ebizearnings.com - a SMB’s SEO/SEM web.point

Silent hacking sounds like a new concept, so new that seldom PDF users are aware of it. Would you think at security exploits while staring at a for-print document that a close friend, a business partner or a colleague was sending you? Actually I didn’t—in spite of my little security paranoia with Nigerian based phishers and Korean spammers (paranoia not diagnosed, yet attacks identified and unfolded, for now). This false sense of security with PDFs kinda thrilled me last night when stumbling over this Slashdot post.

What can be done for a starter:

- disable JavaScript in your Acrobat configuration preferences (Menu > Edit > Preferences);

- in same Preferences dialogue box, go to the bottom tab named ‘Weblink’; see the path to web browser setup that will be fired up when a PDF embedded/hidden link would want to launch something behind your back; mine (Acrobat7 for Linux) was launching Firefox; I edited the ‘browser executable’ field by clicking on the ‘browse’ button and picking up another executable file, NOT a browser launcher; in my case I picked up to launch gCAD3D, a CAD design application that’s gonna crash the PDF backdoor link into nirvana (will notify you with an error message); how about you pick up as browser replacement something like Photoshop, some MP3 player app, or some system monitoring app - anyway something unable to open up a weblink the way a web browser is expected to do;

- yes, don’t forget that the above security hack will disable any weblink in your PDF documents, be it legit or malicious; if you have to link to something, just use plain readable text (not hyperlinked), copy/paste it by hand in your browser of choice; sounds tedious? that’s the price to pay for securing your computer from prying eyes, enemies, competitors, etc.

Other non-immediate solutions:

1. Adobe to come up with a new Acrobat secured version.

2. Dump PDF document sharing use if you can live with some nice CSS-ed corporate password protected blogging.

3. If you’re a PDF lover, use other viewing/editing app, not Adobe’s Acrobat. Could be this one: http://foxitsoftware.com or go Google for another. Also—regardless the app, Acrobat or another one—good to test first this backdoor exploit with the unharmful sample presented right here on eWeek.com.
When I opened the same backdoor sample file with Gnome PDF Viewer, GGV PostScript Viewer, KGhostView the exploit failed to activate. Seems that rather Acrobat’s implementation allows the exploit and not the PDF document per se.

Okay, but you may yell at me that I live in my Linux jar and what about you the billions of Windows users? God loves you too, don’t cry: go get the GSView and always use it to open PDFs coming your way.

In conclusion:

Use PDF only if you’re in the printing business! It’s the best print-to-file e-paper ever. And while using PDF files, steer away of Adobe’s Acrobat—too bloated and prone to malicious exploits. Embrace instead some of the above PDF viewing alternatives.

If you enjoyed this post, make sure you subscribe to my RSS feed!