Bill Sommerfeld writes:
I find it interesting that a group concerned with security would
release a document in "executable" form (where, if tampered with, it
could easily harbor a virus, trojan horse, or worse) rather than in a
more conventional archive form. I think that you don't really want to
encourage people to get into a habit of executing random binary code
they get off the net.
Good point. And while we're at it, let's start being a little more concerned
about PostScript files (which are really a program executed by an interpreter,
that is quite powerful and may have access to more resources than
just your printer. And I'm not sure, but someone told me that JPEG and MPEG
files were similar. If so, MOSAIC may turn out to be the best virus
distribution
program going.
At a minimum, we ought to insist that such files be digitally signed, so
we would know who to horse whip if they turn out to be infected.
Bob