Yes on PDFs in this case. It is designed to exploit the PDF reader when you open it. Though less common today it’s still an avenue of attack to watch out for. It depends on the reader too but why take a chance if something is detected
So, how do you download and use PDFs from Anna’s Archive or a similar site? Do you download it to a computer that you just use for downloads, then scan the file using Virus Total, then read only on that computer? (I usually read on my phone using Overdrive, just trying to figure out the safest way as a newbie).
Personally I DL on a Linux machine and then upload to virus total. If they are clean, then I transfer them to an old android tablet without internet access for reading. If I was reading them on the machine I’d open them in a linux VM, either alpine or fedora silverblue with network aceess disabled.
The state of the art is qubes OS that has a tool to neuter a PDF by taking screenshots and building a new PDF in different VMs.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
⚓ A community devoted to in-depth debate on topics concerning digital piracy, ethical problems, and legal advancements.
Be sure to scan them too. I’ve had virus total detect one or two things on different books.
Really? A virus on ebooks? Damn
Yes on PDFs in this case. It is designed to exploit the PDF reader when you open it. Though less common today it’s still an avenue of attack to watch out for. It depends on the reader too but why take a chance if something is detected
Are EPUB files safe?
I have not come across infected epubs myself but it is possible see https://security.stackexchange.com/posts/176225/revisions for some background.
So, how do you download and use PDFs from Anna’s Archive or a similar site? Do you download it to a computer that you just use for downloads, then scan the file using Virus Total, then read only on that computer? (I usually read on my phone using Overdrive, just trying to figure out the safest way as a newbie).
Personally I DL on a Linux machine and then upload to virus total. If they are clean, then I transfer them to an old android tablet without internet access for reading. If I was reading them on the machine I’d open them in a linux VM, either alpine or fedora silverblue with network aceess disabled.
The state of the art is qubes OS that has a tool to neuter a PDF by taking screenshots and building a new PDF in different VMs.
There’s this program which supposedly will take a PDF and if it’s unsafe make it safe. https://dangerzone.rocks/
I’ve only heard of it today, so I have no idea about its efficacy.
If it works by opening it in a sandbox then taking screenshots or printing it back to a new PDF. It should be good.
Edit: just read the github and it works exactly like this
Ah I forgot about that. I remember when Micah Lee started that years ago and posted about it on twitter.
I must give it a try and see how it performs. Thanks for the reminder
Sounds like a good service to covertly insert malware /s