www.nsa-observer.net
coderman
coderman at gmail.com
Sat Jan 31 16:06:13 PST 2015
On 1/31/15, Benjamin Brewer <bbrewer at littledystopia.net> wrote:
> ...
> Pardon my ignorance about this, and I will do my own research, but do these
> hidden formattings/stego/call-home functions disappear, get mutilated,
> become broken when ‘converting’ such PDF documents to other document types
we can wax lyrical about all the ways to sanitize a boundary through
constraint, perhaps twice over, to be sure?
that said, consider a Qubes OS setup where conversion between formats
(app domains) was always to least complicated, most easy to verify
well formed, even constraint through omission type simplifications,
then a PDF to plain-text 80 column by 42 lines per page fixed width
ASCII printable only
could probably be interpreted into sentences that would be a way to
collaborate separately without excessively leaking information among
participants, maybe.
in other words, PDFs and similar rich, obfuscated types are the
adversaries playground. does this mean all PDFs are compromised? Of
course not. But if you're a target, a specific PDF of specific
structure could very well be an effective honey token and target you
precisely.
> ...
> via use of many ‘conversion’ tools (Calibre comes to mind instantly) or are
> these embedded organisms a persistent across any automated conversion
> routine?
consider a watermark, that resized half, still persists. this is the
kind of meta leval manipulation of structure you may see in a rich
document (PDF) that could still persist in some transformations.
in other words, it depends on your threat model - who is tainting your
documents in-line, silently, without your awares,
and how complicated the formats and resulting transformations.
as another example, this is why referencing even simplified subsets of
text by a self certifying identifier, like
afb1e384e450d644703ad96cdfe9f728be509854388687eb65b7c622e2f798a9 ,
e.g. bigsundaawafn36e.onion/shid/afb/1e3/afb1e384e450d644..5b7c622e2f798a9
,
or http://sunshineeevvocqr.onion/bigsun/raw/afb1e384e450d644..5b7c622e2f798a9
which is the same paragraph in ascii no matter PDF or Word or HTML
origin simplified to text paragraph.
then, mutually un-trusting individuals collaborating from a distance,
can use this shared address space as the base for cooperation.
if that doesn't make sense, i will explain it better, later, :)
best regards,
More information about the cypherpunks
mailing list