Computer Security Weekly, March 29, 1999
Portals can cause problems. Yahoo started out as a Web directory service. It has expanded madly off in all directions. One of the services offered is Web based email, which is nothing particularly new. However, Yahoo's email service also offers to go and get your mail from other servers, at least those that support the POP protocol. (This, of course, is intended to keep you tied to Yahoo all the time.)
Unfortunately, Yahoo uses at least one non-standard command in accessing mail from POP servers, and you may end up getting no mail, or all the mail for you on the other server.
If Outlook Express 5 has problems with the validity of an S/MIME certificate, sometimes used for security in email, it will crash. The problem messages seemingly cannot be deleted. One fix that seems to work is to start Outlook Express without connecting to the net, and, when OE tries to connect in order to retrieve the certificates, choose cancel several times. Eventually OE will give up and fail, and at that point you should be able to delete the messages.
There are a few problems with IE5 and Cookies. Control for cookies now resides in the "Security" tab, rather than "Advanced". Possibly because of this, when you upgrade IE4, regardless of what your setting was before, IE5 is set to always accept cookies. You must go in and change this manually once you have installed IE5.
Also, there is a problem with the setting "Prompt before accepting": If you visit a site that tries to set cookies a number of times, or set a number of cookies, then IE may crash after you reject a few cookies. Further, once you accept a cookie, IE5 stops prompting you for cookies, and simply accepts all further cookies from that site. In addition, if you have any cookie from that site on your computer, IE5 will accept any cookies from that site without prompting you.
IE5 also has a new setting for "per session" cookies, which is enabled by default. This is probably not any security risk, as there is less danger with per session cookies than with persistent ones.
One other point regarding AutoComplete: by default, it will offer to save a Web site username and password for you. The prompt box flashes up as you are completing the password, so don't just accept it thinking it is just one more "do you really want to submit this info" warning.
Latest Articles