Re: PDF viewer poll

[Hans Hagen <j.hagen@xs4all.nl>]

On 10/19/2019 12:21 PM, Henning Hraban Ramm wrote:

> When I read "Java runs on millions of devices" I don’t feel that’s good advertising, but it remembers me that each of those devices is at risk.

The java updates keept telling that it runs on 3 billion devices but 
that message doesn't change over years. I always wonder about numbers. 
One can find similar huge numbers for tex usage but what defines usage 
(forced? ontime? for fun? lifelong? advanced or like any word processor 
usage?).

>> Just 2 cents from a JS programmer who actually thinks that JS is not the
>> worst Lisp dialect out there.
> 
> I didn’t say JS is bad. For me it’s a necessary evil.
> I don’t think my beloved Python would be a better choice for client scripts.
> Maybe Lua is, but every scriptable program is a risk.

The fact that it's simple kind of helps. One can disable by overloading.

> LuaTeX and write18 _are_ dangerous.

Sure, so can be crossing a street. Anyway, for quite a while there 
actually is a sandbox model in context which can limit its scope pretty 
much but it (being done a while ago) hasn't been tested that much (afer 
all I dont' need it).

> It would be very easy to spread malicious TeX code, since everyone uses CTAN (LaTeX) packages without checking them first.
> But it wouldn’t come far, I guess, for it needs a while for a package to become known and in wide use, and that still means only in a subset of the (La)TeX community, where there are enough expert hackers who would find this malicious code.
> And you can count the people on one hand who would be able to publish a malicious ConTeXt module… Malicious code snippets in our wiki or ML also wouldn’t come far.

Also, I tend to stay optimistic. If there were way more strict rules for 
software abuse (with hard penalties) it would be less of a problem, but 
for now we just have to trust. So, far we could trust texies.

> There was PDF malware (using JS or media stuff). There also was PostScript malware in its time. The latter didn’t make a lot of sense, except it could destroy RIP hardware. The RIP technician at the newspaper where I worked told me stories, e.g. there was an evil EPS (some faulty customer logo, no deliberate malware) that caused the deletion of important parts of the RIP software. At my time there was a PS ghost: somehow a page got installed on one of the printers and got printed at odd times. Reboot didn’t help, we never found the cause.
Writing could be restricted I guess, so wiping rip source is also bit of 
a bug in the rip i guess. Anyway, I do remember sending postscript to 
our printer just to find out that you ended up with an empty paperbin 
and a few lines per page with garbage ascii. In that respect pdf is a 
bit better: something or nothing gets printed.

This ghost: makes for nice debugging. Kind of a challenge.

(btw, this makes for a nice topic next meeting: security and documents 
and such)

Hans

-----------------------------------------------------------------
                                           Hans Hagen | PRAGMA ADE
               Ridderstraat 27 | 8061 GH Hasselt | The Netherlands
        tel: 038 477 53 69 | www.pragma-ade.nl | www.pragma-pod.nl
-----------------------------------------------------------------
___________________________________________________________________________________
If your question is of interest to others as well, please add an entry to the Wiki!

maillist : ntg-context@ntg.nl / http://www.ntg.nl/mailman/listinfo/ntg-context
webpage  : http://www.pragma-ade.nl / http://context.aanhet.net
archive  : https://bitbucket.org/phg/context-mirror/commits/
wiki     : http://contextgarden.net
___________________________________________________________________________________