Quote:
Originally Posted by Miss Chief
Quote:
Originally Posted by stumped
protected from what exactly?
there is no way that using calibre's add books to library will import ransomware !
|
Well I am sorry to have to tell you that you are mistaken, as Symantec point out here.
In fact this very topic was a source of another issue I had with Windows Defender, you see I am a Unix Admin and I work with security so a good portion of the aforementioned ebooks are about Programming, Shell Scrips, Pen Testing, Blockchain that kind of thing and it seems that books about computer security triggers Defender and it gets, well... defensive, I fixed that issue although I didn't bother posting it here as it wasn't an issue with Calibre per se, but if you're curious here is my post.
However, I am also not worried about getting ransomware from any of my ebooks. Again not sure why you would think that? In the event I do get ransomware on my system though... it would be nice if my ebook library wasn't the only directory that is actually vulnerable to attack. |
Sadly, the item you reference from the Symantec site does not make it very clear that the hazards from downloading pirated ebooks lies more in the files that are supplied as .pdf, .zip, .rar or .exe and not the ebooks in epub, azw3, mobi or whatever format themselves.
In theory, you could embed malicious javascript in an epub3 ebook. After seeing one item titled "Security Diligence Required to Prevent ePub or Mobi Javascript Hacks", I did some playing with the idea. I could not find an ebook renderer that would execute those malicious code snippets on my ereaders. Blasted programmers who limit the functionality of their code.
As for the mobi format ebooks? Given the age of that format, embedding javascript is not a viable option.