MacRaven - Dave Haxton's Weblog

Sat, 16 Sep 2006

Wonderful! One less safe format for documents! You'd think Adobe would've learned from the M$ macro virus fiasco of a few years back, but apparently they can't resist adding more and more "features" with bigger and bigger holes.

Eweek.com has a story about a British security researcher figuring out a way to manipulate legitimate features in Adobe PDF files to open backdoors for computer attacks. David Kierznowski, a penetration testing expert specializing in Web application testing, has released proof-of-concept code and two sample PDF files to demonstrate how the Adobe Reader program can be rigged to launch Web-based attacks without any user action. He claims there are least seven different ways to backdoor a PDF.

(link) [Slashdot]

/Technology | 2 writebacks | permanent link

On 9/16/2006 12:30:40
lwood wrote

There's only one answer...

...and it's the same one it's always been. TEXT! PLAIN TEXT! THE TEXT WILL SET YOU FREEEEEEE!

On 9/16/2006 14:57:25
Dave H wrote

Plaintext problems

And what sort of ending is on that line of plaintext? CR only, LF only or both? And the encoding is ..??? Not to mention the inability to make big pretty titles... I've never been a big fan of PDF's, and gods forbid that I should ever ship a doc format file around. RTF is OK, I suppose, but personally I use a lot of plaintext moving around. For presentations or documents that I need/want to share with a bunch of folks I've begun to appreciate the goodness of good old HTML. Thanks for the comment and Be well, Dave H

:: Categories ::

agriculture
asatru
copywrongs
humor
musings
politics
technology
index
haxton.org

:: Search ::

:: Blogroll ::

A Mindful Life
The Accidental Smallholder
Austro-Athenian Empire
Cauldron Born
Center for a Stateless Society
Dances with Ewes
Dispatches
egregores
Hardscrabble Creek
Honk & Helen
In Siberia
Laudator Temporis Acti
Lorrie's Livejournal
Masson's Blog
MyAppleMenu
NoNAIS
Notes on Religion
Numenous Thoughts
OrangeGuru
Overlawyered
Prophet or Madman
rogueclassicism
Sugar Mountain Farm
Thud Factor
Universe of Discourse
Wildhunt Blog
within the crainium

:: Archives ::

←November→
Sun	Mon	Tue	Wed	Thu	Fri	Sat
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30

:: Site ::

Contact Me

MacRaven
Dave Haxton's Weblog
Musings, Reflections, Rants and Comments from a Hoosier Heathen husband, father, grandfather, farmer and software engineer. There's really only one of me ...

lunar phases

Unless otherwise noted, all original
work on this site is licensed under a

comment...


Notes: If you put a <mailto:> link in the URL field your address will not be mangled: this could be a bad idea as your email address could be easily harvested by bots designed for SPAM. The comments field should now format correctly for line feeds and carriage returns: when you hit the 'Enter' or 'Return' keys in your comment it should break to a new line. The text should wrap cleanly. Please let me know if it doesn't. No HTML tags will pass through - entering links seems to be the main cause of comment SPAM. Also, please be sure that Javascript is enabled in your browser before attempting to post a writeback. Sorry for any inconvenience, but this really helps cut down on the amount of comment SPAM I have to deal with.

Name:
URL:	(optional)
Title:	(optional)
Comments:
Save my Name and URL/Email for next time