There was an interesting post to the OCAL mailing list about the possibility of embedding malware in an SVG file, and how was it being dealt with. The answer is that it isn’t currently but clearly it needs to be. One of the most interesting aspects is that it can be time sensitive. e.g. A perfectly good piece of clipart could become an advert after it’s been displayed for 5 minutes. This means that the problem does not involve any data outside of the file itself, and cannot be detected from generated thumbnails…. aargh, this’ll be hard to solve.
About
I’m David Illsley, I work in Web Services development at IBM Hursley, which involves work on the Apache WS Project, where I am a committer and PMC member. When not working with technology, I spend a lot of time on the backstage aspects of theatre, and a sadly decreasing amount of time reading.
Archives
c
Disclaimer
The postings on this site solely reflect the personal views of the author and do not necessarily represent the views, positions, strategies or opinions of IBM or IBM management.
Twitter Updates
- @pete_v I didn't see an announcement of the price rises... where wasn't I looking? 5 days ago
- loving firefox 3.5 - particularly how easy the video tag is to use 6 days ago
- @cumbers when I worked in DM2, and they redirected the air con it got up to 29 degrees one day. that's the day we all moved ourselves to de! 6 days ago
- My main 1H work shipped on friday - the websphere esb feature pack. if you're using mediation policies it's a must-have. http://is.gd/1hPQT 1 week ago
- @andysc ('twitter home man') getting everywhere... http://bit.ly/4u5c7K 1 week ago
0 Responses to “Data files and security”