iPhone wrote: > Doesn’t the CERT message say that FLAC can be attacked if an executable > file is downloaded. Question: Who is downloading FLAC? Are we all not > ripping our own CDs and would not be vulnerable to this type of attack? > Seeing how it is all local to our machines. Or am I not thinking about > this like an IT Guy?
Lots of people download and install the flac executable itself. Most folks do not build the executable (flac.exe on Windows machines) from source. You can buy FlAC encoded music. And there are a fair number of music files on the torrents in FLAC format. If you download such a file, you might get a surprise. If you do your own ripping, I don't see this particular attack as being an issue. But sharing files has a potential for worries, kinda like sharing girlfriends. Not always, and not with all, but sometimes worry is appropriate. -- Pat Farrell http://www.pfarrell.com/ _______________________________________________ ripping mailing list [email protected] http://lists.slimdevices.com/lists/listinfo/ripping
