October 02, 2011

Mac security risk: a pretend PDF that's actually a trojan horse

A security firm reports on a Mac security risk that exploits a file that looks like a PDF. Currently, the trojan horse doesn't do any harm, but that could change in the future.

Posted at 10:40 PM in Security | | Comments (0)

November 30, 2010

Examining a PDF's Document Security

In the previous post we discussed how to examine a PDF’s document properties, focusing on the “Description” tab. Now, we’re going to focus on the tab marked “Security.”

You’ll see three things in the graphic below that are worth noting: (1) the Security Tab is highlighted, because that’s the tab we’re focused on, (2) the “Security Method” is set to “No Security,” and (3) the summary of restrictions for this document lists all of the things that are still allowed.

  Document Properties

Obviously, any of these things that are currently allowed in this document can be disallowed. That is, you can restrict a PDF so that someone can’t print, or change the document, or assemble it into another document etc. To do this you just go the area marked 2 (in the graphic above) and change the selection from “No Security” to “Password Security” at which point you will see the following dialogue box:

   Password Security - Settings

When you start imposing security on a document you wind up with a lot of choices, which I’m not going to get into right now. The main thing I wanted to show you is how to find out what kind of security has been imposed on a PDF that you are using. Whenever you have problems with a PDF the first thing you should do is examine the Document Properties, and often you will find that some sort of security has been put on it.

 

Posted at 08:15 AM in Acrobat 10, Acrobat 8.0, Acrobat 9.0, Metadata, Security | | Comments (2)

October 28, 2010

Circumventing the silly lockdown of PDF forms

Screen shot 2010-10-27 at 7.40.10 PM My last post was about the frustration of encountering locked down PDF forms, especially those on government sites. The government purportedly posts these forms in order to help, but as we know the government isn't always here to help.

The obvious way to get around this problem is through so-called analog hole, which to me means printing the PDF form out and then scanning it back in. At that point it's obviously stripped of any restrictions. But what if you don't have a scanner handy? I was thinking about this when I encountered the last offending form, and wondering what would I do if I had to quickly circumvent a PDF form lockdown.

Eventually I thought of a quick way: fax the form to myself at my web-based fax service. The way my service works is that I simply attach the document I want faxed to an email sent to [faxnumber]@rcfax.com. Moments later I would get a PDF of the document, but stripped of the restrictions. Faxing the form to myself is essentially like scanning it, but the scanner is the fax service.

I realize that many people don't have web-based faxing, but they should if they deal at all with faxes. Traditional fax machines are way too limited (need paper, electricity and can only print faxes where you have them plugged in). Hopefully you don't have to deal with any faxes, but odds are you do. And so I hope you have a web-based fax service. If you do then remember that it might be your only way to liberate a needlessly encumbered PDF form.

For what it's worth, I use RingCentral's fax service. It's only $7.99/month for 500 pages. You can try them out for free for a short period to see if you like the service. I don't know of any other web-based fax service that's reliable and offers a lower price.

Posted at 08:25 AM in Forms, PDF: Advanced, Security | | Comments (3)

October 27, 2010

Problems with locked down PDF forms

Screen shot 2010-10-26 at 1.55.52 PM Recently I was asked by a client to secure a state trademark in Louisiana. I googled the phrase 'louisiana trademark application form' and discovered this PDF form on the official Louisiana Secretary of State website. I figured at that point I was a skip and a jump away from quickly filling out the form for my client.

I was wrong.

The form seems to have security that prevents me from filling out the form, which is weird. Weirder still is that I can't use the Typewriter tool to fill in the form.  And even weirder is that my Typewriter tool is completely missing. And I don't mean the option of using it is grayed out. I mean, when I open that PDF form, all evidence of the Typewriter tool's existence is gone.

Sounds like an opening scene from The X Files, doesn't it?

The first time it happened I thought I had lost my mind. But then I realized it was only happening when I opened the one PDF file. I asked Rick Borstein, who works at Adobe and publishes the excellent blog Acrobat for Legal Professionals, about this situation.  He informed me that because the typewriter tool is considered an annotation, if a document is secured to disable commenting or annotating that would disable the Typewriter tool as well.

But my Typewriter tool wasn't just disabled, it was completely gone.

As to that point, Rick said that there was a bug in an earlier version of Acrobat 9 that would make the Typewriter tool disappear sometimes, if there was more than one window open. However, that was not my situation: (1) I have the latest version of Acrobat (9.4.0), and (2) I didn't have any other windows open when trying to use the typewriter with this PDF form. If you have the same problem with the form let me know in the comments.

Even if this form is only non-functional for certain versions of Acrobat, or only under certain conditions, it raises the question of whether forms put out for public use should ever be locked down. What's the point? Government agencies provide paper forms, and have for years. Are they worried that people will alter the paper forms? Perhaps, but it's no easier to alter a PDF form. 

I suspect the problem with government forms that are locked down occurs because some bureaucrat is afraid of what might happen if the form is used in a way that the agency doesn't approve of. Meanwhile, instead of the form being easy to fill out (or type onto), it becomes almost useless.

I say 'almost useless' because there is a workaround. First, I can print the form out and scan it back in, at which point I can do whatever I want with it. But what if I don't have a scanner? Well, I have a workaround for that too. But, I'll disclose that workaround tomorrow.

Until then, good luck with your form hunting; may Providence be kinder to you than it was to me.

Posted at 08:40 AM in Acrobat 9.0, Forms, PDF: Advanced, Security | | Comments (8)

February 11, 2010

The disadvantages of locked PDFs

One thing that makes PDFs superior to TIFFs as a format for storing digital documents is PDFs ability to incorporate security features.  Many lawyers aren't aware of the full features of Adobe Acrobat.  Of course, you password protect a document so that it can't be opened, but that's not something you're likely to do if you produce PDFs as part of the discovery process.  However, did you know that you can also lock down particular features and prevent the user of a PDF from printing?  And you can also prevent the user from 'copying and pasting.'   

If you are thinking that this would be a great thing to do when producing documents in litigation, think again.  The Federal Rules of Civil Procedure (and many state rules) specify that documents must be produced in native form, or 'in a reasonably usable form' (which means a searchable form).  So producing 'locked down' PDFs is probably not a good idea.

The defendants in Mack v. HH Gregg, Inc. found this out the hard way as the excellent discussion in this blog post reveals. Now, there are legitimate reasons you'd want to lock down a PDF that wouldn't impair the other sides legitimate use of the PDFs.  For example, what if you want to lock down the Bates-numbers that you imposed on the PDFs that you're producing and nothing else?  If you want to do that check out this article from the wonderful blog Acrobat for Legal Professionals.

Posted at 10:21 AM in Discovery, E-Discovery, Security | | Comments (4)

August 13, 2009

Important security updates now available for Acrobat and Adobe Reader

Adobe is recommending that users of Adobe Reader 9 and Acrobat 9 update their software to address certain security flaws.  Click here for more information, and to access the necessary downloads.

Posted at 12:24 PM in Acrobat 9.0, Security | | Comments (0)

February 20, 2009

Acrobat security issue

Adobe announced today that Acrobat and Acrobat Reader (all versions since version 7) are vulnerable to a Javascript exploit that can crash Acrobat.

Adobe is planning to release updates to Adobe Reader and Acrobat to resolve the security issue. It expects to update Adobe Reader 9 and Acrobat 9 by March 11th, 2009. Updates for prior versions of Adobe Reader and Acrobat will follow soon after.

If you're worried about this exploit right now you should turn off Javascript support in the preferences settings.


Posted at 11:57 AM in Acrobat 9.0, Security | | Comments (0)

February 12, 2009

PDF redaction gone awry

No matter how many times one explains the proper way to redact information from PDF files, there will continue to be major screwups.   What's a major screwup?  This would be a major screwup.  

Okay, once more: there are redaction tools built into Adobe Acrobat 8.0 and 9.0.  If your law firm doesn't have either of these versions it's time for an upgrade.  Oh, and don't forget to train your lawyers and staff on how to do proper redaction.

Posted at 08:16 AM in Acrobat 8.0, Acrobat 9.0, E-Discovery, Security, Workflow | | Comments (7)

November 05, 2008

Security flaw in Adobe Reader

A security flaw in version 8.1.2 of Adobe Reader could allow an attacker to take control of a computer, according to Core Security Technologies. Adobe plans a release of a security update to fix the vulnerability which is based on use of javascript.

Posted at 09:08 PM in Security | | Comments (1)

May 21, 2007

Securing PDFs - free webinar this Thursday

If you are interested in learning how to secure your PDFs, you should seriously consider signing up for this one hour webinar put on by Adobe.  It's called "Securing Legal Documents & Information" and its free if you are registered with Adobe.  Expert Acrobat instructors Rick Borstein and Bryant Bell and will cover common questions such as these:

  • How do I keep the recipient from copying text or printing a PDF?
  • How can I password protect a PDF?
  • How do I ensure that only the intended recipient can open a PDF?
  • How do I revoke a PDF, even after it has been renamed, copied to a thumbdrive or sent outside my firewall?
  • How can I find out if a PDF is genuine and hasn't been tampered with?
  • How do I ensure that the PDF I need to send does not contain dangerous metadata?

The webinar is this coming Thursday from noon to 1 pm CST.  To sign up or find out more about the program, click here.

Posted at 10:33 AM in Acrobat 8.0, Metadata, Security | | Comments (0) | TrackBack (0)

Next »

Recent Comments

Twitter Updates

    follow me on Twitter