Detailing the Security Risks In PDF Standard

crabel writes with this quote from the H Online: "At the 27th Chaos Communication Congress in Berlin security researcher Julia Wolf pointed out numerous, previously hardly known security problems in connection with Adobe's PDF standard. For instance, a PDF can reportedly contain a database scanner that becomes active and scans a network when the document is printed on a network printer. Wolf said that the document format is also full of other surprises. For example, it is reportedly possible to write PDFs which display different content in different operating systems, browsers or PDF readers — or even depending on a computer's language settings."

Re:Abomination

[jgrahn]

PDF is in essence a PostScript-document (with restrictions of the use of external fonts and in a compressed form).

PostScript is a complete programming-language which implies that one could write PostScript that would react to the environment in which it runs.

A real programming language cannot "react to the environment" unless it has the needed I/O facilities. It seems to me that PostScript (as implemented by ghostscript) has been locked down more and more in this area.

PDF in Adobe's hands on the other hand has acquired more and more dynamic features *not* found in Postscript.