|
Welcome to my blog...It's more of an occasional-random-quirky-thought blog or a check-out-this-cool-link blog
than one of those this-is-what-i-had-for-breakfast-today-and-these-are-my-feelings-about-life blogs and
it's definitely not one of those awful i'm-useful-and-have-important-things-to-say-and-i'm-contributing-to-society blogs. Enjoy.
|
|
:: crapweasel ::
the official blog of Dave Tompkins RSS Feed 
ARCHIVES
20 Most Current December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 December 2004 November 2004 October 2004 September 2004 August 2004 July 2004 June 2004 May 2004 April 2004 March 2004 February 2004 January 2004 December 2003 November 2003 October 2003 September 2003 August 2003 July 2003 June 2003 May 2003 April 2003 March 2003 February 2003 January 2003 December 2002 November 2002 October 2002 
|
For more miscellaneous news stories, you can read my shared items in Google Reader [rss]
Wednesday, February 25, 2009
JBIG2 Exploit
I just wanted to comment on the unfortunate publicity JBIG2 has been getting as the source of the exploit in the Adobe Acrobat Readers... As someone who was there when JBIG2 was being created... I am not surprised AT ALL. The JBIG2 stream with the arithmetic coder is a delicate house of cards that's designed for an error free environment, and it takes a fair amount of sophistication to do error detection (and error recovery is nearly impossible). I would have bet big money that it wouldn't be hard to crash Adobe's implementation, but there's no excuse for Adobe to have a JBIG2 implementation that's so easily exploitable. It's all just a shame that this is the most publicity JBIG2 has ever received. -sigh-
MORE POSTS IN THE ARCHIVES... |