I have just upgraded from The Bat! Professional 5.0.36.2 to 5.1.0.4. I paid the licence upgrade without hesitation, because I have been a faithful The Bat! user for some years now, love the program and knew that I would want to keep having the latest version.
However, I was terrified when I noticed that it was downloading off-line images without being commanded to do so! As you know, that is a huge security and privacy liability, because off-line images can be used in many hazardous ways: the URL can be used by spammers to confirm valid e-mail addresses, or by sites in general to track user visits, or they can be used to download specially crafted malicious files disguised as harmless images, and there are even the infamous one-pixel transparent GIFs that are completely invisible and serve the same nasty functions without the user even knowing they exist. No way I would want my e-mail client to download images by default! Not even Web-based e-mail services like Gmail or Yahoo! download images by default.
My first reaction was to look for the image download manager on the message pane. It was gone! Now, the press release for version 5.1 says that "Image download manager is equipped with the option of creating various rules..." etc., but there was NO download manager at all! Rather, there used to be one until version 5.0, but that feature apparently has been removed now, not added. The former easy icon with a drop-down menu was gone and nowhere to be found. I could not find any menu option to prevent images from being downloaded, nor was there any preference setting that even mentioned it. The help file said nothing about it either - in fact, I found that the help file had not been updated to the new version and still clearly stated: "The program does not download images from outside sources! Only images embedded in the message are shown." Absolutely not true for 5.1.0.4 - I had just seen it do exactly that before my eyes, without being commanded to do so (of course: how could I command it to do or not do anything about that without a download manager?).
That removed feature alone would be enough to make the new version of The Bat! dreadfully unsafe. But it got even worse. In my attempt to find a way to disable off-line image downloads, I right-clicked the message pane. Instead of the usual menu with options for the message, I was surprised to see the same context menu I see when right-clicking a Web page on Internet Explorer (a rare event, because I only use IE if there is absolutely no choice).
What??? The Bat! is now using IE to render HTML messages??? Good heavens!!! If I had wanted a direct privileged channel to the Windows kernel for a malicious e-mail to use, I'd be using Windows Live Mail! If I'm using a different e-mail client, one of the reasons is precisely to avoid that big security vulnerability that will always exist with IE, by itself or in embedded form. And again, there was nowhere to be found an option to use an alternative rendering engine - contrary to what the press release says: "Users can choose which module ... satisfies their needs best or just switch between these two modules." That, combined with the automatic download of off-line images, is the perfect recipe for disaster. Such an option should never even have been made available, let alone activated by default and with no obvious way to disable it.
I thoroughly searched the program interface and could find neither a download manager, nor any option to switch the rendering engine as promised. If they are there, they are well hidden and need to be brought to the front. Also if they are there, I'd welcome and thank any hint about wh ere they could be. In the meantime, I have returned to 5.0.36.2, which does not have such absolutely unacceptable security liabilities. As it is, 5.1.0.4 is too unsafe for me to even consider using it.
Even if there is a way to prevent automatic off-line image downloads and switch the rendering engine, and I just couldn't find it, The Bat! is in urgent need of a 5.1.1 version or such that addresses the following issues:
- Off-line image downloads should be OFF by default.
- The HTML rendering engine should be the native one by default, not IE. (Considering that there has always been an option to view the message in a browser, I can't think of any useful purpose that feature can have.)
- Such features need to be made more obvious and easy to find and use.
- The help file needs to be updated (it still has the Windows 2000 interface on screen captures and that says a lot).
If The Bat! 5.1 continues as it is, I will regretfully have to start considering another e-mail client. Please, Ritlabs, don't spoil the best e-mail client around by making it a security liability.
Thanks for your attention and help with these IMO extremely serious security issues.
However, I was terrified when I noticed that it was downloading off-line images without being commanded to do so! As you know, that is a huge security and privacy liability, because off-line images can be used in many hazardous ways: the URL can be used by spammers to confirm valid e-mail addresses, or by sites in general to track user visits, or they can be used to download specially crafted malicious files disguised as harmless images, and there are even the infamous one-pixel transparent GIFs that are completely invisible and serve the same nasty functions without the user even knowing they exist. No way I would want my e-mail client to download images by default! Not even Web-based e-mail services like Gmail or Yahoo! download images by default.
My first reaction was to look for the image download manager on the message pane. It was gone! Now, the press release for version 5.1 says that "Image download manager is equipped with the option of creating various rules..." etc., but there was NO download manager at all! Rather, there used to be one until version 5.0, but that feature apparently has been removed now, not added. The former easy icon with a drop-down menu was gone and nowhere to be found. I could not find any menu option to prevent images from being downloaded, nor was there any preference setting that even mentioned it. The help file said nothing about it either - in fact, I found that the help file had not been updated to the new version and still clearly stated: "The program does not download images from outside sources! Only images embedded in the message are shown." Absolutely not true for 5.1.0.4 - I had just seen it do exactly that before my eyes, without being commanded to do so (of course: how could I command it to do or not do anything about that without a download manager?).
That removed feature alone would be enough to make the new version of The Bat! dreadfully unsafe. But it got even worse. In my attempt to find a way to disable off-line image downloads, I right-clicked the message pane. Instead of the usual menu with options for the message, I was surprised to see the same context menu I see when right-clicking a Web page on Internet Explorer (a rare event, because I only use IE if there is absolutely no choice).
What??? The Bat! is now using IE to render HTML messages??? Good heavens!!! If I had wanted a direct privileged channel to the Windows kernel for a malicious e-mail to use, I'd be using Windows Live Mail! If I'm using a different e-mail client, one of the reasons is precisely to avoid that big security vulnerability that will always exist with IE, by itself or in embedded form. And again, there was nowhere to be found an option to use an alternative rendering engine - contrary to what the press release says: "Users can choose which module ... satisfies their needs best or just switch between these two modules." That, combined with the automatic download of off-line images, is the perfect recipe for disaster. Such an option should never even have been made available, let alone activated by default and with no obvious way to disable it.
I thoroughly searched the program interface and could find neither a download manager, nor any option to switch the rendering engine as promised. If they are there, they are well hidden and need to be brought to the front. Also if they are there, I'd welcome and thank any hint about wh ere they could be. In the meantime, I have returned to 5.0.36.2, which does not have such absolutely unacceptable security liabilities. As it is, 5.1.0.4 is too unsafe for me to even consider using it.
Even if there is a way to prevent automatic off-line image downloads and switch the rendering engine, and I just couldn't find it, The Bat! is in urgent need of a 5.1.1 version or such that addresses the following issues:
- Off-line image downloads should be OFF by default.
- The HTML rendering engine should be the native one by default, not IE. (Considering that there has always been an option to view the message in a browser, I can't think of any useful purpose that feature can have.)
- Such features need to be made more obvious and easy to find and use.
- The help file needs to be updated (it still has the Windows 2000 interface on screen captures and that says a lot).
If The Bat! 5.1 continues as it is, I will regretfully have to start considering another e-mail client. Please, Ritlabs, don't spoil the best e-mail client around by making it a security liability.
Thanks for your attention and help with these IMO extremely serious security issues.
