pdf’s increasingly flagged as ‘dangerous’

[DiogenesIIParticipant @diogenesii]

I'm noticing an increasing number of pdf's are being flagged up by Firefox as 'dangerous' – apparently arising from an 'insecure connection and at risk of being tampered with', etc., with a subsequent refusal to open them.

I wondered whether this is because they represent a real, actual danger to the security of my device, or simply because of some more generic industry perception of the risk, say, that they are hosted on an 'http:' address rather than an 'https:' one?

The items are not (ever) things that one might consider carry any risk – it's prosaic stuff like the Blackgates catalogue, or 'how-to-make-piston-rings' from an American MES, that kind of thing..

PS I see that I can override the refusal to open them, and now have another copy of the Blackgates Catalogue – I can still see how more careful forum members might be put-off though, and I'd still like to know what the real risk is, if anyone has a view…

Edited By DiogenesII on 26/10/2021 09:02:57

[DiogenesIIParticipant @diogenesii]

..what are the risks?

[Frances IoMParticipant @francesiom58905]

most I think are because they are http rather than the latest https – for those on landlines it is highly unlikely that the link will be tampered with (ie be insecure) but for those using mobile phones via base stations in cafes etc that will not be the case – Firefox has become much more link security conscious recently

[Nick Clarke 3Participant @nickclarke3]

PDFs can include Javascript and a hacker can add malicious code to this without affecting the look of the documents, so if you are uncertain of the source you may need to pay attention to Firefox.

Confusingly, in my personal experience, there can be false positives as well.

Edited By Nick Clarke 3 on 26/10/2021 09:08:21

[Michael GilliganParticipant @michaelgilligan61133]

Years ago, there was an insistence by some Government departments that Contractual bids would only be submitted in PDF … because it was ‘incorruptible’ and could be considered a definitive document.

This is drivel.

PDFs can be edited and can carry a payload.

Most PDFs are innocent … but the bad guys are very clever, and the risk is real.

MichaelG.

[DiogenesIIParticipant @diogenesii]

Gosh, you lot are quick this morning!

I will exercise some judgement and circumspection

[SillyOldDufferModerator @sillyoldduffer]

Posted by Frances IoM on 26/10/2021 09:07:27:
most I think are because they are http rather than the latest https – for those on landlines it is highly unlikely that the link will be tampered with (ie be insecure) but for those using mobile phones via base stations in cafes etc that will not be the case – Firefox has become much more link security conscious recently

All true but I hope no-one assumes landlines are safe!

HTTP is a clear signal to hackers that a website is vulnerable. HTTP indicates laziness, incompetence or shortage of cash, leading to outdated software and a history of poor maintenance. Hackers take close interest in such sites because they often have multiple security weaknesses that can be used to deliver a wide variety of nastiness to end users. Although landline links can't be tampered with the source could already be compromised.

PDFs are just one of many web content containers that can be got at by the bad guys. Firefox are warning that the whole website could be untrustworthy. Who owns the website and why is it still using HTTP?

Good security relies on vigilant users as well as technology. My advice, don't ignore warnings unless the risk is understood. In particular never spend money or give private details to an HTTP website.

Dave

[Ady1Participant @ady1]

As mentioned its the http https things

I have downloaded around 2 Terrabytes of PDFs and never had a problem

[DiogenesIIParticipant @diogenesii]

Posted by Ady1 on 26/10/2021 13:54:54:

As mentioned its the http https things

I have downloaded around 2 Terrabytes of PDFs and never had a problem

Well, yes, likewise – but now I'm getting red-letters from Firefox telling me a personal e-armageddon awaits if I do, from some sites, I was just wondering whether it was a real thing, or no..

..it's surprising some of the 'names' that we all use, that still use not-secure sites..

[OldironParticipant @oldiron]

I use FF and get the occasional warning. I download the PDF's as they are all scanned by Malwarebytes and Windows Security Essentials. All so far have been clean. I realise that there could be a threat with http so only download from known sources when I can. FF gives warnings on quite a few sites these days especially if you are looking for drivers or free software. I downloaded a BIOS update last week and got a warning that the site was potentialy dangerous. The site was Asus,com which is one of the leading OEM pc parts manufacturers. It pays to be mindfull at all times.

regards

[Author]

Posts