Catch 22

[Michael GilliganParticipant @michaelgilligan61133]

MEW Index

[Michael GilliganParticipant @michaelgilligan61133]

I was about to download the latest PDF version of the MEW Index

[ many thanks to David for maintaining this ]

**LINK**

https://www.model-engineer.co.uk/forums/postings.asp?th=186894&p=1

… when up popped this warning message:

.

.

Read those words carefully, please … they are not specific to David’s file, but a reference to the PDF file-type in general.

Now … in all honesty:

Although I am aware that there are risks associated with PDF, I could not realistically claim to understand them.

So, where does that leave me? … Trapped by Catch 22

MichaelG.

[lee websterParticipant @leewebster72680]

I would have thought that any decent anti-virus software could handle that. If you rely on windows for AV, then I am not so sure. I don't think downloading it opens or runs the file, but check with others, then run an AV on it.

[Michael GilliganParticipant @michaelgilligan61133]

Just to elaborate a little:

Adobe’s own site gives some advice about the risks associated with opening PDFs : **LINK**

https://helpx.adobe.com/uk/acrobat/using/security-warnings-pdf-opens.html#:~:text=Acrobat%20and%20Reader%20display%20a,communicate%20with%20an%20external%20source.

But I have never yet seen an explanation of the risks of downloading them.

Therefore I am not in a position to believe that I fully understand the warning message.

MichaelG.

[jaCK HobsonParticipant @jackhobson50760]

I sympathise – the main risk of 'downloading' is that you or the computer, will go on to do something with the file.

Downloading you should be pretty safe if you don't have auto-open enabled. PDF is a very complicated standard that supports lots of internal formats and so provides a big playing field for finding vulnerabilities. The vulnerability is really in the PDF viewer you use… the PDF file just takes advantage of that. Make sure your PDF viewer is up to date with patches. And most anti-virus should be fairly good at spotting files which take advantage of known vulnerabilities.

How common is it now to get infected with something nasty? I haven't see the ad spammer malware in some time. I think the big criminal money has moved onto ransomware (I'd guess the good ones are reserved for big payouts) and Botnets and both will try and stay hidden, unobtrusive, until they are 'needed'. I don't know about this though – just a guess. Does anyone have up to date threat data? I've become a bit blasé.

[Thor 🇳🇴Participant @thor]

I have never had any trouble with PDF's while using the Sumatra PDF viewer.

Thor

[Clive SteerParticipant @clivesteer55943]

I think the warning message in itself is misleading in that I don't know of any software that will harm a computer. However there are plenty of examples where software can harm the data stored on a computer.

Was the message generated by the OS or the Internet browser and in either case this may just be case of "don't blame us if your data is damaged".

What really gets me is that the hackers seem to be able to find the weaknesses in the OS or Apps but the so called experts with all the knowledge of the product ie the architects of the software can't or more like don't have the psychological mindset to critique their own work.

In a product development teams should there be more "breaker" than "makers" or are the "breakers" the public or the hackers.

CS

[Ady1Participant @ady1]

It's just a catchall to cover Googles legal behind

Go to Morrisons and "Vehicles are parked at the owners risk"

[Michael GilliganParticipant @michaelgilligan61133]

Further to the points made by Clive and Ady …

It is not actually evident whether the pop-up warning is generated by Google, or by iPadOS

MichaelG.

[Howard LewisParticipant @howardlewis46836]

Never had this pop up on any pdf, so it may a feature of your iPadOS

Howard

[jaCK HobsonParticipant @jackhobson50760]

I suspect it would be very rare to find an application that has never had any vulnerabilities. Patching is important.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2830

[David FrithParticipant @davidfrith72923]

If I may add my tuppence worth…
The pdf format includes the capability to run Javascript for added functionality (interactive forms and the like).
The download itself is harmless. But it is possible – in theory at least – that some form of malware COULD be written in Javascript which could execute when the file is opened (possibly to access a server somewhere).
However, I’ve been working with pdf and Javascript for over thirty years and never heard of any warnings in all that time.
An abundance of caution isn’t usually a bad thing, so some suggestions:
In whatever you may be using to read the pdf should have a preference setting to disable Javascript (there’s no code in the index pdf anyway).
You can convert the Excel to a text file online and search that.
I’m perfectly happy to produce a tab delimited text file for import into other software. (much like the Model Engineer index))
You could install Numbers on the iPad and open the Excel file that way
Or you can install the open source Libre Office (https://www.libreoffice.org/discover/libreoffice/). Not available for iPad though, sorry.

Hope this helps

[Michael GilliganParticipant @michaelgilligan61133]

Many thanks for the response, David

… I do, of course, have Numbers on the iPad, but I have always found it convenient to use your PDF in the GoodReader App.

I may be embarrassingly wrong, but I don’t recall seeing this particular pop-up in previous months.

MichaelG.

.

Edit: __ I have put an update on your thread, David.

Edited By Michael Gilligan on 29/05/2023 12:48:07

[David FrithParticipant @davidfrith72923]

I tried out some things.

When I attempted to download the 001-328 index I got the same warning.

I'm using Firefox on an Aple iMac desktop.

I also got the same warning on files 001-327 and 001-326

Safe to assume, I think, that it's Google piddling about.

[Michael GilliganParticipant @michaelgilligan61133]

… Thanks, David

MichaelG.

[peak4Participant @peak4]

Interesting, I've just downloaded the two latest files, and also got the warning on the pdf.
Judging by the script font etc, and that it appears just after the auto virus scan, from Google Drive, I assume it's a Google drive warning.

I then went to my own Google drive, where I have a number of documents stored.
One pdf downloaded with no warning following the auto virus scan, and the second one, auto virus scanned and popped up the same warning.

I wonder if there is a difference in the content of the two pdfs, which the virus scanner picked up on.??

I can't see any obvious logical pattern between those files which generate the warning, and those which don't; I've tried at least 10 files from my own drive.
I can double click on a file, and view it in my browser OK, but when I try to download it from either the browser, or the drive, I get the warning.
If it's a file I've generated as a pdf, say saving a web page article as "print to pdf" I don't get a warning, nor do my own pdf scans.

The warning box which pops up when I open a Google drive pdf in my browser, and subsequently try and download it, is exactly the same as the one if I'd tried to download directly from the Google drive.
Seems it's a specific Google Drive thing, and not related to my, or my ISP's, security software.

Bill

Edited By peak4 on 29/05/2023 17:10:42

[David FrithParticipant @davidfrith72923]

Everyone…

This isn't an isolated problem:

https://support.google.com/drive/thread/214307917/this-file-type-might-be-dangerous-message-for-pdfs-in-google-drive?hl=en

It wasn't broke so Google fixed it…

:0)

[SillyOldDufferModerator @sillyoldduffer]

You can't generalise about PDF being safe or unsafe: it depends on what's inside, the editor that created the PDF, which reader is used, and the operating system. In particular, PDF is a container format, not a straightforward file. It can contain active code such as Javascript, Java, and embedded media (including the famously high-risk Flash)

PDF has vulnerabilities, so take warnings seriously. Much depends on what you have. A file that's low risk on a modern HTML5 based browser could be high risk on an ancient version of Acrobat,

When an alert is received, answer these two questions:

• Is the computer up-to-date?
• Do you trust the source?

In this example my computer is up-to-date AND I trust the source.

The index has been made available for years without causing problems, the author is well known, and David's been kind enough to offer reassurances on the forum. To me ME Index is low-risk.

In sharp contrast, I wouldn't open a PDF that Google or anyone else warned me about if I didn't trust the source or my computer wasn't up-to-date.

Downloading stuff despite warnings is asking for trouble. It's in the same class as believing that the dodgy phone call really is from 'Microsoft', that your computer really is sick, and that you really should install their software so they can fix it for you…

Dave

[peak4Participant @peak4]

Another possibility is to scan a file before downloading it.
There's various options, but This Article is worth a read
https://www.howtogeek.com/30508/make-sure-downloads-are-safe-before-downloading-them/

I actually use Opera as my default browser, but since it's based on a Chrome engine, one can still install VirusTotal by following simple instructions.
Essentially, copy the download link, and paste it into the VirusTotal web page, or, if you have it installed as a browser extension, right click on the link and scan the file from there; seems to work OK for me.
https://www.virustotal.com/gui/home/upload

Bill

[Author]

Posts