tor-ad...@torland.me:
> On Friday 07 August 2015 13:25:02 Cain Ungothep wrote:
> > > Well, Mozilla announced a secadv for pdf.js recently, so there's that.
> > >
> > > https://www.mozilla.org/en-US/security/advisories/mfsa2015-69/
> >
> > Ugh, here comes another:
> >
> > https://www.mozilla.org/
On Friday 07 August 2015 13:25:02 Cain Ungothep wrote:
> > Well, Mozilla announced a secadv for pdf.js recently, so there's that.
> >
> > https://www.mozilla.org/en-US/security/advisories/mfsa2015-69/
>
> Ugh, here comes another:
>
> https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/
On 7/15/15, Apple Apple wrote:
> ...
> I think coderman was saying something about a conversion tool as well but I
> didn't really understand it...
you could call that rube goldberg a "conversion tool", but really it
was an object lesson. ;)
speaking of PDFs,
"The vulnerability comes from th
ncl
> mtsio:
>> If you to Preferences->Applications->Portable Document Format there
>> is the option 'Preview in Tor Browser' that opens the PDF without
>> opening an external application. What's the problem with that?
>
> Well, Mozilla announced a secadv for pdf.js recently, so there's that.
>
>
On 15 Jul 2015 01:56, "Niels Elgaard Larsen" wrote:
> No, Postscript is a real programming language.
You're right, I was thinking of troff. Even so, looking through the
language reference it does not seem particularly powerful. Maybe it can
delete some of your files but it can't make network conn
from a Hacking Team email
https://wikileaks.org/hackingteam/emails/emailid/636440
Unfortunately, we do not know anything about the target. All we know is his IP
address comes back as a Tor exit node. He may be using TBB or some other
variant. We will need to send him an email with a document or
On 13-07-2015 10:10, Apple Apple wrote:
> On 13 Jul 2015 00:12, "Yuri" wrote:
> PostScript is something entirely unrelated. It is a way of describing the
> layout of documents with words, like a very early CSS or Latex. I remember
> claims about it being Turing complete but I think that this is
On 13-07-2015 01:03, Yuri wrote:
> On 07/12/2015 12:27, Niels Elgaard Larsen wrote:
>> If you convert it to a safer format
>
> It is nothing inherently unsafe in pdf format itself, and any other
> document formats aren't any safer.
PDF is an extremely complex format, the specification is more t
Yuri:
> On 07/12/2015 12:27, Niels Elgaard Larsen wrote:
>> If you convert it to a safer format
>
> It is nothing inherently unsafe in pdf format itself, and any other
> document formats aren't any safer. You probably confuse pdf and
> PostScript, which is more like a programming language. PDF isn
On 13 Jul 2015 00:12, "Yuri" wrote:
> It is nothing inherently unsafe in pdf format itself, and any other
document formats aren't any safer. You probably confuse pdf and PostScript,
which is more like a programming language.
No I think we are definitely talking about PDF files in this thread.
His
On 7/12/15, Yuri wrote:
> ...
> It is nothing inherently unsafe in pdf format itself, and any other
> document formats aren't any safer. You probably confuse pdf and
> PostScript, which is more like a programming language. PDF isn't nearly
> as much a programming language as ps is. It does have in
On 07/12/2015 12:27, Niels Elgaard Larsen wrote:
If you convert it to a safer format
It is nothing inherently unsafe in pdf format itself, and any other
document formats aren't any safer. You probably confuse pdf and
PostScript, which is more like a programming language. PDF isn't nearly
as
On 12 Jul 2015 20:26, "Niels Elgaard Larsen" wrote:
>If you convert it to a safer format...
I agree. As long as the user is aware that converting a PDF file into
another format can be just as dangerous as simply opening it and takes
precautions then I think this is a good plan too.
--
tor-talk m
On Thu, 9 Jul 2015 01:41:44 -0700
Apple Apple wrote:
> I feel like the wrong issue is being discussed here; the real danger is not
> really IP leaks. If you skipped Seth's post because of its length I suggest
> you go back and read it.
I did read it.
> If someone manages to trick your PDF view
On 7/9/15, flipc...@riseup.net wrote:
> couldnt we just code some protection against this
WhonixQubes with DeepLang semantic barriers between isolated temporal
processing pipelines.
you obtain the PDF inside a transient isolated VM via scrutinized path
through upstream Tor and Firewall VMs.
nex
>couldn't we just code some protection against this
Well security vulnerabilities are basically bugs, that is, programming
mistakes, which a 3rd party can exploit to do things like crash or take
control of the system.
There are some mitigations such as Address Space Layout Randomisation,
Position
couldnt we just code some protection against this
On Thursday, July 09, 2015 01:41:44 AM Apple Apple wrote:
> I feel like the wrong issue is being discussed here; the real danger is not
> really IP leaks. If you skipped Seth's post because of its length I suggest
> you go back and read it.
>
> If
I feel like the wrong issue is being discussed here; the real danger is not
really IP leaks. If you skipped Seth's post because of its length I suggest
you go back and read it.
If someone manages to trick your PDF viewer into running arbitrary code
with a malicious PDF file, that person may then h
On 04-07-2015 01:45, Mirimir wrote:
> On 07/03/2015 02:36 PM, Lars Luthman wrote:
>> Can PDF.js bypass Tor? How? I thought it used the same networking code
>> and proxy settings as the rest of Firefox.
>
> Maybe so. But without firewall rules, there's risk. There's also risk of
> downloading th
On 07/03/2015 02:36 PM, Lars Luthman wrote:
> On Fri, 2015-07-03 at 14:30 -0600, Mirimir wrote:
>> On 07/03/2015 02:16 PM, mtsio wrote:
>>> Hello everyone,
>>>
>>> Is it safe to open pdf documents inside Tor Browser?
>>
>> As other have said, it is NOT safe to do that, because PDFs can bypass
>> T
On Fri, 2015-07-03 at 14:30 -0600, Mirimir wrote:
> On 07/03/2015 02:16 PM, mtsio wrote:
> > Hello everyone,
> >
> > Is it safe to open pdf documents inside Tor Browser?
>
> As other have said, it is NOT safe to do that, because PDFs can bypass
> Tor. However, it IS safe to open PDFs in Whonix,
On 07/03/2015 02:16 PM, mtsio wrote:
> Hello everyone,
>
> Is it safe to open pdf documents inside Tor Browser?
As other have said, it is NOT safe to do that, because PDFs can bypass
Tor. However, it IS safe to open PDFs in Whonix, because all
Internet-bound traffic either uses Tor, or is black-h
mtsio writes:
> If you to Preferences->Applications->Portable Document Format there is
> the option 'Preview in Tor Browser' that opens the PDF without opening
> an external application. What's the problem with that?
There are two kinds of risks that lead to the suggestion not to view
documents l
mtsio:
> If you to Preferences->Applications->Portable Document Format there
> is the option 'Preview in Tor Browser' that opens the PDF without
> opening an external application. What's the problem with that?
Well, Mozilla announced a secadv for pdf.js recently, so there's that.
https://www.mozi
You asked the wrong question, so you got the wrong answer.
mtsio:
> If you to Preferences->Applications->Portable Document Format there is
> the option 'Preview in Tor Browser' that opens the PDF without opening
> an external application. What's the problem with that?
>
> Speak Freely:
>> Gener
Hi.
On 07/03/2015 09:43 PM, mtsio wrote:
> If you to Preferences->Applications->Portable Document Format there is
> the option 'Preview in Tor Browser' that opens the PDF without opening
> an external application. What's the problem with that?
I'd echo this advice from the TBB download page:
If you to Preferences->Applications->Portable Document Format there is
the option 'Preview in Tor Browser' that opens the PDF without opening
an external application. What's the problem with that?
Speak Freely:
> Generally, no, but that hasn't stopped me depending on the source.
>
> I usually tak
Generally, no, but that hasn't stopped me depending on the source.
I usually take one of two approaches, depending on the intention.
http://view.samurajdata.se/
You can point an online pdf document on this site, and it will load it
for you, without using a plugin.
Or, download the pdf yourself,
Hello everyone,
Is it safe to open pdf documents inside Tor Browser?
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
29 matches
Mail list logo
