fuspezza ago

https://voat.co/v/QRV/3330006/19698458

What about this script?

IndecentClothes ago

How do I safely open a PDF that a boss sent to me on whatsapp. I used to think Foxit made it safe but that's not the case. How can I disable macro on mobile?

libman ago

This is why we need IPFS, hash-based links - you can verify that everyone gets the same response, so no targeting.

yob ago

In this case maybe all VOAT users would get same PDF payload tainted response due to URL adornment attribute sneakily placed on the example URL in this posting. Of maybe all users everywhere get the same payload, no matter what, but the ones from voat have their IPs logged for "high interest" by the infiltration team at fbi

ados ago

interesting. I've downloaded a lot of that shit just for the sake of it

totallynotFBI ago

hysterical retardation

yob ago

Hello FBI shill. Malware distribution and also TARGETED malware distribution, and also FROM FBI targeted malware distribution, is a bad thing.

MY POST IS NOT ABOUT PDFs, it is about FBI targeted malware distribution to voat readers, via PDFs

GoodGodKirk ago

instead of opening it, send it to sensusaccess.com and convert it to another format such as doc or txt.

pushthis ago

im curious if evince on linux causes malware install. i should get a router.

trotskyberg ago

I'd use a OSS PDF reader on Linux & symlink it with something like "firejail $appname"

yob ago

Linux latest version from adobe has exploits, but it is also from 2013 (v 9.5.5). Most people oin linux use other , sometimes vulnerable (rarely) PDF viewers.

pushthis ago

evince is the standard software on deb style linuxs.

my question was if linux machines can be infected from opening pdfs with evince

earlymac ago

Is it a post or a get request?

yob ago

Completing the action is a HTTP 'get', with essentially back and forth traffic on the way to the web linked pdf file. After your machine is compromised with backdoor, traffic can be bidirectional, or delayed, or trigger activated.

BentAxel ago

New accounts? OP has been here 9 fucking days? (I seriously doubt) But this is the bullshit that needs to be addressed. Why is it all the problems are coming with the new accounts? Are they shills? Are they users that were so fucking caustic they had to change their username?

90% of Voat gets along fine. Reddit loses its shit and nothing but faggots show up.

What the fuck?

yob ago

ARE YOU INSANE?!

Attack the messenger (me)? Why not address the MESSAGE? Criticize the content of my warnings on the FBI malware being sent to voat readers? I may know the answer fed shill. Did you even read and understand my post? It was sourced appropriately.

uvulectomy ago

Oh good, I'm not the only one that noticed.

Gingercuntfirecrotch ago

Yea. Sounds like a lot of technical outrage from people with very little technical understanding.

I’m not surprised at all that it leads back to the one GA sub that existed long before the other two. Maybe it’s just the conspiracy nut in me, but it seems like someone is trying to overthrow that sub. It didn’t work the first time when TA migrated, but they sure are persistent.

sinclair ago

THERE IS NO SAFE WAY TO EVER OPEN A SINGLE PDF , EVER!

You can disable javascript in Acrobat, then open it. That's how you do it. If you have Acrobat DC, you can examine the code, if any. I do it all the time. That's the safe way; I learned that trying to find ways around ransomware vectors. Thanks for the list of links. Time to go look at some code.

Murdan ago

I've seen first-hand how Crensch works. He wants power above all else.

SearchVoatBot ago

This submission was linked from this v/LibraryOfVoat submission by @MrPim.

Posted automatically (#52307) by the SearchVoat.co Cross-Link Bot. You can suppress these notifications by appending a forward-slash(/) to your Voat link. More information here. (@yob: Click here to suppress your crosslink notifications from @MrPim)

Moodog ago

Can Voat not allow .PDF extensions to be posted?

Harsh, but effective fix.

yob ago

It could or should just put a WARNING next to it, like "WARNING : PDF !"

Science papers are all published in PDF and we need to offer links to those, even if many are full of malware.

notanexit ago

Damn, I downloaded some PDFs of some books and shit from Voat. How else can I download books and other tutorials besides PDFs?

yob ago

Its how you draw them to your screen that is the problem. Many PDFs are contaminated to get in your computer and if NOT FBI, steal "steam account" passwords, bank passwords, credit card info, BITCOIN WALLET passphrases, EA Origin login account info, and far far more. Some install generic backdoors into your operating system for later use, or modify your BIOS, or your EFI boot partition code.

Everyone reads and uses PDFs, its just that you need to use the safest way to open them, or convert them and open the converted ones.

notanexit ago

I downloaded them to my phone. Same problems?

yob ago

Apple iOS? No, not historically.

Android? Yes, for Adobe products : exploit/android/fileformat/adobe_reader_pdf_js_interface using JAVASCRIPT interpreter in a overly featured PDF apk. : https://null-byte.wonderhowto.com/forum/metasploit-embedding-android-payload-into-pdf-0170606/

also

https://www.rapid7.com/db/modules/exploit/android/fileformat/adobe_reader_pdf_js_interface

Good PDF viewers let paranoid disable javascript and disable flash and disable java. No PDF should ever require javascript, or Java. PDF is posctscript, a full featured language on its own, and cannot touch ram or files. javascript in theory cannot touch ram or files, but every couple months a new exploit is found. Including this weeks javascript exploit that steals bitcoins from employees at coinbase !!

Javascript desktop last week :
https://www.extremetech.com/internet/293682-firefox-zero-day-used-to-install-mac-malware

Javascript desktop last week :
https://thenextweb.com/hardfork/2019/06/19/mozilla-firefox-bug-security-flaw-patch-coinbase-cryptocurrency/

HiJoker ago

Why are glow nigs fucking with voat? I'd guess some botspider found more trigger words per square inch than the normal allowance.

lanre ago

Well I figure before the civil war they'll try to disappear us all.

acheron2012 ago

What sort of fucking retard downloads PDFs from the internet?

I know the same ones that download EXEs.

Identitaire ago

Yea, there's no reason to open anything other than script blocked browser links.

indoctrophobe ago

Just open suspicious PDFs in a separate VM. Yes, there may be VM escape exploits, but they're not going to waste those on random people on Voat or whatever.

xiego ago

Thanks for the info. Might have to setup an airgap system for PDFs now.

I wonder if Apple’s Preview which can open PDFs has as many vulns.

yob ago

Officially , none in CVE except ability to read old global unix environment flags (a non-issue) :

https://www.cvedetails.com/product/10916/Apple-Mac-Os-X-Preview.app.html?vendor_id=49

so 1000 CVE exploits for Adobe's PDF viewer, 10 for Foxit, and 0 for Apple's semi-OK free PDF viewer.

fuspezza ago

I've been trying to warn users about that fucken PoS clown mother fucker look up @jem777

https://voat.co/v/ProtectVoat/3310500 RIP @jem777

Dortex ago

Crensch also defends a child porn solicitor that's into blood rituals.

Tzitzimitl ago

says literal pedo

yob ago

interesting link.

I never knew about that thread where GA mod Crensch showed such disrespect for a dead voater (died from a "siezure"):

https://voat.co/v/ProtectVoat/3310500/19507192

DANKE_ST_GHIDORAH ago

Well Crensch is besties with Putt, so you gotta wonder. Dude either has the smallest dick in the world and can't handle anyone being happy or is actually just an evil cunt. Anyone who's been watching knows srayzie only gives a shit about herself. Two meaningless users struggling for popularity, or worse?

fuspezza ago

Check this one out where he gives up on trying to smear a legitimate citizen journalist that was well liked and respected by her subverse

https://voat.co/v/whatever/2682573

eye-bean-around ago

Can pdf be archived or similar?

yob ago

great question! great solution

A Classic PDF can be printed in a public domain "GhostScript" Postscript renderer, enhanced for page break control. This stream meant to be sent to a PostScript capable printer can be considered EXTREMELY SAFE.

Think of it as PRINTING A PDF to a new SAVED PDF.

The problem? Weird obfuscation for line speed in Apple's operating system to use a large token database lookup table sent with the document to APPLE postscript devices.

Another problem... wierd DRM control that does no actual DRM other than DRM authentication itself, forcing some documents to be very nonstandard PDF. Ghostscript DOES support PDF passwords (used on self published ebooks).

How to Use Ghostscript

https://www.ghostscript.com/doc/current/Use.htm

Using Ghostscript with PDF files :

https://www.ghostscript.com/doc/current/Use.htm#PDF

Ghostscript has been around since 1986 as far as I recall. Now it is used by the security paranoid to "scrub" pdfs for use on their other devices.

You can even use it to actually render into PNG images, but that crap cannot be text searched.

pitenius ago

I tried to report this to GLP. Banned. Thanks, OP.

yob ago

Banned?

search for "GLP is a Tavistock honeypot" on internet. Or read sites discussing "Conspirators' Hierachy: The Story of The Committee of 300". Or parts of https://educate-yourself.org/nwo/nwotavistockbestkeptsecret.shtml

You can easily be banned on GLP ( https://www.godlikeproductions.com/ ) If you get too close to outing any Glow In the Dark methodologies.

Glow in the Dark : https://hooktube.com/watch?v=AbG6u86t4bA

pitenius ago

I know it's easy to get banned there. I'm not sure what the Tavistock connexion is to GLP. Full disclosure: I've spoken there a handful of times. The whole thing was creepy and compartmentalized. In better days... Now... I'm rather isolated and working for a religious cult.

I'll keep an eye out for you. You are a good one.

prairie ago

Couldn't there be GS exploits as well? Seems the safest approach is to use a pdf-to-png website.

yob ago

You are correct and bring up good points. Malformed embedded fonts, or png, in a PDF could be engineered to silently exploit common pre-compiled GhostScript on a specific OS such as windows, and still escape out of Ghostscript, and using other zero-day exploits leveraged to then install payload deep into an OS. The solution is to alter your ghostscript and compile non optimized, but the weakness could still be confined to the embedded fonts, or png library, and those too would need special care, plus the defect might survive recompiling.

Running ghostscript to create postscript (.ps) files inside a VM, and concatenating back to a ultra clean PDF file, and turning embedded fonts into system standard postscript default fonts, and re-rezzing PNG and JPEG to similar resolution replacements, would STERILIZE the PDF enough that you coiuld add it to your tech library, or distribute the file to your engineering team safely.

It would be semi simple to write a batch file to do all that and even shove it in and out of a VM.

The problem is that every VM ever written has been exploited and excaped out of, infecting the host os. Once main vector is by glitching the video driver seen by the VM.

I talk too much.

i_scream_trucks ago

Almost every single gab.ai link I've seen here automatically forces a fucking download of a pdf. PDFs are a horribly compromised format and gab fucking knows it.

That fucking shapeshifting like has been setting stupid people up pretending to be a free speech site.

trotskyberg ago

Gab.ai = gabbai = "an Aramaic word that means tax collector, but today a gabbai is someone who assists with the reading of the Torah."

Always in plain sight. They're incorporated in a popular Jew place. "The best way to control the opposition is to lead it ourselves." ― Lenin

Goat-Master-5001 ago

Gab is controlled by Israeli Mossad . This isn't much of a surprise.

MuslimPorn ago

You can't really even trust links. From a security perspective, I'm telling you it's really hard to hide. The only real defence is there's too many of us. They joined up to do good but find themselves increasingly suppressing reactionaries, those reacting as a result to government policy. Each round of elections is a new opportunity to see how much they can get away with, the slow creep, but it's not the only slow creep. It starts off with the mad people, the fringes of society who are easily condemned but as the powers that be grow much and more demanding they find that the proportion of the population that are canaries grows each time, like a rising tide they pat their own backs each time a wave recedes but the next wave comes in ever stronger, relentless, growing, pulsating. Each time the canaries are more in number and increasingly closer to salient, increasingly less paranoid and increasingly aware of real threats. Increasingly the scale tips such that more of the mad are more pathologically threat blind than threat adverse. You go from the mad being people seeing threats that aren't there to people being mad who don't see threats that are there. The pendulum swings, the wheel turns, the scales tip.

3dk ago

They really want your dick pics.

SandHog ago

Oh hi webofslime how are you tonight?

yob ago

not me. But I am easy to out, if you try, I only change my name now and then over many many years here to avoid over doxxing.

I never even really heard of that alt, nor that subverse, but now i will subscribe to https://voat.co/v/webofslime , as upon first glance, it piques my interest.

I tend to follow only the main subverses.

SandHog ago

Meh. You already told me everything I need to know about you. Thanks for the heads up though.

Corpse_washer ago

Imagine believing anything downloaded from lettersoup agencies will not infest your computer.

argosciv ago

Oh look! A 9 day account making up utter bullshit and trying to pin it on @Crensch.

Color me not fucking shocked at all.

Top fucking kek. Get it? "kek=top"

Dense faggot, only tech-illiterate tards would believe your shit.

"kek=top" would not at all change anything.

Hell, make it "kek=bottom", same thing will happen; it'd be fucking ignored on the other end.

geovoat ago

Adding any tag after a ? at the end of a web address is read by the receiving website. The retrieving website can use that info to identify the source of the traffic or the specific link that directed the websurfer to the site. This is basic php programming..

Any amazon affliate tag is after the ? For example.

argosciv ago

And this manufactured crisis claims that the FBI site has specifically altered their code to check for $_GET['kek']

This is basic php programming.

No fuckin' shit. If you actually believe that the FBI altered their site to look for that index... whew lad.

But hey, let's all look the other way while I get brigaded for pointing out how retarded the narrative is.

-30 in ~2.5 hours. Totally organic mate.

geovoat ago

If I was the fbi I would track the entry link on every single hit on to the website.

Most websites do it.

They don't have to alter anything. That entry address logged by default by all apache servers and probably all others.

i_scream_trucks ago

Nothing fake about it. If you think off links are fine and auto downloading links of any kind are ok you are literally a fucking tard. Or a jew.

argosciv ago

Don't want to visit the fbi site or view a pdf? Don't click the link. Fucking simple.

Or a jew.

Oh save it for your circle-jerk, fuckwit.

OP is a burner alt, clearly, and is drumming up a false narrative which relies on readers having no knowledge about GET requests.

If you seriously think the FBI is recording $_GET['kek'], you are the retard. But hey, what can I expect from an SBBH user? Only a select few from there have any credibility or discernible intelligence.

yob ago

Its logged by the FBI so that they know WHICH machines infested are voat users.

argosciv ago

Jah jah jah, because the fbi site is soooo totally recording $_GET['kek'].

Fucking dumb cunt.