Hey!
A bit of a different one!
It's taken me 10 years but I finally managed to combined my passion for 3D animation and my work in cyber security, and have just released some techical research into malware delivery via 3D asset files which deep dives into blender's security controls and potential abuse of native features.
This is mostly relevant for anyone who frequently uses 3D assets with custom scripts. Especially if you always have auto run python scripts enabled!
The research is not a criticism of Blender, nor the disclosure of any new vulnerabilities. It's more of anawareness piece and a proof-of-concept, intended to highlight overlooked risks and encourage stronger security practices in an industry that cyber security seems to less frequently cross paths with.
Please feel free to go have a read if you find it interesting:
https://www.culture.ai/resources/blog/pixels-polygons-and-payloads
Also here is a little render of the scene I made for the proof of concept. Because obvisouly as an artists I couldnt not have a nice little scene to show off!
Also if this is the wrong place / platform to share on. Feel free to remove :)
Thanks,
- Ollie
Hello Ollie. The forum is more of a questions and answers for helping people out who are learning Blender, sharing art and stuff. I don't see why this can't be here though, it's Blender related. But I guess people wont see it, so maybe the CG Cookie Discord can also be an option.
