[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Verifying Toolchain Semantics

From: Nala Ginrut
Subject: Re: Verifying Toolchain Semantics
Date: Mon, 6 Oct 2014 16:25:04 +0800

On Mon, Oct 6, 2014 at 12:24 AM, Ian Grant <address@hidden> wrote:
On Sun, Oct 5, 2014 at 11:15 AM, Nala Ginrut <address@hidden> wrote:
> Alright, I changed a system and try it again with evince successfully.
> Anyway, I did't find any maths or special symbols in it, so it could be
> published on your blog as plain text. But you may insist on the opinion of
> PDF.

There is another reason why I use PDF. It's much nicer to read. I love
Garamond. Did you see the Jobs movie? Do you remember what he said
about Garamond?

Well, I'm a naive font fan so I may understand you. I usually use my fav font on page according to the design with HTML5/CSS stuff.
Forget about it, it's far from the topic.

What we really need to do is find out what software Mark was using to
pdf->png. If it segfaults then there is a good chance that that bug
can be turned into a working exploit. Because all binaries distributed
by the binary-distributors are identical, attackers can analyse the
file and work out how to turn a bad pointer dereference into an
exploitable "PDF attack vector" which executes binary code contained
in the PDF.

Agreed. But I think the PDF is more complicated than TXT. One of my fav ezine, Phrack is plain txt, and it's cool. 
So my suggestion is to provide both TXT and PDF if the article is important.

Anyway, the font is a big issue for whom loves it, so I don't involve such argue. ;-)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]