this post was submitted on 16 Jan 2025
83 points (95.6% liked)

Games

33247 readers
1163 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Weekly Threads:

What Are You Playing?

The Weekly Discussion Topic

Rules:

  1. Submissions have to be related to games

  2. No bigotry or harassment, be civil

  3. No excessive self-promotion

  4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts

  5. Mark Spoilers and NSFW

  6. No linking to piracy

More information about the community rules can be found here.

founded 2 years ago
MODERATORS
shitpostpolice@lemmy.world
Dremor@lemmy.world
Dremor@jlai.lu
83
Doom is playable on PDFs (at least in Chromium-based browsers) (gbatemp.net)
submitted 3 days ago by Elevator7009sAlt@ani.social to c/games@lemmy.world
13 comments fedilink hide all child comments
top 13 comments
sorted by: hot top controversial new old
[–] tal@lemmy.today 33 points 3 days ago (3 children)

I can see it now: "New worm infects PDFs, causes users viewing them to mine Bitcoin."

[–] iAmTheTot@sh.itjust.works 17 points 3 days ago (2 children)

PDFs have been an attack vector for a while actually.

[–] viking@infosec.pub 7 points 2 days ago (2 children)

One more reason never to use the official adobe software. SumatraPDF is awesome. Barebones and blazing fast.

[–] yggstyle@lemmy.world 4 points 2 days ago

Anti adobe is cool - the recommendation is appreciated... but any software can be the target of a document based exploit and may well be susceptible to the same exploit depending on the libraries used. Additionally, smaller software projects can take longer to update as they have less staff working on them. Absolutely support open software and alternatives... Just a word of caution.

[–] iAmTheTot@sh.itjust.works -2 points 2 days ago (1 children)

I don't think it has to do with opening a PDF in Adobe, but okay.

[–] viking@infosec.pub 2 points 2 days ago (1 children)

Yeah it does. Adobe has a lot of active script support, including java script for example, which can be exploited. If a software can't interpret those scripts at all and simply displays plain text, that means malware won't be executed.

And since Adobe Acrobat / Acrobat Reader are the most common pdf viewers out there, they are a natural target for hackers as well.

[–] iAmTheTot@sh.itjust.works 2 points 2 days ago (1 children)

Is Acrobat the only pdf reader with active script support? For example, do the common browsers which can also open pdfs not support the same things?

[–] viking@infosec.pub 1 points 2 days ago (1 children)

I genuinely don't know, I have set my browser to download pdfs by default and only open them with Sumatra. There might be a scripting layer active in the browser as well though, quite possible.

[–] iAmTheTot@sh.itjust.works 1 points 2 days ago

Then would you agree that it doesn't have to do with Adobe Acrobat, as much at it does active script in PDFs and if the reader executes it?

[–] yggstyle@lemmy.world 2 points 2 days ago

If you view it on your system it's a vector. Large / complex documents which may parse things with different libraries just happen to have a larger attack surface.

[–] JeeBaiChow@lemmy.world 4 points 2 days ago

This was the thought that entered my head. Kids these days didn't live through rampant vbscripts running off the onLoad event.

[–] KickMeElmo@sopuli.xyz 6 points 3 days ago

Pretty sure that was already a thing years ago.

[–] yggstyle@lemmy.world 7 points 2 days ago

Just wait till they find the flight sim in excel...