Protecting Yourself from PDFs

img_2015-03-25_PDF

SECURITY

Recently a user contacted me with a question on how best to protect himself from PDFs of unknown origin that may have malicious payloads. He had found a PDF on a topic he was researching but as he did not know or trust the site he was concerned about exposing his own device to potential nastiness.

The goal was to provide a method for the user to view the PDF in a safe environment and save the PDF so he can reference it later while also being able to send the file to his colleagues without fear that they might infect their own devices. In short, he needed a secure, safe version of the file he was looking at so he could share with others.

With a traditional web browser when a PDF is rendered, the local device is exposed to any malicious payload that exists within the file. In addition, when a user downloads the PDF and chooses to send the file to another user, they are potentially sending something malicious out, exposing their recipient to any harm that may come from the file. Who wants to be the person that sends others virus filled files?

With Toolbox, a user is safe from any risk of infection. If they find a PDF they want to view, the file can be rendered and executed within Toolbox safely as the sandbox environment protects their local device from any nastiness associated with the file. So now our user is able to view the PDF securely but what if he wants to share the content with others?

By choosing to Save the PDF, only the portion of the file that is rendered in the browser which is benign, is saved to a new clean PDF in Authentic8’s virtual file system. Our user can then move the file to an online file repository such as Google Drive or DropBox and share the file safely and securely with other users.

What if our user wanted to share the original PDF with its potential malicious payload? How can he do so without risking infection of his device? By choosing to Download the PDF, the original file is downloaded to the virtual file system and can then be shared via an online file repository, warts and all.

In the past, accessing potentially malicious content via the traditional browser exposed the user, their devices and even their colleagues to risk of infection. Tools such as Silo and Toolbox help users to stay focused and conduct their research and investigation without worrying about risk mitigation.