this post was submitted on 28 Jun 2023
249 points (98.8% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54746 readers
359 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Of course I do and I expect my employees to report such incidents to IT. Such documents are common attack vectors.
In my experience, customers are not aware of failing interoperability or possible security threats and often grateful for such hints.
There's a reason why libreoffice (and I guess other office suits aswell), evince or antivirus show a big, fat warning when opening such documents. Surely there are cases were macros are useful or necessary, but if they have to leave the company, you're doing it wrong.
This talk might be interesting for you: https://www.youtube.com/watch?v=4F2xMw3987I
Then you just don't know the law. There is no legislation that enforces Acrobat in any civilized country without alternative.
Quite the opposite: Send macroridden documents to any decently secure infrastructure and you get a big fat warning in the subject if it's not filtered entirely. Officials LOVE to do that extra call ensuring that this document is really from you before opening it and no phishing attempt...not.
Source: working >25 years in IT, >15 years for government IT
EDIT: we got some real Adobe Acrobat Fanboy here, eh? ;-)