[ - ] NeedleStack [op] 1 point 2.7 yearsAug 20, 2021 16:07:46 ago (+1/-0)
Thank you! Don't worry, the name you see on the pdf is the creator who intentionally placed their name on the pattern and posted it on a public site. It's that site where I got the original pattern.
only open them later inside a special VM and special OS
The feds are scanning old voat (searchvoat.co) for names of people who NEVER logged in during the month of Dec 2020, and thus can beg for a "voat deadname" and the most valuable deadnames are names of well respected old voat females like this account name of "NeedleStack" or females like ArtofChoke
The feds WILL be making lots of old curated verified old voat accounts for here of accounts that for whatever reason, did not log into voat in Dec 2020, and thus can feign not ever getting a secure invite passphrase to "searchvoat.co" for account verification via (https://forum.searchvoat.co/)
actual account verification badge should ONLY be for those who have proven passphrase access to https://forum.searchvoat.co/ and so far very very few given out (messy process and not foolproof but necessary)
just like this ATTEMPTED-to-verify account, of significant old voat presence, now uploading PDFs to this site. but at least putting a pdf warning on them
my browser is set to never open PDFS, just download, but 99% of others here 'run' them, despite over 600 remote zer0 days in recent years for windows, linux. and mac
REMEMBER THAT PDFS on Voat are very dangerous!
i am paranoid, but that does not mean everyone's not really out to get me!
The only reason why I didn't link to it in the first place was because ravelry is a kiked crafts site that banned Trump supporters and pro-Trump projects so why support them with clicks?
Fascinating read overall. I've used 3 of the ones you mentioned - none of these CVEs allowing code execution are open now - they are all many years old (3-4).
In any case, none of the ones I read were code injection into the kernel, because that would be a bug in the kernel, not the reader, which is stuck in userspace.
Fascinating read overall. I've used 3 of the ones you mentioned - none of these CVEs allowing code execution are open now - they are all many years old (3-4)
be serious.
your current PDF reader has unpatched zero day remote exploits, most certainly based on simple logic and statistics and past. Most work for many years before being discovered. And grey and white hats no longer even give a crap about pdf considering it something useless to favor now that the world should be using epub or rtf
CVE lists are no longer updated in recent years, and researchers no longer do as much free testing of compromised machines.
experts also want newbsto use built in pdf coming to browsers that is slow but 100% (yes 100%) written in javacript :
but it is so buggy it crashes doing font width tests this week in all apple products, and the main devs refuse to alter their crashing code and want apple to alter 15 years of prior installed products. (seriously)
[ + ] aleleopathic
[ - ] aleleopathic 3 points 2.7 yearsAug 20, 2021 15:36:16 ago (+3/-0)
Looking good as always, NeedleStack.
EDIT: you might want to remove your name from the pdf for privacy reasons. You know the world we live in now...
[ + ] NeedleStack
[ - ] NeedleStack [op] 1 point 2.7 yearsAug 20, 2021 16:07:46 ago (+1/-0)
[ + ] try
[ - ] try -1 points 2.7 yearsAug 20, 2021 17:38:17 ago (+0/-1)*
REMEMBER THAT PDFS on Voat are very dangerous!
only open them later inside a special VM and special OS
The feds are scanning old voat (searchvoat.co) for names of people who NEVER logged in during the month of Dec 2020, and thus can beg for a "voat deadname" and the most valuable deadnames are names of well respected old voat females like this account name of "NeedleStack" or females like ArtofChoke
The feds WILL be making lots of old curated verified old voat accounts for here of accounts that for whatever reason, did not log into voat in Dec 2020, and thus can feign not ever getting a secure invite passphrase to "searchvoat.co" for account verification via (https://forum.searchvoat.co/)
actual account verification badge should ONLY be for those who have proven passphrase access to https://forum.searchvoat.co/ and so far very very few given out (messy process and not foolproof but necessary)
just like this ATTEMPTED-to-verify account, of significant old voat presence, now uploading PDFs to this site. but at least putting a pdf warning on them
my browser is set to never open PDFS, just download, but 99% of others here 'run' them, despite over 600 remote zer0 days in recent years for windows, linux. and mac
REMEMBER THAT PDFS on Voat are very dangerous!
i am paranoid, but that does not mean everyone's not really out to get me!
JIDF/MOSSAD/SPLC/ShareBlue/ADL/CIA/NSA/NRO/FBI/DIA/USDOJ/State Dept INR/USAFISR/DOE/DHS/TFI/ONSI/NSF/USPS/ etc
=========
EDIT:
below this comment, she verified is her in a foolproof rapid manner, without delay :
https://files.catbox.moe/n94g91.png
system should grant her a old goat badge on the account after confirming timeline of post and photo ping back time
So now I can trust yet one more person not being the 20%
20% :
https://files.catbox.moe/dv66rp.jpg
[ + ] NeedleStack
[ - ] NeedleStack [op] 5 points 2.7 yearsAug 20, 2021 17:46:33 ago (+5/-0)
The only reason why I didn't link to it in the first place was because ravelry is a kiked crafts site that banned Trump supporters and pro-Trump projects so why support them with clicks?
But here's a special gift for you:
https://files.catbox.moe/n94g91.png
[ + ] try
[ - ] try 2 points 2.7 yearsAug 20, 2021 17:50:14 ago (+2/-0)
I sincerely verify this being the real and famous NeedleStack, and system should give you the old goat badge on this account!
Wow!!!! I am smiling so much!
[ + ] NeedleStack
[ - ] NeedleStack [op] 4 points 2.7 yearsAug 20, 2021 17:52:31 ago (+4/-0)
[ + ] aleleopathic
[ - ] aleleopathic 1 point 2.7 yearsAug 20, 2021 20:10:09 ago (+1/-0)
[ + ] aleleopathic
[ - ] aleleopathic 0 points 2.7 yearsAug 20, 2021 20:14:07 ago (+0/-0)
FWIW, I use a simple pdf reader that doesn't support the macro and scripting functions of Adobe's reader. Linux has some pretty neat software.
Cheers try.
[ + ] try
[ - ] try 1 point 2.7 yearsAug 20, 2021 20:23:54 ago (+1/-0)
ALL PDF readers on linux have allowed remote code insertion into kernel merely by reading PDFs.
The CIA and FBI spend millions of dollars creating linux PDF exploits off of PDF buffer overflows. NSA does too.
Remote code execution in Okular PDF reader for KDE:
https://www.cybersecurity-help.cz/vdb/SB2020031319
some require a click on a thing that is a action link though :
"KDE Okular before 1.10.0 allows code execution via an action link in a PDF document."
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9359
Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2575
over a dozen for "Evince PDF reader"
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Evince
"XPDF?" 131 CVE Records ! :
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=XPDF
Mupdf? 50 CVE Exploit records :
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Mupdf
Poppler library? Fucking Dumpser fire full of exploits, 111 CVE Records :
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Poppler
Lots of "safe light secure linux PDF readers" use Poppler library. What a goddamned joke.
DANGER!!! Simple Linux PDF Readers are exploited every month by CIA/FBI !
[ + ] aleleopathic
[ - ] aleleopathic 0 points 2.7 yearsAug 20, 2021 21:38:31 ago (+0/-0)
In any case, none of the ones I read were code injection into the kernel, because that would be a bug in the kernel, not the reader, which is stuck in userspace.
[ + ] try
[ - ] try 0 points 2.7 yearsAug 20, 2021 21:50:56 ago (+0/-0)*
be serious.
your current PDF reader has unpatched zero day remote exploits, most certainly based on simple logic and statistics and past. Most work for many years before being discovered. And grey and white hats no longer even give a crap about pdf considering it something useless to favor now that the world should be using epub or rtf
CVE lists are no longer updated in recent years, and researchers no longer do as much free testing of compromised machines.
experts also want newbsto use built in pdf coming to browsers that is slow but 100% (yes 100%) written in javacript :
https://github.com/mozilla/pdf.js/
but it is so buggy it crashes doing font width tests this week in all apple products, and the main devs refuse to alter their crashing code and want apple to alter 15 years of prior installed products. (seriously)
Linux retardation causes forks. I predict death or a fork of https://github.com/mozilla/pdf.js/
tl/dr : your pdf reader is compromised
[ + ] Sector7
[ - ] Sector7 1 point 2.7 yearsAug 21, 2021 11:24:20 ago (+1/-0)
[ + ] mattsixteen24
[ - ] mattsixteen24 2 points 2.7 yearsAug 20, 2021 19:43:21 ago (+2/-0)
[ + ] NationalSocialism
[ - ] NationalSocialism 2 points 2.7 yearsAug 20, 2021 15:43:40 ago (+2/-0)
[ + ] NeedleStack
[ - ] NeedleStack [op] 3 points 2.7 yearsAug 20, 2021 16:08:59 ago (+3/-0)
[ + ] PuttitoutIsGone
[ - ] PuttitoutIsGone 1 point 2.7 yearsAug 20, 2021 20:27:40 ago (+1/-0)
[ + ] Broc_Liath
[ - ] Broc_Liath 1 point 2.7 yearsAug 20, 2021 17:03:02 ago (+1/-0)
[ + ] Jiggggg
[ - ] Jiggggg 1 point 2.7 yearsAug 20, 2021 16:34:59 ago (+1/-0)
[ + ]deleted
[ - ] deleted -1 points 2.7 yearsAug 20, 2021 17:12:39 ago (+0/-1)*
[ + ] deleted
[ - ] deleted 0 points 2.7 yearsAug 20, 2021 17:45:40 ago (+0/-0)