Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

do pdf downloads (most) always come with malware?


  • Please log in to reply
10 replies to this topic

#1 Burgos925

Burgos925

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 01 March 2018 - 01:33 PM

Do pdf downloads (most) always come with malware?  Or, are there reputable sites where you can safely download pdf books?



BC AdBot (Login to Remove)

 


#2 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 6,822 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:12:26 PM

Posted 01 March 2018 - 01:51 PM

No, they don't.

 

Unless a book is in the public domain it should not be downloadable, in any format, without purchase.  There are numerous sources for public domain materials online.


Brian  AKA  Bri the Tech Guy (my website address is in my profile) Windows 10 Home, 64-bit, Version 1709, Build 16299

       

    Here is a test to find out whether your mission in life is complete.  If you’re alive, it isn’t.
             ~ Lauren Bacall
              

 


#3 Burgos925

Burgos925
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 01 March 2018 - 03:02 PM

No, they don't.

 

Unless a book is in the public domain it should not be downloadable, in any format, without purchase.  There are numerous sources for public domain materials online.

 

Great, because I think all authors should be rightfully compensated for their work.  Your last sentence raises the question where "legal" pdf "books" can be found.



#4 Rocky Bennett

Rocky Bennett

  • Members
  • 2,535 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Mexico, USA
  • Local time:10:26 AM

Posted 01 March 2018 - 04:39 PM

I have never heard of a PDF download that comes with a virus. I have downloaded literally tens of thousands (over 20,000) PDFs and I have never even heard this theory.


594965_zpsp5exvyzm.png


#5 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 6,219 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:05:26 PM

Posted 01 March 2018 - 05:50 PM

@ Burgos925 #3

 

Free legal books in several different formats are available from a number of sources. The Gutenberg Foundation is one of the better known but their collection is mainly of older books, those published before 1950/60 If I remember rightly. There are also a number of publishers who directly release some of their back catalogue as free books, seeing this as a way to get you to buy current works by their authors.

 

Baen Books are a good example of this if you are into what might loosely, very loosely, be regarded as science fiction. They have a large back library of free works available in many different formats with no restrictions on use. Failing that, Google is your friend.

 

Also, like Rocky Bennett, I have never come across a contaminated PDF file, the odd corrupted one yes, but never contaminated. I'm not saying it is impossible to infect a PDF file but it's rare. Where you will come across them is as attachments in spam emails. But we don't open attachments in emails from people we don't know, do we ?

 

Chris Cosgrove



#6 Rocky Bennett

Rocky Bennett

  • Members
  • 2,535 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Mexico, USA
  • Local time:10:26 AM

Posted 01 March 2018 - 06:01 PM

Please donate;

 

https://archive.org/


594965_zpsp5exvyzm.png


#7 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,638 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:26 PM

Posted 01 March 2018 - 06:08 PM

Malicious PDFs were prevalent several years ago. Most often with exploits for Adobe Reader. I have a large collection of malicious PDFs.

 

Nowadays, it's rare that you'll find a PDF with malicious code. And the ones that I still see with exploits, target older versions of Adobe Reader. Not the latest versions.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#8 Rocky Bennett

Rocky Bennett

  • Members
  • 2,535 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Mexico, USA
  • Local time:10:26 AM

Posted 01 March 2018 - 06:47 PM

^^^^^ Thanks, I never heard of a malicious PDF and I have been collecting them for about 15 years. I have quite the collection, all obtained for free.


594965_zpsp5exvyzm.png


#9 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 6,822 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:12:26 PM

Posted 01 March 2018 - 07:37 PM

I just want to make clear that I was discussing PDF books only.  I agree with all responders that these days it's exceedingly rare to even hear of an infection delivered by PDF.  I certainly haven't heard of that delivery mechanism in a number of years.

 

I have a massive collection of PDF documents, but none of which were obtained in a way that would defraud anyone.

 

books.google.com houses an incredibly huge, and constantly getting "huger," library of books and I think downloadable PDF is one of the formats for almost all of them.


Brian  AKA  Bri the Tech Guy (my website address is in my profile) Windows 10 Home, 64-bit, Version 1709, Build 16299

       

    Here is a test to find out whether your mission in life is complete.  If you’re alive, it isn’t.
             ~ Lauren Bacall
              

 


#10 rp88

rp88

  • Members
  • 2,937 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:26 PM

Posted 02 March 2018 - 06:45 PM

If you make sure to use a pdf reader with only minimal features (like the one built into firefox or chrome) or other really basic ones like the default one installed on linux ubuntu and mint, then most exploits won't be able to run anyway. The exploits generally depend on their vitcims having a pdf reader (almost always specifically adobe reader or acrobat) with a big advanced feature set of the kind which will more or less try to treat the contents of a pdf as executable code in a macro like fashion, it's because of these advanced features that pdf (most) pdf exploits can exist at all. Any suspect pdf can be uploaded to virustotal for more information, and there are also some tricks whereby if you try to open a pdf using a text editor (notepad or such) you can look at it's text and some of the REALLY common dangerous exploits could be detected wth a keyword search, but just because you can't see such things with a keyword search doesn't mean they are not in there, they could be obfuscated.

Edited by rp88, 02 March 2018 - 06:47 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#11 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 6,822 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:12:26 PM

Posted 02 March 2018 - 07:28 PM

These days, with automatic scan upon download being a part of virtually any antivirus/security suite I can name, the risk of infection from most files either sent as e-mail attachments or directly downloaded has become far more remote than it has been at virtually any time in cyber-history.

 

It's not that the risk is ever zero, but there are far better things to worry about (such as one's browsing and clicking habits) if you've got a decent antivirus/antimalware scanner that runs on each and every file and e-mail message (including attachments) as they are downloaded to your computer.

 

I've said it before and I'll say it again, most infections are the direct result of a user doing something that opens the door and invites them in.  Using even a moderate degree of care and circumspection about what you are downloading and where you're downloading it from is excellent protection from the most common forms of infection.


Brian  AKA  Bri the Tech Guy (my website address is in my profile) Windows 10 Home, 64-bit, Version 1709, Build 16299

       

    Here is a test to find out whether your mission in life is complete.  If you’re alive, it isn’t.
             ~ Lauren Bacall
              

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users