[OS X TeX] Are Poisoned PDFs a concern with TeXShop or Skim?
Ross Moore
ross.moore at mq.edu.au
Mon May 24 21:32:28 CEST 2010
Hello Ramón,
On 25/05/2010, at 4:22 AM, Ramón Figueroa-Centeno wrote:
>
> Aloha,
>
> I just read in PCWorld and article titled "Poisoned PDFs? Here's Your
> Antidote" <http://bit.ly/dxhmBT>.
>
> Scary stuff :(
>
> So I was wondering if this is a concern with TeXShop or Skim?
This is a "Social Engineering" kind of attack.
Firstly you need to have downloaded a poisoned PDF from some
dubious website, then you need to allow it to do its dirty work.
If you are aware of the possibility and how it works, then
you are unlikely to be sucked in.
But even if you do allow the program to attempt to run,
it almost certainly will not, because you are on a Mac.
The executable is surely for a PC. (touchwood)
> I am assuming
> that the PDFs generated with pdfTeX are safe, right?
If you have all the malware ingredients, then there are ways
to put included files into the PDFs you create, and to assign
the /OpenAction scripts, etc.
So if you want to do this, then yes you can; but it
certainly isn't going to happen without your own input.
>
> Mahalo,
>
> Ramón
> --
> View this message in context: http://macosx-tex.
> 576846.n2.nabble.com/Are-Poisoned-PDFs-a-concern-with-TeXShop-or-
> Skim-tp5095110p5095110.html
Hope this helps,
Ross
------------------------------------------------------------------------
Ross Moore ross.moore at mq.edu.au
Mathematics Department office: E7A-419
Macquarie University tel: +61 (0)2 9850 8955
Sydney, Australia 2109 fax: +61 (0)2 9850 8114
------------------------------------------------------------------------
More information about the macostex-archives
mailing list