Solved

reliability of pdf sources online

Posted on 2014-01-08
4
323 Views
Last Modified: 2014-02-22
is there an online tool that can verify for me that these downloads are proper and won't try to bring malwares when opening the pdf?

thanks-

[Links to illegal ebook download sites removed by MASQ]
0
Comment
Question by:25112
4 Comments
 
LVL 18

Accepted Solution

by:
Steven Harris earned 500 total points
Comment Utility
You can use a Virus/Malware URL Scanner such as https://www.virustotal.com/#url
0
 
LVL 5

Author Comment

by:25112
Comment Utility
very helpful! thanks-
0
 
LVL 38

Expert Comment

by:Insignificant Volunteer
Comment Utility
Hello 25112

I was just browsing around some old questions and found this.  I know it is answered already, but I thought I would just add some additional information for you to consider.

You can embed malicious content into just about any kind of file, but that does not necessarily mean that the malicious content will be activated when the file is opened normally.  Usually what happens is that the malicious content takes advantage of a vulnerability in the software that opens the file, or the manner in which the operating system allows that program to open files.

One of the tricks used to spread malware via PDF files is to deliberately create a "malformed" PDF file that crashes Adobe Acrobat Reader and then runs some processes with the temporary data in the computer's memory or using a temporary file that has been created.  You can't really know in advance if a PDF file is malformed, although virus scanners might be able to see traces of known "bad code" inside the file.  Most virus scanners also check for unusual activity that falls into a pattern of behaviour that appears to be suspicious or is already known to be suspicious.

One way that you can mitigate (lessen) the chances of malicious files being able to do their dirty work is to disable some of the features in the software that opens those types of files.

For example, two of the settings in Adobe Acrobat Reader that are enabled by default (Edit menu > Preferences) are to allow JavaScript and to allow the opening of external programs from hyperlinks.

Having to look through and check the settings in all the different sections of the Preferences dialog:
Commenting, Documents, Full Screen, General, Page Display, 3D & Multimedia, Accessibility, Adobe Online Services, Email Accounts, Forms, Identity, Internet, JavaScript, Language, Measuring (2D), Measuring (3D), Measuring (Geo), Multimedia (legacy), Multimedia Trust (legacy), Reading, Reviewing, Search, Security, Security (Enhanced), Signatures, Spelling, Tracker, Trust Manager, Units, and Updater
puts people off checking them, but I would urge you to change some of them.  Some settings are not security-related and some may be meaningless to you, but at the very least change these settings:

JavaScript - Untick "enable acrobat javascript"
Trust Manager - Untick "allow opening of non-pdf file attachments in external applications".

Check them again whenever Adobe Acrobat Reader updates.

In general you are better to save PDF files to the hard drive and then open them.  By default PDF files will open using the reader plugin right inside the browser window.  Because theis has been allowed, certain activity that would not normally be permitted by the browser is ignored.  This setting is in a different place for different browsers.  I'm only using Firefox for now, and the setting is under Tools menu > Options > Applications > "Portable Document Format (PDF)" > set it to "Always Ask".

Of course, these security-related settings will not stop you from getting all malware, but it may prevent you from getting some of it.

Just some additional info for you.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

A list of useful business intelligence software.
Let’s list some of the technologies that enable smooth teleworking. 
Using Adobe Premiere Pro, the viewer will learn how to set up a sequence with proper settings, importing pictures, rendering, and exporting the finished product.
XMind Plus helps organize all details/aspects of any project from large to small in an orderly and concise manner. If you are working on a complex project, use this micro tutorial to show you how to make a basic flow chart. The software is free when…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now