Researchers find 134 flaws in the way Word, PDFs, handle scripts Security researchers have devised a tool that detects flaws in the way apps like Microsoft Word and Adobe Acrobat process JavaScript, and it's proven so effective they've found 134 bugs – 59 of them considered worthy of a fix by vendors, 33 assigned a CVE number, and 17 producing bug bounty payments totaling $22,000. The tool …
Why is it a shitty idea? I manipulate documents using a variety of methods. I dont use Acrobat but running a script within Acrobat is no more stupid than running one outside of it. Its running acrobat I would have concerns about, well that and using Pointless Document Format. It seems more a case of crossing that bridge when we back up several decades and hit it again.
...running a script within Acrobat is no more stupid than running one outside of it.
Depends on the level of security you want to have. Applications like Acrobat are well known for having this capability and are attacked for that very reason. People get sent booby trapped documents all the time in hope they will open them. Not allowing Acrobat, MS Office and similar to run scripts by default cuts down on this sort of behavior being successful. You can still run scripts which can be vetted or blocked independently, but in general this is a good thing to turn off.
Book burning is indeed a fairly desperate tactic that's generally applied by totalitarians, and it doesn't have an equivalent here (nobody is deleting your posts). It's better to let people say what they want, call them out when they're talking nonsense, and hope that maybe they'll either get the message or simply go away. Downvoting is probably more equivalent to people not wanting to buy your book in the first place.
To quote you,
I often get a lot of down votes ... from people who don't know what they are voting on... Even when you explain it they will down vote you.
Has it occurred to you that maybe people know exactly what they're voting on, have understood you perfectly, and still think you're talking nonsense?
> Given the number of downvotes when I make common sense comments about Linux, no they don't. They don't know their elbows from their ankles.
You recently wrote this:
s'/is a/is yet another/'The strong implication from the misquoting and the quote-form chosen is that you have little hands-on experience with any unix, and that you don't actually understand it. But that you dearly want people to think that you do.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
