- Jun 15, 2023
- 251
I saw a few videos from cruelsister which it was easily bypassed and infected.
Please provide comments and solutions that are helpful to the author of this topic.
I'm going to reword your title.I saw a few videos from cruelsister which it was easily bypassed and infected.
Nothing is a 100% when you connect your system to the internet. I suggest you should add Hard Configurator to the mix and use a secure and less vulnerable pdf software like foxit or nitro pdf reader.I saw a few videos from cruelsister which it was easily bypassed and infected.
it's unreasonable to scan every pdf file I download from the internet with Virustotal.I'm going to reword your title.
If I click on a word of PDF file I didn't create and when I downloaded it didn't bother to scan at a site like VT, is there a chance I could get hammered?
See what I did there
Yes and I'm pointing out that relying solely on one solution because you do not wish to take the time to vet your downloads is the kind of risky behavior that gets users in trouble. The file while inert is not a danger, take the time to scan it with something besides your current security to ensure. If you take risks of downloading a lot, then you should put in the effort to minimize chances. No solution is 100% but if you ad extra effort into the equation you can negate that.it's unreasonable to scan every pdf file I download from the internet with Virustotal.
They are shared and downloaded many times, for example hard configurator and cyberlock's user guides are in pdf.
I ask if it is reasonable to use defender even hardened against all types of threats instead of using a free alternative like avast.
If it is as competent as other avs and not too reliant on signatures, cloud and exclusive good detection of exes only.
How is Foxit and Nitro any less vulnerable than Acrobat? Would a modern browser that can handle PDF form-filling and signing provide better protection than popular PDF software?Nothing is a 100% when you connect your system to the internet. I suggest you should add Hard Configurator to the mix and use a secure and less vulnerable pdf software like foxit or nitro pdf reader.
Just like Linux remains less vulnerable than windows. The less popular it is the less is the chance to get targeted. Making a zero day exploit for adobe is more attractive to a Blackhat than making it for Foxit or nitro. Apart from that with foxit the "safe reding mode" is enabled by default.How is Foxit and Nitro any less vulnerable than Acrobat? Would a modern browser that can handle PDF form-filling and signing provide better protection than popular PDF software?
My post in general covers many aspects and approaches down to using a product that offers settings to simplify.I think most computer users don't have or know how to use VT, VM, or hex editors.
My post in general covers many aspects and approaches down to using a product that offers settings to simplify.
You are in a forum with all degrees of experience and knowledge, the post is to cover most aspects for this different levels. For those without the skill or knowledge using a PDF reader with ability to turn of java script or connecting to the Internet are mentioned.Yes, but I think most computer users don't use/don't know how to use VT, VM, and hex editors. They are the main users of AVs.
You are in a forum with all degrees of experience and knowledge, the post is to cover most aspects for this different levels. For those without the skill or knowledge using a PDF reader with ability to turn of java script or connecting to the Internet are mentioned.
Are you having to translate this, because I think what we got here is failure to communicate.These security programs are not made for forum members but for computer users in general, most of whom don't know about or use VT, VM, or even hex editors, not to mention being told to set things in PDF readers on or off, or even selecting PDF readers.
No offence but some of us like to use our PC's like normal non paranoid people.All kinds of solutions abound besides the one I stated which is the simplest, probably most effective.
You can hash the file locally and upload it to VT.
You can upload it to a sandbox or run it in a VM.
You can open it in a hex editor and check the file signature.
You can install Python and then Pdfid and pdfparser to analyze the files "works on Windows or Linux" , this will give you a look at what's inside a PDF before you run it. You will be able to view stream, end streams of the file and lists of start and end tags for JavaScript. Basically if you view zeros as start and end tags of JavaScript chances are the file does not contain anything.
You can get and use a advanced PDF reader with options to disable JS or connecting to the Internet. Ect,ect.
No offence but some of us like to use our PC's like normal non paranoid people.
Being cautious is one thing.
Doing what you describe is unreal for day to day.
Are you having to translate this, because I think what we got here is failure to communicate.
Users that can not toggle a simple button in settings will not be in this forum or stopping by to read up on how to shut off java, or even possibly understand what java is or why it needs to be off.
Everyone else is covered in that post, now unless you have something more viable to add I think we have this topic covered.
Ok so you obviously want to have it out over this after many explanations.My post was deleted because I was told it wasn't helpful to the OP. I'll see if this one passes:
The OP is asking whether or not Defender is good. Your response is that it is as long as one knows how to use VT, VM, or hex editors, or know what to toggle in what apps in PDF readers.
The problem is that most users don't know how to use VT, VM, or hex editors, and malware do not wholly come from PDFs.
Given that, I think Defender isn't good enough, and the suggestions you gave aren't helpful. I also think hard configuration isn't helpful as well because it can do more harm than good, similar to turning off Java and other features. Users can create more problems, and they will have to figure out what they disabled in order to bring back functionality.
With that, use other AVs that according to AV-Test, AV Comparatives, and Youtubers doing tests (like the one mentioned by the OP) do better. Examples are Avast, AVG, Kaspersky, and Bitdefender.
Ok so you obviously want to have it out over this after many explanations.
Your suggestion is to use a more advanced security software for users you claim are not capable of toggling a couple switches in a more advanced PDF reader correct. They are not capable of this but are capable of installing and setting up the more advanced software.
There is in my post above suggestions from beginners to advanced to help everyone, but you choose to say only the beginners will be interested in this thread, so im wondering if I should hire you as a physicic now.
Are we finished, or do we need to take this further.