Archived Government Accidentally Releases Documents On 'Psycho-Electric' Weapons (yro.slashdot.org)
submitted ago by killer7
Posted by: killer7
Posting time: 2.6 years ago on
Last edit time: never edited.
Archived on: 7/20/2018 10:00:00 AM
Views: 146
SCP: 8
8 upvotes, 0 downvotes (100% upvoted it)
Archived Government Accidentally Releases Documents On 'Psycho-Electric' Weapons (yro.slashdot.org)
submitted ago by killer7
view the rest of the comments →
[–] SharpSliceOfMango ago
I can protect myself. Those attacks are not on the format. they are on the parser (specific implementations). The PDF is going to be composed of scanned images. Just carve them out of the file.
[–] B3bomber ago
Images can contain executable code in the metadata too.
[–] SharpSliceOfMango ago
Yes, every data can be some shellcode or some crafted data that triggers a buffer overflow, fmt etc. And every application can have potential bugs in it. You can't trust the application. You need to protect the app and the execution environment. If you want 100% security, don't open it under a seperate VM, open it under a standalone throwaway computer with no network connection. I don't think that they need to exploit your system to gain access, I think that there are already hidden backdoors in the CPU microcode of every x86 and x86_64 system.
In my