Is it wrong of me to be worried about the interaction between pdf files as a frequently-exchanged medium of academic discourse, and pdf files as attack vectors, especially given rumors (later contradicted) that pdf vulnerabilities were involved in the recent Google/China spat? It would be bad if black hats figured out a way to infect the literature that we depend on. Maybe this means I should be more consistent about using my Kindle rather than my computer to view pdf files whenever I'm unsure of their provenance.



Comments:

None:
2010-02-25T13:56:49Z
Maybe this means I should be more consistent about using my Kindle rather than my computer to view pdf files... It's probably sufficient to just use anything other than Adobe products to read PDF files. For extra security, run the reader on an operating system that doesn't come from Redmond.
11011110:
2010-02-25T15:46:28Z
I do usually do both of those. I don't imagine Apple's preview is actually more secure than Adobe Reader, but I guess it's much less heavily targeted by attackers.
ext_226109: Complexity counts!
2010-02-25T19:27:58Z
There's a good chance a common PDF reader is more secure than Adobe's, since Adobe's does much more. It's packed with form filling and encryption features people rarely use, all which are another attack vectors.
chouyu_31:
2010-03-15T07:29:12Z
You could also view it using Gmail's "view" feature. That's how I end up reading most of my pdfs nowadays.
11011110:
2010-03-15T15:20:37Z
Good point. That works well enough when it comes via gmail, which is I think most of them. Probably it wouldn't be too hard to view anything on the web that way too.
None:
2010-05-26T15:45:43Z
xpdf is your friend
11011110:
2010-05-26T15:50:26Z
Or in my case OS X's Preview app, but I guess it's the same principle.