[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] pdf with tor



mtsio writes:

> If you to Preferences->Applications->Portable Document Format there is
> the option 'Preview in Tor Browser' that opens the PDF without opening
> an external application. What's the problem with that?

There are two kinds of risks that lead to the suggestion not to view
documents like PDFs inside your Tor Browser (or even not on the same
machine) -- exploits and IP address leaks.

The first risk is that sometimes there are software bugs in application
and viewer software that would allow someone who knew about the bugs
to take over your computer by constructing an invalid input file that
exploits the bug and then getting you to render the file.  So in that
case, someone could, for example, make an invalid PDF that exploits a
bug in the PDF renderer in your browser, and get you to view it somehow,
and then take over the browser.

The other is that many formats can cause software to make Internet
requests (for example, it's possible to embed image links in a Word
document so that a Word viewer will go and download those images).
Here, the concern is that if the software makes some kind of network
request when displaying the document, whoever is on the other end may
see that request coming directly over the Internet -- not via Tor --
and connect the request with your Tor activity.

So, some cautious Tor users advise copying all downloaded files onto
a different computer that's not connected to the Internet, or at least
inside of a virtual machine with no direct Internet access, and viewing
them there.

I don't know of specific cases in which people have deliberately used
these approaches to identify anonymous Tor users, but it's something
that's been discussed, and there _is_ a high rate of malware and tracking
links hidden inside e-mail attachments.  I liked the anecdote (which
I've seen in a few places) that Tibetan Buddhists who've received a lot
of malware are now practicing a new "non-attachment principle".

https://www.yahoo.com/tech/hit-by-cyberattacks-tibetan-monks-learn-to-be-wary-of-102361885314.html

-- 
Seth Schoen  <schoen@eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk