On Wed, 2015-02-11 at 09:27 -0500, James B. Byrne wrote: > Most phishing sites do not resemble anything like what one might > expect. That is why they work. Truly, with network security you > really, really have to develop a pathological paranoia about files > with unknown origins or you might as well give up on security at all. > > PDFs are known vectors for malware. They have been exploited in the > past and no doubt will be exploited in the future. A PDF file is a > postscript computer language program with embedded data. Nothing > more. But nothing less either. Given the network awareness of some > pdf reader software they are also potential data leaks and web > beacons. > > That said, I readily admit that the risk posed by this particular > example is low. But, it is not zero. And depending upon the platform > the file is copied to any non-zero risk, no matter how small, may be > too much. > > I might put such a file on a stand-alone laptop but I would never put > it on anything that connected to my networks. I certainly would not > place it on anything that did not possess a fairly robustly > constructed firewall with strict limits on outgoing traffic. > I viewed the Russian site from a machine with *NO* network connections. I sincerely appreciate your well articulated concerns and thank you for them. I am certain others reading your posting will now be increasing aware of the constant dangers which await everyone. In my experience a major method of compromising machines is to send naive users an email from Amazon, Ebay, their bank - and in the last few days from all around the world from "amoricanexpress.com" - instructing the recipient to urgently open the accompanying .zip and read the message. Our incoming mail filtering (implemented on Exim) removes more than 99% of spam and crap. Our servers yesterday accepted the first junk mail of this year. It was deleted not read. -- Regards, Paul. England, EU. Je suis Charlie.