Is the document viewer on (most) Linux distributions any safer? I wouldn't recommend an OS change to customers, I'm just curious.
My tactic with these problems is to emphasize user education and safer browsing as well as 'vetting' from where they're getting documents. I also encourage digital signatures and "workflow" style document control if the environment has that many documents especially PDFs. On Nov 16, 2010 12:32 PM, "Butturini, Russell" < [email protected]> wrote: > Yeah me too...I take no shame in being 0wned by the great Irongeek! :-) > > -----Original Message----- > From: [email protected] [mailto: [email protected]] On Behalf Of [email protected] > Sent: Tuesday, November 16, 2010 9:44 AM > To: PaulDotCom Security Weekly Mailing List > Subject: Re: [Pauldotcom] Advice on doc format to see for review to securityfolks > > Use whatever format you like (except silverlight <grin>) I am fairly paranoid and open documents in different "trust zones" regardless of who sends it. I have gotten pwned in the past by people I trusted not because of them being untrustworthy but because they were pwned also. I just assume anything can be infected now. Also, you can still be a victim of goatse in ASCII. ;) > > Anytime you want someone to review something let me know. If I don't have other pending commitments, I'll look it over. > > Bart > > > Sent from my Verizon Wireless BlackBerry > > -----Original Message----- > From: Adrian Crenshaw <[email protected]> > Sender: [email protected] > Date: Tue, 16 Nov 2010 09:09:14 > To: PaulDotCom Security Weekly Mailing List<[email protected] > > Reply-To: PaulDotCom Security Weekly Mailing List > <[email protected]> > Subject: [Pauldotcom] Advice on doc format to see for review to security > folks > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > > ****************************************************************************** > This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, > and is to be used only for the intended purpose of this communication. > ****************************************************************************** > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
