There was an interesting post to the OCAL mailing list about the possibility of embedding malware in an SVG file, and how was it being dealt with. The answer is that it isn’t currently but clearly it needs to be. One of the most interesting aspects is that it can be time sensitive. e.g. A perfectly good piece of clipart could become an advert after it’s been displayed for 5 minutes. This means that the problem does not involve any data outside of the file itself, and cannot be detected from generated thumbnails…. aargh, this’ll be hard to solve.
About
I’m David Illsley, I work in Web Services development at IBM Hursley, which involves work on the Apache WS Project, where I am a committer and PMC member. When not working with technology, I spend a lot of time on the backstage aspects of theatre, and a sadly decreasing amount of time reading.
Archives
c
Disclaimer
The postings on this site solely reflect the personal views of the author and do not necessarily represent the views, positions, strategies or opinions of IBM or IBM management.
Twitter Updates
- Reading @bedlamtheatre EGM minutes and happy to note that things went the right way 1 day ago
- Hmm. Left my phone for 5 mins... apparently was a mistake. Let me know if you find out what they did. #fb 2 days ago
- depressed by the BBC retreat in the face of News International 6 days ago
- @andypiper had a similar discussion recently... I don't think the details would make you happy 1 week ago
- OH: "IE doesn't scale" 1 week ago
0 Responses to “Data files and security”