[Moderator: reposted as requested by daat_private] > What this means is that virus scanners will now need to "reach inside" > PDFs to scan encapsulated files. But what -- as I'm sure our Russian > friend Dmitri would ask -- if the PDF is encrypted? Wouldn't the > virus checker have to defeat the encryption to see the encapsulated > file? And would it be an illegal "circumvention" mechanism if it did? So what? The problem is not new - it already exists with zip files, and generally with all types of encrypted files. Here's e.g. what Sophos sweep tells you when encountering an encrypted zip file (here, it's inside an self-extracting zip archive. Aug 3 17:27:29 localhost amavis[16194]: Password protected file /tmp/amavis-10411997/parts/msg-16194-2.exe/SfxArchiveData/SETUP.WZ/WINZIP32.EX_ I would be extremely suspicious about "encryption" that can be circumvented by, say, a virus scanner. Is encryption really the problem as far as viruses are concerned? I'd say it is not. Decryption requires manual intervention by the user, and after that the problem is the same as before: applications that execute stuff automatically by default, or make it easy to circumvent any safeguards the user may have set. The new threat is that a hitherto unused file format is now used as a vector. Big deal.
This archive was generated by hypermail 2b30 : Thu Aug 09 2001 - 10:51:04 PDT