Thursday, May 19, 2005

 

All the TIFF tags you ever wanted

Joris on the TIFF discussion list pointed out the existence of a site by Aware Systems which lists lots of TIFF tags, including documented private tags. There is also a TIFF FAQ on the same site. Many of you who read this blog doubtless know about it already, but another link to a useful site never hurts.


# posted by Gary McGath @ 9:50 AM 0 comments

Friday, May 13, 2005

 

Vulnerability in Quartz Composer files

The linked article describes a vulnerability in Quartz Composer files, which are used by QuickTime on Mac OS X. The claim is that under OS X 10.4, but not earlier versions, a malicious file can leak information to an outside point. Simply viewing a Web page can trigger the vulnerability in some cases.

I'm not familiar with the format, but the description of the problem implies that the vulnerability results not from coding bugs, but from a "design error" -- a failure to consider the consequences of combining features which appear innocuous separately.

An article on MacNN discusses the vulnerability. Several commenters argue that the details of the vulnerability should not have been made public, because that makes it easier for others to exploit it maliciously. But if the weakness is in the design of the format, it's important for as many software designers as possible to be aware of this, so that they won't make similar mistakes.


# posted by Gary McGath @ 8:56 AM 0 comments

Tuesday, May 03, 2005

 

Metro vs. PDF?

CNET has an article on Microsoft's upcoming Metro format, which is intended for document exchange for applications within Windows, though in principle it's cross-platform. Is there a reason for the new format, other than Microsoft's natural desire to gain an advantage over Adobe? It's not clear at this point.

Not much information is available about the Metro format at this point, but it's based on XML plus ZIP compression -- a combination also used by OpenOffice. PDF has gotten very complicated in its recent versions, and an XML format could at least be cleaner.


# posted by Gary McGath @ 12:43 PM 0 comments

This page is powered by Blogger. Isn't yours?

free hit counters
free hit counters
hits since 30-Oct-2006
Copyright 2004-2008 Gary McGath. All rights reserved. Permission is granted to publish feeds of this blog on the Internet, provided the content is not altered and credit is given.