| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20091206195645.GA22109@elf.ucw.cz> Date: Sun, 6 Dec 2009 20:56:46 +0100 From: Pavel Machek <pavel@....cz> To: "Thor (Hammer of God)" <thor@...merofgod.com> Cc: "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>, Patrick Webster <sflist@...hack.com>, WebDawg <webdawg@...il.com> Subject: Re: Millions of PDF invisibly embedded with your internal disk paths On Thu 2009-12-03 14:17:48, Thor (Hammer of God) wrote: > Meh. I replied to something similar off-list. > > > "Leaking" a pdf with `e:\nethome\joe_kitten_lover' doesn't remotely > "prove" anything. If I create a user called > MayIMommaDogFaceToTheBannanPatch and "leaked" a pdf, it doesn't mean > Steve Martin was culpable. Nor do IP addresses prove anything, still people use them. It is good enough reason to search his computer. If the poor user does not know paths are embedded, he's likely to get himself into trouble. And no, the path does not prove anything, but given how hard it is to erase data on hdd, his harddrive is likely to prove a lot. Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Powered by blists - more mailing lists