB would be useful to allow > people to post images. I'm don't think the added risk from allowing > images on the listserv is very large, given the number of emails I get > sent to me with images included and the number of web sites I visit with embedded images. > It's also easy to configure most mail readers to not automatically > load images, which would probably mitigate much of the risk. > > I think in this case the benefits outweigh the risks. > > Kurt > > > On 3/10/2014 10:00 AM, Martin Wessendorf wrote: > >> ***** >> To join, leave or search the confocal microscopy listserv, go to: >> http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy >> ***** >> >> Dear all-- >> >> Guy Cox and others have raised a good point about the List not >> allowing attachments. In the past we prohibited attachments to avoid >> clogging e-mail accounts; when necessary, people have posted images >> on their own web sites or on a public site. Clogging e-mail accounts >> is less of an issue now with faster connection speeds; moreover, we >> could configure the List to allow only attachments that are smaller >> than, say, 100 kbytes. However, there is also the issue of viruses >> and trojans. Executable code apparently can be embedded in images, >> both in the metadata and in the image itself (--see >> https://threatpost.com/png-image-metadata-leading-to- >> iframe-injections/104047 ). >> >> I doubt that any member of the List would knowingly post an infected >> image, but it's unclear how serious a risk would remain. Are there >> security-savvy people out there who can offer advice? >> >> Thanks-- >> >> Martin Wessendorf >> Confocal List Supervisor >> >> > > -- > Kurt Thorn > Director, Nikon Imaging Center > http://nic.ucsf.edu/blog/ > |
|
|
Kilgore, Jason A. |
Re: Should the List allow attachments? **Vendor reply **
|
|
In reply to this post by John Oreopoulos
*****
To join, leave or search the confocal microscopy listserv, go to: http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy ***** I agree as well. Speaking from industry, though, I would want fellow industry colleagues to avoid sending attachments or image material that could be construed as advertising or not directly relevant to the question posed. Jason Molecular Probes / now part of Thermo Fisher -----Original Message----- From: Confocal Microscopy List [mailto:[hidden email]] On Behalf Of John Oreopoulos Sent: Monday, March 10, 2014 12:05 PM To: [hidden email] Subject: Re: Should the List allow attachments? ***** To join, leave or search the confocal microscopy listserv, go to: http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy ***** I agree with Kurt and Kirsten. Seeing the images with our own eyes instead of going by what people describe they see in text is much better for troubleshooting things. Of course it's also a good way to convey ideas with computer drawn diagrams, etc. I would welcome this change to the listserver if done safely. John Oreopoulos Staff Scientist Spectral Applied Research Inc. A Division of Andor Technology Richmond Hill, Ontario Canada www.spectral.ca On 2014-03-10, at 2:49 PM, Kirsten Miles wrote: > ***** > To join, leave or search the confocal microscopy listserv, go to: > http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy > ***** > > I think the benefits of including images, should we be able to manage it > safely, could really expand the capacity for collaborative problem solving. > > Kirsten > > Kirsten Miles > P.I. Outcomes > 434-960-5193 > [hidden email] > http://scienceimageintegrity.org/ > > > On Mon, Mar 10, 2014 at 1:46 PM, Kurt Thorn <[hidden email]> wrote: > >> ***** >> To join, leave or search the confocal microscopy listserv, go to: >> http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy >> ***** >> >> I think allowing attachments up to 200 kB would be useful to allow people >> to post images. I'm don't think the added risk from allowing images on the >> listserv is very large, given the number of emails I get sent to me with >> images included and the number of web sites I visit with embedded images. >> It's also easy to configure most mail readers to not automatically load >> images, which would probably mitigate much of the risk. >> >> I think in this case the benefits outweigh the risks. >> >> Kurt >> >> >> On 3/10/2014 10:00 AM, Martin Wessendorf wrote: >> >>> ***** >>> To join, leave or search the confocal microscopy listserv, go to: >>> http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy >>> ***** >>> >>> Dear all-- >>> >>> Guy Cox and others have raised a good point about the List not allowing >>> attachments. In the past we prohibited attachments to avoid clogging >>> e-mail accounts; when necessary, people have posted images on their own web >>> sites or on a public site. Clogging e-mail accounts is less of an issue now >>> with faster connection speeds; moreover, we could configure the List to >>> allow only attachments that are smaller than, say, 100 kbytes. However, >>> there is also the issue of viruses and trojans. Executable code apparently >>> can be embedded in images, both in the metadata and in the image itself >>> (--see https://threatpost.com/png-image-metadata-leading-to- >>> iframe-injections/104047 ). >>> >>> I doubt that any member of the List would knowingly post an infected >>> image, but it's unclear how serious a risk would remain. Are there >>> security-savvy people out there who can offer advice? >>> >>> Thanks-- >>> >>> Martin Wessendorf >>> Confocal List Supervisor >>> >>> >> >> -- >> Kurt Thorn >> Director, Nikon Imaging Center >> http://nic.ucsf.edu/blog/ >> |
|
|
Doube, Michael |
Re: Should the List allow attachments? **Vendor reply **
|
|
*****
To join, leave or search the confocal microscopy listserv, go to: http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy ***** Just for bandwidth's sake (every attachment gets duplicated for every subscriber: ~2000 times), I vote no - better to upload images and post links. Interested people will download the images and they can be of arbitrary size. Some mail clients like Thunderbird allow one to do that through a "Filelink' function which can hook into Dropbox, Ubuntu ONE, or other services. Michael [RVC Logo - link to RVC Website]<http://www.rvc.ac.uk> [Twitter icon - link to RVC (Official) Twitter] <http://twitter.com/RoyalVetCollege> [Facebook icon - link to RVC (Official) Facebook] <http://www.facebook.com/theRVC> [YouTube icon - link to RVC YouTube] <http://www.youtube.com/user/RoyalVetsLondon?feature=mhee> [Pinterest icon - link to RVC Pinterest] <http://pinterest.com/royalvetcollege/> [Instagram icon - link to RVC Instagram] <http://instagram.com/royalvetcollege> This message, together with any attachments, is intended for the stated addressee(s) only and may contain privileged or confidential information. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Royal Veterinary College (RVC). If you are not the intended recipient, please notify the sender and be advised that you have received this message in error and that any use, dissemination, forwarding, printing, or copying is strictly prohibited. Unless stated expressly in this email, this email does not create, form part of, or vary any contractual or unilateral obligation. Email communication cannot be guaranteed to be secure or error free as information could be intercepted, corrupted, amended, lost, destroyed, incomplete or contain viruses. Therefore, we do not accept liability for any such matters or their consequences. Communication with us by email will be taken as acceptance of the risks inherent in doing so. |
«
Return to Confocal Microscopy List
|
1 view|%1 views
| Free forum by Nabble | Edit this page |