Jump to content

Recommended Posts

Posted

i know downloading pdf files from random sites could be problematic. 

 

But is it risky ( in terms of viruses, getting my personal data hijacked, etc ) to download pdfs from archive.org ?

Posted
26 minutes ago, RichCor said:

As archive.org curates its source material directly from the Internet...

So, I assume that's a "yes, could be dangerous" ?


Are .mobi files potentially problematic?

Posted
27 minutes ago, andy72 said:

as long as its .pdf .mobi and not as example .pdf.exe

 

no suffix after the pdf 

I learned that a ".pdf.exe" suffix could be dangerous a few years back, but can't remember whether or not I'd forgotten it. 

 

At any rate, definitely worthwhile to point out.

Posted
10 minutes ago, BananaBandit said:

I learned that a ".pdf.exe" suffix could be dangerous

This is where Microsoft got stupid and, as Eindhoven just mentioned, as a default setting prevents file explorer from displaying the .xxx extension for "known file types". So a dangerous download of happy.pdf.exe now gets displayed in the windows file list as happy.pdf

 

Ugh!

Posted
13 minutes ago, RichCor said:

Adobe got really stupid there for a while and now .pdf containers can hold:

JavaScript

Embedded Flash

Launch Actions

GoToE (encrypted payloads)

Embedded Media Controls

http linking (potentially to malicious websites)

 

Also, some PDF readers, or browser helper files, can contain interpreter vulnerabilities that can be exploited to execute embedded shellcode that directly downloads another malicious executable Backdoor. 

It sure sounds ominous....So, by downloading a dodgy PDF, i might put myself at risk for someone accessing my banking passwords and then they could take my money?  Or is that particular scenario a bit far-fetched?

Posted
24 minutes ago, BananaBandit said:

So, by downloading a dodgy PDF, i might put myself at risk for someone accessing my banking passwords and then they could take my money?  Or is that particular scenario a bit far-fetched?

Change that to "by dowloading" period, especially from unverifiable sources, then anything is possible.

 

If a 'file' can somehow either trick a user into allowing it to execute code, or better still using an exploit to automatically execute embedded code or instructions to run, then you could be seriously boned.

 

The code might do nothing more than display an annoying message, or become a keylogger with remote backdoor access.

 

That's not to say that ALL files found on the Internet, or even on the torrenting platforms, are compromised. Just some of them, especially if they're popular and sought after by gullible sheeple.

  • Like 1
  • Thanks 1
Posted
4 hours ago, BananaBandit said:

I went to my Adobe Reader program and selected:  Edit -- Preferences -- Security (Enhanced) .... There is already a check mark saying my "Enable Enhanced Security" option is activated. 

 

Does this qualify as "Protected Mode" ?

I see the following. As far as I see one of the important settings is in the red marked box. To be sure select "All Files".

 

pdf.png

  • Like 1
  • Thanks 1
Posted
22 hours ago, OneMoreFarang said:

Let's clarify the situation.

You can download pdf (and many other files) without risk.

The risk is if you execute or "view" those files.

This is 'mostly' true, though if you click a link in a browser you may have already committed it to also automatically opening it.

 

I remember in 2011 one of the first iPhone jailbreaks was delivered by using iOS Safari Browser to visit the jailbreakme (dot) com website and clicking a link to download a compromised .pdf that simultaneously broke the root account and downloaded an alternate app store. Scary efficient.

  • Like 1
Posted
On 7/16/2020 at 6:26 AM, OneMoreFarang said:

Let's clarify the situation.

You can download pdf (and many other files) without risk.

The risk is if you execute or "view" those files.

So...if I download a PDF from archive.org, then use a program to convert that PDF to a MOBI, then put the MOBI on my Kindle and trash my PDF without ever opening it..... Would this process most likely suffice to safeguard my backdoor from malicious penetration?

 

Or could a malicious operator penetrate me with a dirty MOBI as well?

 

2 hours ago, RichCor said:

This is 'mostly' true, though if you click a link in a browser you may have already committed it to also automatically opening it.

Could I be risking foreign penetration of myself just by clicking a link on archive.org ?

Posted
2 hours ago, BananaBandit said:

Could I be risking foreign penetration of myself just by clicking a link on archive.org ?

Please understand that every time a program offers a new extended 'feature', that new thing becomes a potential method for hackers or governments to inject code to try and break in.  

 

Clicking ANY link on ANY page in a browser might lead to bad stuff happening, if the owner of the site intends harm.

 

Archive.org is a curated backup of the Internet and the content found. If the website or content was compromised when archive slurped it up then it's probably still compromised.

 

 

2 hours ago, BananaBandit said:

So...if I download a PDF from archive.org, then use a program to convert that PDF to a MOBI, then put the MOBI on my Kindle and trash my PDF without ever opening it.....

 

You can try using the 'Right-click' option of a link to "Save link as" and force the browser to only download (an not also open/view) the link content, this is one method of insulating yourself from bad stuff happening. 

 

If a file is compromised it's usually done so to take advantage of a vulnerability in a specific application, application version, or operating system subcode (like a driver or codec) in order to work. 

 

.pdf and .mobi files are vulnerable to manipulation and exploits. 

 

If you convert the file the risk of the file malware content still being able to function as intended is greatly reduced as you're changing the target platform the content was originally intended to be rendered using.

 

FREE stuff should always be regarded as potentially compromised.

 

  • Thanks 1
Posted
9 hours ago, BananaBandit said:

Thanks guys...you've given some pretty good information here (even though it's anxiety-inducing!)

 

Personally, I wouldn't worry about it. But if you are concerned, use a SandBox.

That way, it is run in a closed off environment and cannot run on your main install. As soon as you close the SandBox, everything that ran within it disappears. Just get into the habit of running anything with which you feel uncomfortable in the SandBox first.

Clicky link of which you are not sure? Open it in a SandBoxed Browser. Anything dodgy happens can only happen in that SandBox and once your close the SandBox environment, everything disappears.

Belt & Braces for the unsure.

  • Thanks 1
Posted

One more thing came to my mind.

 

If you want to read these PDFs "only" on an eBook reader then you should try to download them directly on that eBook reader. Then you won't have any risk.

  • Thanks 1
Posted
12 hours ago, Eindhoven said:

Personally, I wouldn't worry about it. But if you are concerned, use a SandBox.

That way, it is run in a closed off environment and cannot run on your main install. As soon as you close the SandBox, everything that ran within it disappears. Just get into the habit of running anything with which you feel uncomfortable in the SandBox first.

Clicky link of which you are not sure? Open it in a SandBoxed Browser. Anything dodgy happens can only happen in that SandBox and once your close the SandBox environment, everything disappears.

Belt & Braces for the unsure.

Fair enough then. 

 

In case I eventually decide to sandbox it:   Where is the best place to download my sandbox?

 

Is  sandboxie.com  okay?

 

I have Windows 7, in case that makes any difference (though i suspect it doesn't). 

Posted
12 hours ago, BananaBandit said:

Fair enough then. 

 

In case I eventually decide to sandbox it:   Where is the best place to download my sandbox?

 

Is  sandboxie.com  okay?

 

I have Windows 7, in case that makes any difference (though i suspect it doesn't). 

If Windows 7, SandBoxie is the one for you. Personally I think archive.org will be fine. But no harm in having that extra layer of protection. It allows you to open particular programs in the SandBox too. So you can open Adobe Reader in the SandBox. It's a bit more fiddly and even if you choose to not use it most of the time, having it may prove useful.

For instance installing a new program. You can install in in the SandBox in so that you can scrutinise the installation options and choose or eliminate unwanted add-on choices. Once you are confident that you have made the right choices, delete the SandBox and install it normally, making the correct choices. Running it firstly in the SandBox means you can make as many mistakes as you like, as it doesn't end up embedded somewhere in your main install. 

 

But from anything from archive.org, a simple virus scan before opening should prove sufficient.

  • Thanks 1

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...