Get the latest tech news

Converting untrusted PDFs into trusted ones: The Qubes Way (2013)


Arguably one of the biggest challenges for desktop security is how to handle those overly complex PDFs, DOCs, and similar files, that are so often exchange...

If the parser didn't obey, we would still interpret whatever stream of bytes we get as a RGB bitmap – in the worst case the PDF we create would look like un-tuned analog TV screen. I have a VM called “work-pub” where I keep tons of various, publicly available PDFs, such as the mentioned Intel's SDM, as well as various chipset docs, conferences papers and slides, and generally lots of stuff. One important detail worth mentioning here, is that we should unconditionally disable “Thumbnail View” in whatever file manager we use (which itself is really a stupid feature – can people not read filenames anymore or something?).

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Qubes Way

Qubes Way

Photo of trusted ones

trusted ones

Photo of untrusted PDFs

untrusted PDFs