>> how tightly sandboxed can Ziff Davis make the systems their writers receive files and e-mail on before it puts a crimp in the business process? How many hoops would you personally be willing to jump through to deal with a heavily sandboxed PDF from an outside source for a juicy story?
I'm a freelancer and work from home, so it's all my problem. You might have noticed that the eWEEK (a Ziff-Davis Enterprise pub, different company than Ziff-Davis Media which publishes PCMag) web site was caught serving malicious PDFs about a year ago through a malicious fake ad. I was the one who found it debugged the problem (I don't write for them anymore). There's plenty of holes in the system. Larry Seltzer Contributing Editor, PC Magazine [email protected] http://blogs.pcmag.com/securitywatch/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
