On 19/06/2025 22:18, David Paste wrote:

Hello, anyone know anything about this, specifically other than changing passwords, how to protect yourself?

You are better protected if you:

Use unique randomly generated passwords for every site / account / login
etc.;

Never reuse credentials;

Enable 2FA where it is available;

Delete accounts on services where they are no longer needed;

Take great care to not get phished, and not allow session stealing[1]
malware onto your platforms and possibly also force segregation between
malware vectors and computers that are logged into sensitive or
particularly valuable online resources[2].

[1] Normally when you login to a site, that site will jump through
whatever security process is required to confirm you have access, and
then set cookies in the web browser to cache the results of that authentication. That saves you having to re-authenticated with every
single click on the site - it "remembers" that you are authenticated. So session stealing malware will attempt to grab those cookies and
exfiltrate them. It allows an attacker to make it look like not only are
they you, but also that "you" have already passed authentication and are
logged in - on *their* computer.

[2] A risk is that in addition to being logged into the "valuable" web
site, the user will use the same computer for other work - say for
example handling email. That can be dangerous, since it is a vector for
malware delivery (either directly, or by social engineering). So by
keeping those activities running in their own separate VMs (or on
separate physical machines) you can lower the risk.

Apparently it's a "datastealer" thing (I've no idea) so are these
covered in the standard Winows Security scans?

A data stealer can be the actual malware that lifts info from an
individual end user's computer, but could also be something that lifts
large bocks of data from databases or other online storage "bins" that
have been left unprotected. Sadly something that is all too common.
Someone develops a web site that depends on a back end database for
storing user data, login credentials etc, and hosts that on a cloud
platform like AWS. They *should* setup robust security to control who
has access to it, but frequently don't because they have implemented
their "security" in the web application, forgetting that bad actors
might choose to just ignore their web app, and try taking directly to
the database sever itself, or perhaps even the file system that hosts
its database file.

Needless to say a compromised database can yield millions or billions of
login credentials (or at least partial ones) in one hit.

Stolen lists also get placed on popular hacker forums etc (known as
"pastes"), and those will often get aggregated into other collections
and made available to those looking for some mischief.

What about Linux - does that need anti-virus scans and whatnot? (Hoping
The Natural Philosopher responds to that bit)

Many hacked web resources are running on linux platforms; so the
platform itself is not invulnerable to poor security practice.

On the desktop it is a less popular target, due to lack market share,
but there are sill risks.

(plus most Mac and Linix users are in denial!)

The biggest risk is that there will be a web site out there that you
signed up for, that has been hacked since. There will also be data
aggregators that held information about you that have been hacked and
your personal data lifted. Alas there is nothing you can do directly to
stop that loss, all you can do it make what is lost less "re-useable".

It can be quite informative to slap an email address into:

https://haveibeenpwned.com/

and it will tell you which known data breaches include that address. You
can also check how often particular passwords turn up:

"Oh no — pwned!

This password has been seen 21,690,062 times before in data breaches! "

Can you guess the password I entered?

(and yes the site is legit, but don't take my word for it!)

Loads more info on breaches etc here:

https://haveibeenpwned.com/FAQs



--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 6/19/2025 5:18 PM, David Paste wrote:

Hello, anyone know anything about this, specifically other than changing passwords, how to protect yourself?

Apparently it's a "datastealer" thing (I've no idea) so are these covered in the standard Winows Security scans?

What about Linux - does that need anti-virus scans and whatnot? (Hoping The Natural Philosopher responds to that bit)

Thanks all.

It's a weapons test.

You don't put that many passwords in a file,
unless you're sending a message.

The Dark Web would choose to sell these passwords in smaller sets, to
extract more value from them.

It could be a series of store exploits. Apple Store, Google Play Store, Microsoft Store, Linux supply chain exploit. That's a lot of activity,
to not be detected.

It could be a TLS exploit (unmasking of all trunked traffic).

It could be a DOH exploit (something involving a novel setting
on a web browser). Maybe the odd bit of traffic is directed
to a thru-node.

A systematic exploit is a more reasonable assumption than an attack
on four supply lines for programs without being detected.

Air gapping your machine, should make it safe (for some value of <snicker> ).

Until they tell us "how", we can't buy our way out of this.

We've known for decades, that DNS is broken. That's bad enough.

The Internet is not a very trustworthy place, because it was
never designed for this. The facilities we have, are bandaids.
A lot of "trust" was involved in the haphazard design of the Internet.

we'll know how to protect ourselves, when a followup news article appears.

Is it a quantum attack ? Unlikely. (crypto factoring via quantum computers)

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 19/06/2025 22:18, David Paste wrote:

Hello, anyone know anything about this, specifically other than changing passwords, how to protect yourself?

Apparently it's a "datastealer" thing (I've no idea) so are these
covered in the standard Winows Security scans?

What about Linux - does that need anti-virus scans and whatnot? (Hoping
The Natural Philosopher responds to that bit)

Thanks all.

When I ran Windows (NT, XP, 7) I used antivirus programs. Never found
anything.

I've been running Linux (Ubuntu for a couple of years, Mint for 8+). I
don't use an antivirus program. This thread is three years old, but is
worth a read:
<https://forums.linuxmint.com/viewtopic.php?t=368337>

--
Jeff

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 03:05, Paul wrote:

What about Linux - does that need anti-virus scans and whatnot? (Hoping The Natural Philosopher responds to that bit)

Obviously its technically possible to design a virus for linux, but each
distro is different enough to make it hard, and there are not that many
Linux desktops out there to make it that worth while.

I've never used a virus scanner on any linux and as far as I know not
caught any malware.

As far as passwords go I have a two tier approach. Passwords that it
would be inconvenient to have hacked but not in any way disastrous are
stored in browser.

Very sensitive passwords (to do with money) are kept *only* in my master password application, that requires a password to decrypt it.

--
"When one man dies it's a tragedy. When thousands die it's statistics."

Josef Stalin

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF attachment. You know, one of these tricks. The email, naturally, says "GoDaddy Domain Renewal".

bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?


--
When plunder becomes a way of life for a group of men in a society, over
the course of time they create for themselves a legal system that
authorizes it and a moral code that glorifies it.

Frédéric Bastiat

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 6/20/2025 4:48 AM, Jeff Layman wrote:

On 19/06/2025 22:18, David Paste wrote:

Hello, anyone know anything about this, specifically other than changing
passwords, how to protect yourself?

Apparently it's a "datastealer" thing (I've no idea) so are these
covered in the standard Winows Security scans?

What about Linux - does that need anti-virus scans and whatnot? (Hoping
The Natural Philosopher responds to that bit)

Thanks all.

When I ran Windows (NT, XP, 7) I used antivirus programs. Never found anything.

I've been running Linux (Ubuntu for a couple of years, Mint for 8+). I don't use an antivirus program. This thread is three years old, but is worth a read:
<https://forums.linuxmint.com/viewtopic.php?t=368337>

Never used an AV on WinXP, then one day got tipped
over while using a browser. It was a redirection attack,
where a commercial site had something planted at top level,
to send you off to another site, and somewhere in the 200 windows
that opened, was an exploit that worked against the OS.

On the third boot of a Kaspersky trialware, the pest was gone.
I got a subscription for one year to Kaspersky, but it was annoying
enough from a behavior perspective, to not renew. Generally speaking,
I think the Kaspersky was pretty good, but some cosmetic issues
(a lot of dialogs opening all the time), meant I would not keep
using it.

W8/W10/W11 had the Microsoft product. W7 had an antispyware
from Microsoft, and that's not the same thing as the later AV.

The Windows AV can slow the PC down. If you run hashdeep over your
C: drive, to generate "checksums", it runs at 1/8th the normal
speed when the Windows Defender is running.

The notion of an "infostealer", I don't know if any of the OSes
have a specific protection for that. First we start with Wikipedia

https://en.wikipedia.org/wiki/Infostealer

"it is spread to target victim machines using various social engineering
techniques. Phishing, including spear phishing campaigns that target
specific victims, is commonly employed. Infostealers are commonly embedded
in email attachments or malicious links that link to websites that perform
drive-by downloads.[2][4] Additionally, they are often bundled with
compromised or malicious browser extensions, infected game cheating
packages, and pirated or otherwise compromised software."

But that can't be what happened this time, because 16 billion passwords
are involved. Spear phishing only works on a limited set of people
who have a "profile".

As an example, a USENETter used to have his own website. He was a small business
man, selling a particular electronics device that could withstand high temperatures. To have a web site, he purchased a domain from GoDaddy.
He did not stealth his personal details when filling out the domain info.
For example, one option is to not show your personal email address.
His email address was showing.

A Black Hat, sent him a fake email with what looked like a PDF attachment.
You know, one of these tricks. The email, naturally, says "GoDaddy Domain Renewal".

bill.pdf.exe

As soon as the USENETter saw the attachment, he double clicked. The
entire room of computers, was wiped out by ransomware. (It meant there
was a worm in the ransomware, that worked on the old/unpatched OSes he
was running.)

That's an example of phishing. Nobody is immune to phishing, if the
"bait" is of good quality and design. But you can see that, even
when victims are available in bulk (just scan the GoDaddy database
and reel the suckers in), it still takes a lot of human resources
to do these sorts of things. Onesy-twosy attacks yield $20 lots of passwords. This is 16 billion passwords, and implies another vector, with a much
wider distribution, was used.

This is one of the reasons, for a time, sending ransomware to the
"little people" stopped. Because it was costing too much, to offer
email service to the people stuck with the ransomware. The red rectangle
could give you a contact on the screen, and you could write to the person
and try to barter down the ransom.

The infostealer in this case, must be "something that works everywhere",
in order that 30 lots of passwords is the result.

But until they tell us the actual vector, there's no point in
getting worked into a lather. Just your general OPSEC, says more
about you than anything else. I've dealt with people who cannot
resist clicking blue AdChoice boxes. You can tell them not to
do that all you want, but they'll keep doing it. Some people know
their limitations in respect of this, and they use an unelevated
account, plus installing a raft of AVs and such, as a compensation
for all the evil stuff they will be clicking on :-) Which is a pretty
unique response to a bad habit.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 10:41, The Natural Philosopher wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF
attachment.
You know, one of these tricks. The email, naturally, says "GoDaddy
Domain Renewal".

     bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

All the people who run windows and hide the file extension :)

--
mailto : news {at} admac {dot} myzen {dot} co {dot} uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 20 Jun 2025 10:41:32 +0100
The Natural Philosopher <[email protected]d> wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF
attachment. You know, one of these tricks. The email, naturally,
says "GoDaddy Domain Renewal".

bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

A fair number of domestic Windows users, I'd have thought, and they will
all be running with Administrator rights because that's how the first
Windows user is configured. Business computers are generally secured
against running random .exe files and users don't have many privileges.
Note that by default Windows does not show the user the file extension,
so many users won't even know it's an .exe file.

There's not actually any problem about writing Linux viruses and worms,
but few Linux users (before Ubuntu and friends) run with root
privileges, and there aren't really enough Linux desktop users to allow
malware to spread. Certainly there are few Linux desktops in business
use, where the rewards are.

--
Joe

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 19/06/2025 22:18, David Paste wrote:

Hello, anyone know anything about this, specifically other than changing passwords, how to protect yourself?

Apparently it's a "datastealer" thing (I've no idea) so are these
covered in the standard Winows Security scans?

What about Linux - does that need anti-virus scans and whatnot? (Hoping
The Natural Philosopher responds to that bit)

I would hope that people likely to be affected would be warned by the
suppliers of the relevant software to change their passwords.

I don't suppose they will, though.

--
Max Demian

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 10:41, The Natural Philosopher wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF
attachment.
You know, one of these tricks. The email, naturally, says "GoDaddy
Domain Renewal".

     bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

some e-mail programs hide the ".exe" .....

Dave

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 13:22, David Wade wrote:

On 20/06/2025 10:41, The Natural Philosopher wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF
attachment.
You know, one of these tricks. The email, naturally, says "GoDaddy
Domain Renewal".

     bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

some e-mail programs hide the ".exe" .....

Dave

M$soft 'our users are too stupid to understand shit, so lets make it
easier to hack them'

--
Climate Change: Socialism wearing a lab coat.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

John Rumm wrote:

On 19/06/2025 22:18, David Paste wrote:

Hello, anyone know anything about this, specifically other than
changing passwords, how to protect yourself?

You are better protected if you:

Use unique randomly generated passwords for every site / account / login etc.;

Never reuse credentials;

Enable 2FA where it is available;

Delete accounts on services where they are no longer needed;

Take great care to not get phished, and not allow session stealing[1]
malware onto your platforms and possibly also force segregation between malware vectors and computers that are logged into sensitive or
particularly valuable online resources[2].

[1] Normally when you login to a site, that site will jump through
whatever security process is required to confirm you have access, and
then set cookies in the web browser to cache the results of that authentication. That saves you having to re-authenticated with every
single click on the site - it "remembers" that you are authenticated. So session stealing malware will attempt to grab those cookies and
exfiltrate them. It allows an attacker to make it look like not only are
they you, but also that "you" have already passed authentication and are
 logged in - on *their* computer.

[2] A risk is that in addition to being logged into the "valuable" web
site, the user will use the same computer for other work - say for
example handling email. That can be dangerous, since it is a vector for malware delivery (either directly, or by social engineering). So by
keeping those activities running in their own separate VMs (or on
separate physical machines) you can lower the risk.

Apparently it's a "datastealer" thing (I've no idea) so are these
covered in the standard Winows Security scans?

A data stealer can be the actual malware that lifts info from an
individual end user's computer, but could also be something that lifts
large bocks of data from databases or other online storage "bins" that
have been left unprotected. Sadly something that is all too common.
Someone develops a web site that depends on a back end database for
storing user data, login credentials etc, and hosts that on a cloud
platform like AWS. They *should* setup robust security to control who
has access to it, but frequently don't because they have implemented
their "security" in the web application, forgetting that bad actors
might choose to just ignore their web app, and try taking directly to
the database sever itself, or perhaps even the file system that hosts
its database file.

Needless to say a compromised database can yield millions or billions of login credentials (or at least partial ones) in one hit.

Stolen lists also get placed on popular hacker forums etc (known as "pastes"), and those will often get aggregated into other collections
and made available to those looking for some mischief.

What about Linux - does that need anti-virus scans and whatnot?
(Hoping The Natural Philosopher responds to that bit)

Many hacked web resources are running on linux platforms; so the
platform itself is not invulnerable to poor security practice.

On the desktop it is a less popular target, due to lack market share,
but there are sill risks.

(plus most Mac and Linix users are in denial!)

The biggest risk is that there will be a web site out there that you
signed up for, that has been hacked since. There will also be data aggregators that held information about you that have been hacked and
your personal data lifted. Alas there is nothing you can do directly to
stop that loss, all you can do it make what is lost less "re-useable".

It can be quite informative to slap an email address into:

https://haveibeenpwned.com/

and it will tell you which known data breaches include that address. You
can also check how often particular passwords turn up:

"Oh no — pwned!

This password has been seen 21,690,062 times before in data breaches! "

Can you guess the password I entered?

(and yes the site is legit, but don't take my word for it!)

Loads more info on breaches etc here:

https://haveibeenpwned.com/FAQs

I would love to check some of my passwords but don't have sufficient
trust that this wouldn't lead to a problem (despite what they say). It
would be useful to be able check partial passwords (or use wildcards)
because then the user could decide on their balance of risk vs the time
to search through possible hits.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 13:22, David Wade wrote:

On 20/06/2025 10:41, The Natural Philosopher wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF
attachment.
You know, one of these tricks. The email, naturally, says "GoDaddy
Domain Renewal".

     bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

some e-mail programs hide the ".exe" .....

Even if the .exe isn't hidden, a good way of "hiding" it is to name the
file something like "interesting.pdf .exe".
with a number of spaces in front of the .exe, so that the true extension becomes invisible.

--
Jeff

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 6/20/2025 5:41 AM, The Natural Philosopher wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF attachment. >> You know, one of these tricks. The email, naturally, says "GoDaddy Domain Renewal".

     bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

The Windows OS default setting, is to hide extensions

bill # These files have different icons, but bill.pdf is not shown
bill # Whereas this one could be a white rectangle of an icon and is bill.exe

Email tools will have their own policies.

The idea was just to show, that if reasonably crafted ("looks like a bill, smells like a bill"),
a person could be in a rush to see what the bill is this year. And when you work for the bomb squad, you just can't be in a rush. Attachments present ? Slow down. Don't be in a rush.

But in order to "align" a few billion people with some "bait", that
is a lot of work, and is unlikely to be the mechanism for all this material. But we know that the various "Stores", have had class attacks, where say
twenty Apps will all contain the same exploit and didn't get caught
and curated away. Usually the download count for items like that
is "a few million".

Whatever is going on, it has to be something more systematic than this.

*******

Computer users should know, that PDF has Javascript.

The Javascript should be turned off in the Acrobat settings, as that is a vector for mischief.

The Javascript can even be obfuscated -- examination with a hex editor
or a text editor, will not show it. The document opens, "unpacks itself", and then the Javascript can be run. It is unknown to me, whether an
AV uses a sandbox and actually opens a PDF, to watch heuristically
for abnormal behavior.

PDF as a format, did not start off life "armed to the teeth". But
via extending the format, today it's more dangerous than it was
in the past.

Turn off the Acrobat Javascript, until you actually need it enabled.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 20 Jun 2025 15:45:18 +0100
Max Demian <[email protected]> wrote:

On 19/06/2025 22:18, David Paste wrote:

Hello, anyone know anything about this, specifically other than
changing passwords, how to protect yourself?

Apparently it's a "datastealer" thing (I've no idea) so are these
covered in the standard Winows Security scans?

What about Linux - does that need anti-virus scans and whatnot?
(Hoping The Natural Philosopher responds to that bit)

I would hope that people likely to be affected would be warned by the suppliers of the relevant software to change their passwords.

I don't suppose they will, though.

I'd be interested to know which idiots still store their users'
credentials in plaintext form, or else what kind of hashing they use
which is of insufficient strength. Even with the computer power being
assembled today for AI, cracking 16 billion decently strong hashes must
be an end-of-the-universe job, or at least it should be.

--
Joe

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 10:41, The Natural Philosopher wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF
attachment.
You know, one of these tricks. The email, naturally, says "GoDaddy
Domain Renewal".

     bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

With the default settings you would not see the file extension...

--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 17:01, No mail wrote:

John Rumm wrote:

On 19/06/2025 22:18, David Paste wrote:

Hello, anyone know anything about this, specifically other than
changing passwords, how to protect yourself?

It can be quite informative to slap an email address into:

https://haveibeenpwned.com/

and it will tell you which known data breaches include that address.
You can also check how often particular passwords turn up:

"Oh no — pwned!

This password has been seen 21,690,062 times before in data breaches! "

Can you guess the password I entered?

(and yes the site is legit, but don't take my word for it!)

Loads more info on breaches etc here:

https://haveibeenpwned.com/FAQs

I would love to check some of my passwords but don't have sufficient
trust that this wouldn't lead to a problem (despite what they say).

Well a password on its own is not much use, even if they were doing
something underhand.


--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 20:06, Joe wrote:

On Fri, 20 Jun 2025 15:45:18 +0100
Max Demian <[email protected]> wrote:

On 19/06/2025 22:18, David Paste wrote:

Hello, anyone know anything about this, specifically other than
changing passwords, how to protect yourself?

Apparently it's a "datastealer" thing (I've no idea) so are these
covered in the standard Winows Security scans?

What about Linux - does that need anti-virus scans and whatnot?
(Hoping The Natural Philosopher responds to that bit)

I would hope that people likely to be affected would be warned by the
suppliers of the relevant software to change their passwords.

I don't suppose they will, though.

I'd be interested to know which idiots still store their users'
credentials in plaintext form, or else what kind of hashing they use
which is of insufficient strength. Even with the computer power being assembled today for AI, cracking 16 billion decently strong hashes must
be an end-of-the-universe job, or at least it should be.

Many passwords are of insufficient complexity, and also consist largely
of dictionary words, so can be relatively easy match to their hashes
using rainbow tables.

Best practice would also "salt" the passwords before hashing (i.e.
adding random extra text to the plaintext password, then storing that
salt with the password) to nullify the efficiency gains from the use of pre-computed rainbow tables, but it only takes poor security practice
one one web compromised web site to allow a set of credentials to be
decoded. In itself not a problem unless poor security practice by the
user results in that same set being used more than once.

Also keep in mind that not all attacks will require cracking passwords. Phishing attacks, key loggers, "Man in the Middle" attacks etc will
capture plain text passwords in the first place.

--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

--
Renewable energy: Expensive solutions that don't work to a problem that
doesn't exist instituted by self legalising protection rackets that
don't protect, masquerading as public servants who don't serve the public.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 20:06, Joe wrote:

I'd be interested to know which idiots still store their users'
credentials in plaintext form, or else what kind of hashing they use
which is of insufficient strength.

Exactly.
Programmers today are ArtStudents™. Not software engineers. They are
lazy sloppy, vain and driven by management who wants the job done at
minimal cost.


--
Renewable energy: Expensive solutions that don't work to a problem that
doesn't exist instituted by self legalising protection rackets that
don't protect, masquerading as public servants who don't serve the public.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 20 Jun 2025 11:52:31 +0100, alan_m <[email protected]>
wrote:

On 20/06/2025 10:41, The Natural Philosopher wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF
attachment.
You know, one of these tricks. The email, naturally, says "GoDaddy
Domain Renewal".

     bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

All the people who run windows and hide the file extension :)

The people don't hide the extension :(

--
AnthonyL

Why ever wait to finish a job before starting the next?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 20 Jun 2025 10:41:32 +0100, The Natural Philosopher <[email protected]d> wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF attachment. >> You know, one of these tricks. The email, naturally, says "GoDaddy Domain Renewal".

bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

The innocents who trust the OS even though the extension is by default
hidden. What OS would be stupid enough to do that?


--
AnthonyL

Why ever wait to finish a job before starting the next?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21/06/2025 13:24, AnthonyL wrote:

On Fri, 20 Jun 2025 10:41:32 +0100, The Natural Philosopher <[email protected]d> wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF attachment. >>> You know, one of these tricks. The email, naturally, says "GoDaddy Domain Renewal".

bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

The innocents who trust the OS even though the extension is by default hidden. What OS would be stupid enough to do that?

Users do anything these days.


$ curl http://www.somewebsite.com | bash

--
Adrian C

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 6/21/2025 8:01 AM, The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

[Picture]

https://i.postimg.cc/50cTS2J9/acrobat-settings.gif

There's an awful lot of stuff about PDF that I don't know.

But as I understand it, when a government has an "intelligent input box"
in their PDF form, one that for example, validates one specific date format, the input box validation is implemented in Javascript. Thus, the "form"
box here, could be used as a trigger for the behavior. It could result
in Javascript being included. Apparently LibreOffice can export HTML
to PDF, and that can include programmatic features.

https://www.linux-magazine.com/Online/Features/PDF-Types-in-LibreOffice

Adobe bought JetForms company, some time ago. This is included in PDF
designs, but is not covered by the PDF standard. This is how, Adobe
placed some materials in the standards forum (PDF proper), while maintaining a "leg up" on the competition. Forms are handled poorly on Linux,
because of this issue (support for a JetForm not being reverse
engineered in Linux).

Summary: PDF has "a lot of crap in it". Beware!
This is NOT how PDF started out. The crap came later.
it used to be pstopdf and you were done (simple input, simple output).

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 6/21/2025 10:16 AM, Paul wrote:

On Sat, 6/21/2025 8:01 AM, The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

The Wiki has info on this too.

https://en.wikipedia.org/wiki/PDF

"Some of these vulnerabilities are a result of badly written PDF readers
mishandling JavaScript embedded in the PDF file.

Disabling JavaScript execution in the PDF reader can help mitigate such
future exploits, although it does not protect against exploits in other
parts of the PDF viewing software.

Some security experts say that JavaScript is not essential for a PDF reader
and that the security benefit that comes from disabling JavaScript
outweighs any compatibility issues caused.[70]
"

My Javascript tick box has been cleared, for some years.

As the article mentions, you can also have cases where a PDF is
automatically opened by your browser. It may require MIME type
action editing, to stop such responses ("Save As" instead of "Open").
The automatic opening of a PDF is an attack surface, mainly as
I've never seen a discussion about how good an AV is about
recognizing issues with PDF. At least you're not running the
web browser as root :-)

Individual applications can have crude malware protection.
I found some code in Firefox source, which appears to be
stack-smashing protection. Even the application developers
are getting into the act.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 6/20/2025 6:52 AM, alan_m wrote:

On 20/06/2025 10:41, The Natural Philosopher wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF attachment. >>> You know, one of these tricks. The email, naturally, says "GoDaddy Domain Renewal".

     bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

All the people who run windows and hide the file extension :)

It's the default (Hide File Extension).

It's one of the first things I have to fix after an install.

Yes, a small percentage of Windows users know about this,
but sometimes you detect that a user hasn't fixed it, because
they are asking questions about "files that seemingly don't
have an extension" :-)

"How do I open Bill ? This is my folder

Bill
Bill
"

As a side note, Windows is normally case-insensitive, but
you can also switch on case sensitivity. Then this is allowed.
Normally, if a Windows user saw this, they'd freak out.
Case-insensitive would stop you from doing this, as the
second file with that name would claim to be about to
overwrite the first one. With case-sensitivity enabled,
you can do this.

bill.txt
Bill.txt

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/06/2025 16:27, The Natural Philosopher wrote:

M$soft 'our users are too stupid to understand shit, so lets make it
easier to hack them'

They seem to understand their customers pretty well. That's why 2/3rds
of computers (as opposed to 'phones) run their stuff.

<https://en.wikipedia.org/wiki/Usage_share_of_operating_systems>

Andy

--
Do not listen to rumour, but, if you do, do not believe it.
Ghandi.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21/06/2025 13:03, The Natural Philosopher wrote:

On 20/06/2025 20:06, Joe wrote:

I'd be interested to know which idiots still store their users'
credentials in plaintext form, or else what kind of hashing they use
which is of insufficient strength.

Exactly.
Programmers today are ArtStudents™. Not software engineers. They are
lazy sloppy, vain and driven by management who wants the job done at
minimal cost.

My feeling is that so much software is now bloatware - lets add 100
unrelated functions to something that was simple and worked and then
wonder why there are so many bugs and vulnerabilities.



--
mailto : news {at} admac {dot} myzen {dot} co {dot} uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Paul <[email protected]d> wrote:

On Fri, 6/20/2025 5:41 AM, The Natural Philosopher wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF attachment. >> You know, one of these tricks. The email, naturally, says "GoDaddy Domain Renewal".

     bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

The Windows OS default setting, is to hide extensions

bill # These files have different icons, but bill.pdf is not shown
bill # Whereas this one could be a white rectangle of an icon and is bill.exe

There's nothing to stop bill.exe containing its icon that happens to be identical to the Windows PDF file icon...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21/06/2025 17:41, alan_m wrote:

On 21/06/2025 13:03, The Natural Philosopher wrote:

On 20/06/2025 20:06, Joe wrote:

I'd be interested to know which idiots still store their users'
credentials in plaintext form, or else what kind of hashing they use
which is of insufficient strength.

Exactly.
Programmers today are ArtStudents™. Not software engineers. They are
lazy sloppy, vain and driven by management who wants the job done at
minimal cost.

My feeling is that so much software is now bloatware - lets add 100
unrelated functions to something that was simple and worked and then
wonder why there are so many bugs and vulnerabilities.

Some of that comes from code re-use. Much modern software is complex
enough that the only way to build it in a sensible time frame is to make
use of existing libraries and code bases.

This is mostly good - it saves re-inventing the wheel, and it means you
can acquire complex code (e.g. a networking stacks, or device drivers)
quickly and have a reasonable expectation that it has been well tested.

On the down side you probably get lots of functionality that you may
have no use for - but it still lurks in your code increasing bloat, and
attack surface.

--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21/06/2025 13:28, Adrian Caspersz wrote:

On 21/06/2025 13:24, AnthonyL wrote:

On Fri, 20 Jun 2025 10:41:32 +0100, The Natural Philosopher
<[email protected]d> wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF
attachment.
You know, one of these tricks. The email, naturally, says "GoDaddy
Domain Renewal".

      bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

The innocents who trust the OS even though the extension is by default
hidden.  What OS would be stupid enough to do that?

Users do anything these days.

$ curl http://www.somewebsite.com | bash

I saw some code that had exception handling round a block of code. If it
caught an exception, it fed the offending bit of code and the error
message to chatgpt, with a request for working code. It then ran an
"eval" on whatever it returned!

--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21/06/2025 20:17, John Rumm wrote:

On 21/06/2025 13:01, The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

That comes as a bit of a shock - does that mean that the invoice
pro-forma PDFs that I created that use embedded javascript to do all the sums, were just a figment of my imagination?

You can get PDF viewers that do not support or run Javascript in PDF
files. I gave up on Adobe PDF Reader years ago due to its massive,
bloated footprint and never ending security issues. Worse was any Adobe
update was enormous and took forever to run. On top of all of that it
would run JS in a PDF making it a real security issue.

I've been using evince on Linux and Windows as my primary PDF viewer for
most of the last 10 years. Works the same on Windows and Linux and is
immune to most of the Adobe poison and crap. There are some files that
don't render for which I use Sumatra PDF.

Ditch Adobe and breathe freely.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21/06/2025 20:49, mm0fmf wrote:

On 21/06/2025 20:17, John Rumm wrote:

On 21/06/2025 13:01, The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

That comes as a bit of a shock - does that mean that the invoice pro-
forma PDFs that I created that use embedded javascript to do all the
sums, were just a figment of my imagination?

You can get PDF viewers that do not support or run Javascript in PDF
files.

This is true, although PDF has been part of the PDF spec for a very long
time.

Also worth noting that it is running in a sandbox in the context of the
PDF and not on the host platform directly, so is not generally a high risk.

(and remember that PDF was built on top of PostScript - also a fully
Turing complete programming language)

I gave up on Adobe PDF Reader years ago due to its massive,
bloated footprint and never ending security issues. Worse was any Adobe update was enormous and took forever to run. On top of all of that it
would run JS in a PDF making it a real security issue.

Yup, it is a massive lumbering lump, you can't argue.

I've been using evince on Linux and Windows as my primary PDF viewer for
most of the last 10 years. Works the same on Windows and Linux and is
immune to most of the Adobe poison and crap. There are some files that
don't render for which I use Sumatra PDF.

Ditch Adobe and breathe freely.

Foxit reader is not bad either.

--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21/06/2025 13:01, The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

That comes as a bit of a shock - does that mean that the invoice
pro-forma PDFs that I created that use embedded javascript to do all the
sums, were just a figment of my imagination?


--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21/06/2025 20:49, mm0fmf wrote:

On 21/06/2025 20:17, John Rumm wrote:

On 21/06/2025 13:01, The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

That comes as a bit of a shock - does that mean that the invoice
pro-forma PDFs that I created that use embedded javascript to do all
the sums, were just a figment of my imagination?

No. It means that they were not standard PDFs,

You can get PDF viewers that do not support or run Javascript in PDF
files. I gave up on Adobe PDF Reader years ago due to its massive,
bloated footprint and never ending security issues. Worse was any Adobe update was enormous and took forever to run. On top of all of that it
would run JS in a PDF making it a real security issue.

Exactly

I've been using evince on Linux and Windows as my primary PDF viewer for
most of the last 10 years. Works the same on Windows and Linux and is
immune to most of the Adobe poison and crap. There are some files that
don't render for which I use Sumatra PDF.

Ditch Adobe and breathe freely.

Amen

--
“Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong remedies.”
― Groucho Marx

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21/06/2025 21:52, The Natural Philosopher wrote:

On 21/06/2025 20:49, mm0fmf wrote:

On 21/06/2025 20:17, John Rumm wrote:

On 21/06/2025 13:01, The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

That comes as a bit of a shock - does that mean that the invoice pro-
forma PDFs that I created that use embedded javascript to do all the
sums, were just a figment of my imagination?

No. It means that they were not standard PDFs,

You can get PDF viewers that do not support or run Javascript in PDF
files. I gave up on Adobe PDF Reader years ago due to its massive,
bloated footprint and never ending security issues. Worse was any
Adobe update was enormous and took forever to run. On top of all of
that it would run JS in a PDF making it a real security issue.

Exactly

I've been using evince on Linux and Windows as my primary PDF viewer
for most of the last 10 years. Works the same on Windows and Linux and
is immune to most of the Adobe poison and crap. There are some files
that don't render for which I use Sumatra PDF.

Ditch Adobe and breathe freely.

Amen

On windows I been using Sumatra for viewing

For Windows, if you want to manipulate PDF files see https://tools.pdf24.org/en/creator

Which is the downloadable version of
https://tools.pdf24.org/en/

--
mailto : news {at} admac {dot} myzen {dot} co {dot} uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 6/21/2025 3:49 PM, mm0fmf wrote:

On 21/06/2025 20:17, John Rumm wrote:

On 21/06/2025 13:01, The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

That comes as a bit of a shock - does that mean that the invoice pro-forma PDFs that I created that use embedded javascript to do all the sums, were just a figment of my imagination?

You can get PDF viewers that do not support or run Javascript in PDF files. I gave up on Adobe PDF Reader years ago due to its massive, bloated footprint and never ending security issues. Worse was any Adobe update was enormous and took forever to run.

On top of all of that it would run JS in a PDF making it a real security issue.

I've been using evince on Linux and Windows as my primary PDF viewer for most of the last 10 years. Works the same on Windows and Linux and is immune to most of the Adobe poison and crap. There are some files that don't render for which I use Sumatra

PDF.

Ditch Adobe and breathe freely.

https://forum.pdfsharp.net/viewtopic.php?f=2&t=4674

*************** Example of Javascript usage in a PDF *****************
%PDF-1.7
1 0 obj
<</Type /Catalog /Pages 2 0 R /OpenAction 3 0 R>>
endobj

2 0 obj
<</Type /Pages /Kids [4 0 R] /Count 1>>
endobj

3 0 obj
<</Type /Action /S /JavaScript /JS (
var user = app.response({
cQuestion: 'Enter your username',
cTitle: 'Login Required',
bPassword: false,
cLabel: 'Username:'
});
var pass = app.response({
cQuestion: 'Enter your password',
cTitle: 'Login Required',
bPassword: true,
cLabel: 'Password:'
});
var userEncoded = encodeURIComponent(user);
var passEncoded = encodeURIComponent(pass);
//var sendData = 'user' + encodeURIComponent(user) + '&pass' + encodeURIComponent(pass);
//this.submitForm({
// cURL: server + '?' + sendData,
//cSubmitAs: 'HTML'
//});

endobj

4 0 obj
<</Type /Page /Parent 2 0 R /MediaBox [0 0 612 792]>>
endobj

trailer
<</Root 1 0 R>>
%%EOF
*************** Example of Javascript usage in a PDF *****************

That's not a complete working example file, but it at
least shows how you define a Javascript object (Object #3)
inside a PDF file.

You are most likely to see this on a government form. A lot
of civilian documents don't have this. On the other hand,
travel brochures delivered as PDF are chock-full of landmines.

One form, had a Date Of Birth sanitizer, and it would
not allow you to populate the box on the form, with
anything except the correct format. Quite frustrating.

You are probably saying at this point, "Hey, my PDF doesn't
look like that in Notepad". A command like this may help.
It removes the first level of obscurity.

mutool convert -F pdf -O decompress,clean -o OUT.pdf IN.pdf

It is unlikely to render font tables as text. And embedded
images will not look "small" or "pretty" afterwards either.
But the object structure of the document may be more
apparent, after you do such a conversion.

Postscript had no checks at all in its structure. A human
could use a text editor and fix all sorts of bugs, and
Postscript would not even whimper. (You could, for example,
delete the section in PostScript that says DONT DELETE THIS SECTION.)
Whereas a PDF has "checksums and counts" to thwart humans.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 6/21/2025 1:47 PM, Theo wrote:

Paul <[email protected]d> wrote:

On Fri, 6/20/2025 5:41 AM, The Natural Philosopher wrote:

On 20/06/2025 10:35, Paul wrote:

A Black Hat, sent him a fake email with what looked like a PDF attachment. >>>> You know, one of these tricks. The email, naturally, says "GoDaddy Domain Renewal".

     bill.pdf.exe

Which wouldn't run on linux...
and who is actually stupid enough to click on a .exe file?

The Windows OS default setting, is to hide extensions

bill # These files have different icons, but bill.pdf is not shown
bill # Whereas this one could be a white rectangle of an icon and is bill.exe

There's nothing to stop bill.exe containing its icon that happens to be identical to the Windows PDF file icon...

Why Microsoft does not correct their choice of default view,
I will never know.

My eyesight isn't very good, and I can use any extra hints I can add.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Vir Campestris wrote:

They seem to understand their customers pretty well. That's why 2/3rds
of computers (as opposed to 'phones) run their stuff.

<https://en.wikipedia.org/wiki/Usage_share_of_operating_systems>

Sure companies sell lots of phones, but people working in offices tend
to use Windows ... and people *do* get caught out by the invoice.pdf.exe
trick and the sign-in here to retrieve an encrypted document trick ...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21/06/2025 21:52, The Natural Philosopher wrote:

On 21/06/2025 20:49, mm0fmf wrote:

On 21/06/2025 20:17, John Rumm wrote:

On 21/06/2025 13:01, The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

That comes as a bit of a shock - does that mean that the invoice pro-
forma PDFs that I created that use embedded javascript to do all the
sums, were just a figment of my imagination?

No. It means that they were not standard PDFs,

Panto season already :-)

Here is the standard:

https://opensource.adobe.com/dc-acrobat-sdk-docs/pdfstandards/PDF32000_2008.pdf

(you can search that for JavaScript)

You will note that the standard is an open source ISO standard these
days (has been since 2008):

https://www.iso.org/standard/51502.html

JavaScript was initially added in Acrobat 3.0 (Nov 2006), and has been
in the standard ever since.


--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

The Natural Philosopher wrote:

John Rumm wrote:

does that mean that the invoice pro-
forma PDFs that I created that use embedded javascript to do all the
sums, were just a figment of my imagination?

No. It means that they were not standard PDFs

Check whether ISO 32000-2 agrees with you on that. They call it
ECMAscript probably because of Oracle being cunts about java (even
though javascript != java)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

Unfortunately it does ...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/06/2025 16:55, Andy Burns wrote:

The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

Unfortunately it does ...

Its a proprietary Adobe extension.

I dont think any linux readers support it.
Maybe in browser rendering does.

--
"It was a lot more fun being 20 in the 70's that it is being 70 in the 20's" Joew Walsh

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/06/2025 19:28, The Natural Philosopher wrote:

On 22/06/2025 16:55, Andy Burns wrote:

The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

Unfortunately it does ...

Its a proprietary Adobe extension.

Until 2008 PDF in its entirety was an propitiatory Adobe creation and specification. It was adopted as an ISO standard in 2008. It had JS
then, and has it now.

I dont think any linux readers support  it.

https://www.qoppa.com/pdfstudioviewer/

Maybe in browser rendering does.

All of them I would expect - firfox and anything Chromium based certainly.


--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/06/2025 21:47, David Paste wrote:

On 20/06/2025 09:54, The Natural Philosopher wrote:

On 20/06/2025 03:05, Paul wrote:

What about Linux - does that need anti-virus scans and whatnot?
(Hoping The Natural Philosopher responds to that bit)

Obviously its technically possible to design a virus for linux, but
each distro is different enough to make it hard, and there are not
that many Linux desktops out there to make it that worth while.

I've never used a virus scanner on any linux and as far as I know not
caught any malware.

As far as passwords go I have a two tier approach.  Passwords that it
would be inconvenient to have hacked but not in any way disastrous are
stored in browser.

Very sensitive passwords (to do with money) are kept *only* in my
master password application, that requires a password to decrypt it.

Thanks. Is a master password application safer than not having one and writing the p/w down on a piece of paper? I know that someone can break
in and steal that paper, but it is unlikely, whereas a M.P.A. could
still technically be cracked, yes? Or is it that a case of extraordinary diminishing returns and not worthwhile for a skint pleb? (I'm assuming
that)

I exported my password store from google...
.. there are over 1000 passwords in it. I know some are duplicates, but
even so generating that many unique passwords would take some work...

Dave

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/06/2025 23:39, David Wade wrote:

I exported my password store from google...

Christ on a bike...
What on earth made you put it there in the first place?
Hardly secure.


--
The New Left are the people they warned you about.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 6/22/2025 2:28 PM, The Natural Philosopher wrote:

On 22/06/2025 16:55, Andy Burns wrote:

The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

Unfortunately it does ...

Its a proprietary Adobe extension.

I dont think any linux readers support  it.
Maybe in browser rendering does.

https://stackoverflow.com/questions/31930224/fillable-pdf-forms-in-libreoffice

"Well, the problem is is that I'm on linux
and no pdf editor does the calculations added with acrobat :(
"

https://support.mozilla.org/en-US/questions/1333222

about:config

pdfjs.enableScripting BOOLEAN True

A little of this, a little of that.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 24/06/2025 00:14, Paul wrote:

On Sun, 6/22/2025 2:28 PM, The Natural Philosopher wrote:

On 22/06/2025 16:55, Andy Burns wrote:

The Natural Philosopher wrote:

On 20/06/2025 18:33, Paul wrote:

Computer users should know, that PDF has Javascript.

No. PDF does not have javascript

Unfortunately it does ...

Its a proprietary Adobe extension.

I dont think any linux readers support  it.
Maybe in browser rendering does.

https://stackoverflow.com/questions/31930224/fillable-pdf-forms-in-libreoffice

"Well, the problem is is that I'm on linux
and no pdf editor does the calculations added with acrobat :(
"

https://support.mozilla.org/en-US/questions/1333222

about:config

pdfjs.enableScripting BOOLEAN True

A little of this, a little of that.

Paul

Ah. So Mozilla can be told *not* to support it.
It looks like it should be disabled 'unless needed'

I'll do that RIGHT NOW...
...done!

--
"And if the blind lead the blind, both shall fall into the ditch".

Gospel of St. Mathew 15:14

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)