On 16 March 2010 15:04, Gregory Maxwell gmaxwell@gmail.com wrote: ..
On Tue, Mar 16, 2010 at 6:52 AM, Tei oscar.vives@gmail.com wrote:
Uh.. buffer overflow errors, complex file format loaders in programming languages like C.... Or false assumptions about memory management with poor detection error and fatal consecuences. Maybe even bad program intercomunication. ... The internet was built on text based protocols to avoid these problems or help debug then.
Ironic that you say that... the variable length null terminated string is probably the worst thing to ever happen to computer security. Text does imply a degree of transparency, but it's not security cure-all.
Nothing is, but transparency is the next cool thing.
In any case, video and audio are in the same boat as Jpeg/png, +/- some differences in software maturity. There aren't any known or expected malware vectors for them.
Agreed. But seems possible to generate streams of video that crash the browser. So.. probably autoplay is evil. (is already evil because is NSFW since distract coworkers )