On Tue, Mar 01, 2005 at 06:33:51AM -0800, Rahul Sundaram wrote:
Alan, can you please clarify that statement. its redundant obviously but why is it dangerous?
The various "automatically run" tools get dangerous because they provide paths for exploits. There is the obvious binary approach (eg a Windows CD that has autorun of format/u c: and is labelled PORN) but there are more subtle tricks too - CD's with movies on them that exploit older video players, or with html and images that exploited linux/windows image viewer holes.
It's a trust thing.
Alan