Hacker News new | past | comments | ask | show | jobs | submit login

Ok, how about an image in an email? Or a PDF receipt? How about clicking a link online? All of these have a serious potential to infect your system with malware.



I really don't want executables in PDF files or email. Really, I don't.


PDF parsers, and really all complex format parsers, are very often exploitable. Maliciously crafted documents trigger a buffer overflow, and now they can take control of the process and execute arbitrary code, code that almost certainly has access to your other documents as well.

Also, how about malicious scripts that I convince you to explicitly give execute permissions to and run? How about Git repos that I convince someone to clone, compile, and run, that have malicious code?

Signature-based heuristics can help protect from all of these things that the OS is powerless to help against with only traditional security measures.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: