I mean, sure it'd be totally blackhat to publish a brand new pdf exploit this way, but blackhat as a conference went way beyond those roots a long time ago.
All phishing attacks require you to click on a link embedded in the PDF, right?
On the one hand, you'd think anyone technologically savvy wouldn't do that.
On the other hand, accidentally clicking on links in PDF's is the bane of my existence. I constantly consume academic books and papers as PDF's on my iPad in the built-in Books app, tap somewhere with my Apple Pencil for any number of reasons (to pan, to zoom, to highlight), and bam I'm transported 100's of pages away and with no back button.
If I could ask for any PDF reader feature, it would be to improve link handling. If it's an internal link, for the love of god include a back button. And if it's an external link for a web browser, for the love of god require a confirmation dialog first. I should never be led to a malware URL because of an accidental click.
My guess is that my brain has subconsciously tuned out engaging pdf content because of how difficult it is to use in-browser... Especially when dealing with text sizes and zooming sigh. It's even worse with pdfs on mobile :(
Also the sudden break from "website" to "pdf" format is often jarring.
Quarrel|4 years ago
The presentations get published.
Isn't this totally normal?
I mean, sure it'd be totally blackhat to publish a brand new pdf exploit this way, but blackhat as a conference went way beyond those roots a long time ago.
newbamboo|4 years ago
iJohnDoe|4 years ago
crazygringo|4 years ago
On the one hand, you'd think anyone technologically savvy wouldn't do that.
On the other hand, accidentally clicking on links in PDF's is the bane of my existence. I constantly consume academic books and papers as PDF's on my iPad in the built-in Books app, tap somewhere with my Apple Pencil for any number of reasons (to pan, to zoom, to highlight), and bam I'm transported 100's of pages away and with no back button.
If I could ask for any PDF reader feature, it would be to improve link handling. If it's an internal link, for the love of god include a back button. And if it's an external link for a web browser, for the love of god require a confirmation dialog first. I should never be led to a malware URL because of an accidental click.
quenix|4 years ago
haswell|4 years ago
bradleykingz|4 years ago
My guess is that my brain has subconsciously tuned out engaging pdf content because of how difficult it is to use in-browser... Especially when dealing with text sizes and zooming sigh. It's even worse with pdfs on mobile :(
Also the sudden break from "website" to "pdf" format is often jarring.
asddubs|4 years ago