Forgot your password?
typodupeerror

Comment: Summary (Score 4, Informative) 238

So the vast majority of people are recommending to ditch Adobe Acrobat, which is not where I was wanting to focus the discussion, but I appreciate your advice. I do agree that using something like Sumatra would be a good part of a defense-in-depth approach, but that approach does not protect your organisation from inadvertently sending out an infected PDF to another organisation.

I did not know it was possible to detect javascript in a PDF, and I think this is possibly a better approach than a full rewrite (btw: I found this python script: http://blog.didierstevens.com/programs/pdf-tools/ ) So instead of rewriting every PDF, you just choose to delete any PDF attachments that are detected with JavaScript. I assume this will then not break any legitimate PDFs that have comments or forms, etc? It will need testing, I guess.

The mail relay can then be configured to detect and delete any javascript-containing PDFs and allow everything else through (including encrypted, which is more likely to be legit than not). Once again, this is not the only protection against this malicious code, but just one facet. I found some recent exploits that don't need javascript at all, so it seems the safest, yet most likely to make you hated, approach is to rewrite the PDF completely or not allow PDFs at all.

+ - Automatically sanitising PDF email attachments

Submitted by supachupa
supachupa (823309) writes "It seems the past couple of years that spearfishing is getting very convincing and it is becoming more and more likely someone (including myself) will accidentally click on a PDF attachment with malicious javascript embedded. It would be impossible to block PDFs as they are required for business. We do disable javascript on Adobe reader, but I would sleep a lot better knowing the code is removed completely.

I have looked high and low but could not find a cheap out of the box solution or a "how to" guide for automatically neutralising PDFs by stripping out the javascript. The closest thing I could find is using PDF2PS and then reversing the process with PS2PDF.

I wonder if any of you slashies have worked a solution for this that is not too complex, works preferably at the SMTP relay, and can work with ZIPed PDFs as well, or otherwise have some common sense advice for dealing with this so that once its in place, there is no further action required by myself or by users."

Comment: Too little, too late (Score 2) 329

by supachupa (#30029568) Attached to: MythTV 0.22 Released
I've used Myth for years. Since the 2.4 kernel days when you had to recompile the kernel to get DVB and ALSA working. It used to take hours and hours to get even the remote control working, but I perservered because it was far superior to anything out there.

But Myth has lagged too long and it has always looked godawful compared to its competors.

With the release of Windows 7, I have found that I am able to do all that I need and it looks a hell of a lot better. This latest release of Myth (which is pretty lame for taking so long for such a minor release) only convinces me further that I made the right choice of switching away from it.

Thanks for the memories, though. I'll think of you fondly.

Comment: Re:Fantastic! (Score 1) 727

by supachupa (#28048031) Attached to: Ubuntu 9.04 For the Windows Power User

Exactly. It is the "not good with tech" people that we would need to work on getting to switch. They are the ones with problems.

My opinion (I'm sure many will disagree) is that for desktop use, Linux is garbage as far as the masses are concerned.

Reasons uninitiated, not technical people don't like it:
It looks like crap out of the box. Linux needs to get some graphic designers with actual talent to make it look better. OpenOffice may work, but it look like crap.

It is confusing.
It works like crap for standard stuff like watching flash videos, movies, and other day to day stuff the average person expects. There are no commercial versions of popular products available for native Linux (Adobe CS, MS Office, and lots of smaller apps people buy online. WINE is vastly improved, but you still have to introduce great instability.

The interdependencies on packages means that you have to upgrade EVERYTHING each time there's a new release. You should have applications and the OS separate from each other in that sense.
The installation process is crap. Sure "dependency hell" is no longer such a program with automated package managers, but compare other OS's. You just download an executable, double click and install. There are rarely dependencies to worry about. I may want to install Amarok 2 and leave at that until they come up with a newer version that isn't as dummed down. Sure I can install from source, but isn't that missing the point of package management? And if there is a way to do that, it is not obvious.

I could go on with more examples, but my main point is that the majority of people don't LIKE LINUX as a desktop (statistically speaking, so don't bother telling me about how your grandma just loves it).
How is it that Apple was able to take BSD and make it look and work so well and gain wider acceptance in a shorter amount of time? I would be copying them in terms of the experience a normal user wants to have, and for the "not good with tech" people, I would be telling them to go buy a mac.
Maybe Apple did better because they all focused on one vision. Maybe Google is secretly already working on something that will improve things.

In the mean time, I have given up on Linux for desktop purposes. I have been disappointed for the last 13 or so years and have better things to do with my time now than try to compromise on functionality when I have a job to do.

A computer scientist is someone who fixes things that aren't broken.

Working...