[CentOS] Another Fedora decision

Wed Feb 11 14:27:13 UTC 2015
James B. Byrne <byrnejb at harte-lyne.ca>

On Tue, February 10, 2015 18:28, Always Learning wrote:
>
> 3. The Russian's web site is that of a devote cyclist. Most of the
> films on his web site are of cycling or about cycling. Most of the
> oldish PDF files are about Linux and in Russian. I do not consider
> his site presents a malicious danger to me.

Most phishing sites do not resemble anything like what one might
expect.  That is why they work.  Truly, with network security you
really, really have to develop a pathological paranoia about files
with unknown origins or you might as well give up on security at all.

PDFs are known vectors for malware.  They have been exploited in the
past and no doubt will be exploited in the future.  A PDF file is a
postscript computer language program with embedded data.  Nothing
more.  But nothing less either.  Given the network awareness of some
pdf reader software they are also potential data leaks and web
beacons.

That said, I readily admit that the risk posed by this particular
example is low.  But, it is not zero.  And depending upon the platform
the file is copied to any non-zero risk, no matter how small, may be
too much.

I might put such a file on a stand-alone laptop but I would never put
it on anything that connected to my networks. I certainly would not
place it on anything that did not possess a fairly robustly
constructed firewall with strict limits on outgoing traffic.


-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3