NavList:

   

Reply

Guy, AFAIK there have been no "PDF malware" programs, nor even a
proof-of-concept showing that would be possible. Yesterday Yahoo! was flooded
with a graphic exploit attack to many of their user groups. Users assumed Yahoo!
scanned these things, and it did. They just didn't know this one could happen,
so it went out wide scale.

PDF? Might be the exception to the rule, but potentially *any* executable code
is unsafe. PDF files still execute, and the newest versions of PDF can do far
more than just display on screen. (They call that progress.)

And then of course, PDF is still going to kill bandwidth. Typical text message,
1k in size. Small single page PDF? Often 50x-100x that size.

I'd suggest the idea of placing *all* images on a free image server, so list
members can fetch them if/as they deem appropriate, might still be the best way
to deal with them. Text is text, nothing is executed so it simply *can't* have a
malware payload. Anything else that involves 'executing' ? Is a potential
attack.

Call me a curmudgeon--who just doesn't want to risk his computer.

   

Reply