Comment by lovedswain
5 years ago
9 times out of 10, through the front door. Some shit in a .doc, .html or .pdf. The Google-China hack started with targetted pdfs
5 years ago
9 times out of 10, through the front door. Some shit in a .doc, .html or .pdf. The Google-China hack started with targetted pdfs
If people didn't allow macros in Excel, stayed in read-only mode in Word and only opened sandboxed PDFs (convert to images in sandbox, OCR result, stitch back together), we would see a sharp decline in successful breaches. But that would be boring.
I think opening all PDFs in a browser would be good enough™ as browser sandboxes are about as secure as sandboxing gets.
Operation aurora happened when most people still used IE and some used Opera (i did) and very few Firefox and others
How such an attack is even possible? A bug in the LibreOffice, browser, or Evince?
PDF is a nightmare format, including such gems as javascript IIRC; it's not surprising that it can be used to make exploits in reader software.
So the attacker has to have exploits in every pdf reader app on linux? Since it is not Adobe only and there are quite a few. Or maybe a common backend engine (mupdf and popler)...
4 replies →
Remember how Adobe removed Flash support from Acrobat a couple of years back? Attacks like this are why. Well, and Flash had other issues, too.
I'm not sure when you started using PDFs (I remember mid-90s when my Dad told me about this cool new document format that would standardize formats across platforms, screen and paper!), but hardly anything is static any more.
The nexus of unsafe programming languages and exploit markets, where for the right price you can purchase undisclosed bugs basically ready to use. Modern offensive security is essentially a bit like shopping in Ikea