I’d say try turning on lockdown mode and opening the PDF, but just in case, maybe scan it on VirusTotal (I just did it’s first ever scan) and check out the behaviour analysis, there seems to be a lot going on compared with other PDF’s I have scanned. Dropped javascript and more.
I scanned it on VirusTotal, it had never been scanned before, it isn’t picking up detected sig. But, with it’s behaviour analysis it is creeping me out. Take a look at it please… I think you will agree?
That user has been posting a lot of links to pdf’s every day hosted on wordpress platforms and more. I haven’t began scanning those yet.
PDF viewed on iOS 17.6 Safari in Lockdown mode, without error.
That's a pre-pub PDF hosted by the Usenix Security 24 conference, which takes place in two weeks. If a respected 30-year old security conference is posting hostile PDFs, that would be newsworthy.
> That user has been posting a lot of links to pdf’s every day hosted on wordpress platforms and more
Examples, please? I posted the Usenix Security paper. A quick scan of my submissions shows no PDFs in the last two weeks, and one other PDF in the last day, hosted on HP.com.
I’m unfortunately not able to view on desktop since I’m traveling but I’ll have to take a look upon my return tomorrow. Seems fishy the fact it was flagged with lockdown is suspicious.
Looking at all the behavioural analysis on VT makes it look like malware, but considering my lockdown iOS was being weird, this PDF is making me worry that it’s some sort of cross platform malware capable of attacking both Windows and iOS - which I have never heard malware being able to do before.
I am super curious of how this PDF behaves on MacOS, Linux and Android now but it seems VT only executes it in a Windows environment.
I could be so wrong about this, but if I am not, then this would be rather serious indeed for a lot of HN users.
I can’t say for sure, I cannot get it to pop that same error again. I will try opening it from another iPhone with lockdown enabled later.
I wouldn’t even know where to start in looking at that PDF for some sort of iOS exploit payload, my guess is it would be extremely difficult to find (if it exists).
Are there any compact 4G/5G boards which can be plugged into this for outside connectivity? Last I looked, these breakout boards were far too cumbersome.
I think connectivity would be a key challenge for this device. RPI zero2W only has WiFi4 == 802.11b/g/n. In a modern crowded building, 2.4GHz is often super crammed and busy, and I find wifi4 barely works. Lots of dropped packets, sometimes full seconds of latency.
I'm calling out the elephant in the room - you’re putting way too much faith in these IP lookup services without questioning their obvious ability to screw you over with giving the wrong IP. Is no-one in here able to see this is terrible security??
The script was not using Cloudlfare to grab the IP, it was using iptools website. Plus, it doesn’t even need to be malicious - it can simply hive you the wrong IP. I know this because I ran a script querying 40 different sites which provided the IP address, and I found at least 4 of them giving incorrect IP addresses over the course of 24 hours. This is why you shouldn’t trust any single source, but compare multiple different sources and THEN update cloudflare with the IP. You see?
“Failed to Add Pass An error occurred while adding the pass to Wallet. Please try again later.”
Brave on latest iOS. Lockdown mode enabled for 6 months.
There’s something not right about that PDF.