TechTalkz.com Technology & Computer Troubleshooting Forums - View Single Post

07-11-2007, 11:44 PM

Virus Guy wrote:
> kurt wismer wrote:
>
>>> I've never seen PDF content being auto-rendered either as it's
>>> own page or as a component of page unlike other components of
>>> a typical web page (ie like html code, java script, JPG or
>>> GIF images, etc).
>>>
>>> In my experience, PDF material (PDF files) are always
>>> presented only as links that require the user to click on
>>> them in order to view them.
>>>
>>> What browser has the option of rendering PDF files
>>> "in-line" ?
>> again, round and round we go... the acrobat reader includes a
>> browser plugin that allows you to read pdf files right in your
>> browser...
>
> Why are you incapable of understanding a simple concept?
>
> I'm trying to point out to you that PDF code or PDF files are not
> automatically rendered in-line as a component of a web page and that
> they must be clicked on by the user in order to be rendered. That
> they can THEN be rendered within the browser by a plugin is
> irrelavent.

that pdf links have to be clicked on before the pdf can be rendered is
just as irrelevant... i have to click on links to websites to get them
to render too, so there is no difference from a user's perspective...

> I'll try to make this simple for you.
>
> If I view a web page that contains code to display a graphic bitmap
> (say, a jpeg or gif file) I will see the bitmap when I view the web
> page. I will NOT see a link to the bitmap that requires me to click
> on it to see it (unless that's how the web-author wants it to work).
>
> In contrast, PDF files are never rendered "in-line", automatically, as
> part of webpage content like a gif or jpeg bitmap.

no page is rendered automatically except your home page, ever other page
is one you arrive at by clicking somewhere or typing in a url...
conventional web pages and pdf's are identical in this behaviour...

>> so you choose to believe that spam 'users' are less likely to
>> be pdf 'users' to a significant enough degree to make this
>> distinction worth pursuing...
>
> The home PC is common enough to be used by a wide range of people for
> a wide range of reasons. When we dissect and analyze things at this
> level, in the absense of other information, if I just had something as
> basic as the presence or absense of an installed pdf reader, if I had
> to form an opinion as to who is more likely to be spam-friendly, I
> would say it's the people without a PDF reader installed.

once again i say you're reading too much into things... i see no reason
to make the correlation you're making here between the absence of a pdf
reader and the likelihood of responding to spam... if that is what your
gut is telling you then fine, but i don't trust your gut...

>> somehow spam 'users' don't need government forms or product
>> documentation or any of those other things that require a
>> pdf viewer...
>
> Perhaps those people are kids or teenagers with PC's in their
> bedrooms.

yeah, because kids (who are generally lauded as being *more* savvy than
their parents) are the spam users...

> Perhaps they're senior citizens who have their kids do
> their taxes for them.

there's more to government forms than just taxes...

> I would expect (more often than not) both
> groups to not have PDF readers installed on their computers (unless it
> came pre-installed on them anyways).

i would expect kids (teenagers especially) to have pdf readers in order
to read papers they need to read to do homework and school projects...
did i neglect to mention that pdf's are used a lot for research papers too?

> I would expect both groups to be
> more naive when it comes to spam as opposed to other groups - more
> likely to at least open and read it.

i don't see any reason to make age-based correlations with spam use...
experience-based correlations, perhaps (people who are new to the
internet are more likely to open spam than those who have been using it
frequently for 6+ months), but not age-based ones...

>> i think you're reading too much into the fact that they
>> respond to spam... i see no reason why they should be
>> significantly different from the average user as far as
>> pdf reader deployment goes...
>
> If the lack of an installed PDF reader on a system is an indication of
> a new or novice computer user,

a new or novice computer user may very well have a system where a pdf
reader is pre-installed because 'dude, you got a dell'...

a new or novice computer user is more likely to have gotten a system
pre-loaded with all kinds of things s/he doesn't need precisely because
they're novices...

[snip]
> I think we agree that resorting to the PDF format may be better (in
> the short term) for spammers to get their spam through to end users,
> but it's not a desirable format to insure they actually see the
> payload.

given all the various obfuscation techniques that have been used in the
past, do you really think the spammers care that much about optimizing
readability?

> I'm going an extra step by saying that systems with PDF readers on
> them are more likely to be owned and operated by those that are (even
> slightly) more likely to recognize and delete spam without even
> reading it.

and those that bought from dell (or any other company that pre-loads
lots of 'useful' things to add value for the consumer)...

>>> Arguably Google has played a role in making the PDF
>>> format more common and exposing it to more people by
>>> presenting PDF material in it's search results.
>> true, but it generally allows the user to 'view as html'
>> and as such doesn't necessarily drive people to install
>> pdf readers...
>
> I guess you like to argue with everything I say?
>
> Fine. Here's a counter-argument.
>
> The "view as html" is a very poor substitute vs viewing the original
> PDF document, so I wouldn't expect a given user to persistently view
> PDF files as html for very long before deciding to install a PDF
> reader.

i persistently use the view as html option, but i also persistently use
the view cache option as well... why? because then my search terms are
automagically highlighted for me...

if someone doesn't have a pdf reader installed and had the choice of
clicking on the view as html option or installing a pdf reader and then
clicking the search result, i would guess most would click on the view
as html option because it requires less clicks and less work... are they
missing something by not using a real pdf reader? sure, but they aren't
likely to know they're missing something because they aren't frequent
enough consumers of pdf documents to have a pdf reader installed...

>> the fact that it is a common format for many useful or
>> important documents means that many people are going to
>> be users...
>
> So what are you saying?
>
> That the number of systems currently without an installed PDF reader
> is zero?

now who's embellishing?

>> the fact that it has such a wide variety of uses means
>> that it will have a broad pool of users
>
> You're now arguing that a PDF reader is likely to be installed on the
> majority of systems. I'm not disputing that. I would tend to agree,
> and the fact that it comes pre-installed by some large vendors
> certainly helps that argument.
>
> But I'm betting that there are systems out there that don't have it
> installed.

and i'm betting that at least one bear shits in the woods...

of course there are systems that don't have it, but the correlations
you're making between not having it and responding to spam don't seem
well founded to me...

[snip]
>>> Clearly this conversation pertains to situations (or the
>>> implications) of a PDF reader NOT being pre-installed by
>>> a vendor,
>> no, clearly this conversation pertains to how *insignificant*
>> those situations are to the spammer...
>
> Isin't that an implication of whether or not a PDF reader is installed
> (by the vendor)? Which is what I said above, to which you answered
> "no" ?

no, and the reason is because you keep tying it exclusively to
pre-installation of the reader... you refuse to acknowledge the
possibility that pre-installation might be a non-sequitur in this case...

many sites that link to pdf documents link to the acrobat reader on the
same page to help the newbies and that drives user installation rates...

>> the spammer chooses a format that will get his message into
>> as many inboxes as possible ...
>
> That, and the rest of that paragraph, is mostly obvious.
>
> I don't buy the argument that PDF spam has a "clickability" advantage
> that makes it (even slightly) more likely for the average reader to
> open it just because it's a pdf. If that were true, we would be
> seeing more executable attachments masquerading as PDF attachments.

just because it hasn't happened yet doesn't mean it won't...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

07-11-2007, 11:44 PM	#31
kurt wismer Guest Posts: n/a	Re: New .PDF malware (?) Virus Guy wrote: > kurt wismer wrote: > >>> I've never seen PDF content being auto-rendered either as it's >>> own page or as a component of page unlike other components of >>> a typical web page (ie like html code, java script, JPG or >>> GIF images, etc). >>> >>> In my experience, PDF material (PDF files) are always >>> presented only as links that require the user to click on >>> them in order to view them. >>> >>> What browser has the option of rendering PDF files >>> "in-line" ? >> again, round and round we go... the acrobat reader includes a >> browser plugin that allows you to read pdf files right in your >> browser... > > Why are you incapable of understanding a simple concept? > > I'm trying to point out to you that PDF code or PDF files are not > automatically rendered in-line as a component of a web page and that > they must be clicked on by the user in order to be rendered. That > they can THEN be rendered within the browser by a plugin is > irrelavent. that pdf links have to be clicked on before the pdf can be rendered is just as irrelevant... i have to click on links to websites to get them to render too, so there is no difference from a user's perspective... > I'll try to make this simple for you. > > If I view a web page that contains code to display a graphic bitmap > (say, a jpeg or gif file) I will see the bitmap when I view the web > page. I will NOT see a link to the bitmap that requires me to click > on it to see it (unless that's how the web-author wants it to work). > > In contrast, PDF files are never rendered "in-line", automatically, as > part of webpage content like a gif or jpeg bitmap. no page is rendered automatically except your home page, ever other page is one you arrive at by clicking somewhere or typing in a url... conventional web pages and pdf's are identical in this behaviour... >> so you choose to believe that spam 'users' are less likely to >> be pdf 'users' to a significant enough degree to make this >> distinction worth pursuing... > > The home PC is common enough to be used by a wide range of people for > a wide range of reasons. When we dissect and analyze things at this > level, in the absense of other information, if I just had something as > basic as the presence or absense of an installed pdf reader, if I had > to form an opinion as to who is more likely to be spam-friendly, I > would say it's the people without a PDF reader installed. once again i say you're reading too much into things... i see no reason to make the correlation you're making here between the absence of a pdf reader and the likelihood of responding to spam... if that is what your gut is telling you then fine, but i don't trust your gut... >> somehow spam 'users' don't need government forms or product >> documentation or any of those other things that require a >> pdf viewer... > > Perhaps those people are kids or teenagers with PC's in their > bedrooms. yeah, because kids (who are generally lauded as being more savvy than their parents) are the spam users... > Perhaps they're senior citizens who have their kids do > their taxes for them. there's more to government forms than just taxes... > I would expect (more often than not) both > groups to not have PDF readers installed on their computers (unless it > came pre-installed on them anyways). i would expect kids (teenagers especially) to have pdf readers in order to read papers they need to read to do homework and school projects... did i neglect to mention that pdf's are used a lot for research papers too? > I would expect both groups to be > more naive when it comes to spam as opposed to other groups - more > likely to at least open and read it. i don't see any reason to make age-based correlations with spam use... experience-based correlations, perhaps (people who are new to the internet are more likely to open spam than those who have been using it frequently for 6+ months), but not age-based ones... >> i think you're reading too much into the fact that they >> respond to spam... i see no reason why they should be >> significantly different from the average user as far as >> pdf reader deployment goes... > > If the lack of an installed PDF reader on a system is an indication of > a new or novice computer user, a new or novice computer user may very well have a system where a pdf reader is pre-installed because 'dude, you got a dell'... a new or novice computer user is more likely to have gotten a system pre-loaded with all kinds of things s/he doesn't need precisely because they're novices... [snip] > I think we agree that resorting to the PDF format may be better (in > the short term) for spammers to get their spam through to end users, > but it's not a desirable format to insure they actually see the > payload. given all the various obfuscation techniques that have been used in the past, do you really think the spammers care that much about optimizing readability? > I'm going an extra step by saying that systems with PDF readers on > them are more likely to be owned and operated by those that are (even > slightly) more likely to recognize and delete spam without even > reading it. and those that bought from dell (or any other company that pre-loads lots of 'useful' things to add value for the consumer)... >>> Arguably Google has played a role in making the PDF >>> format more common and exposing it to more people by >>> presenting PDF material in it's search results. >> true, but it generally allows the user to 'view as html' >> and as such doesn't necessarily drive people to install >> pdf readers... > > I guess you like to argue with everything I say? > > Fine. Here's a counter-argument. > > The "view as html" is a very poor substitute vs viewing the original > PDF document, so I wouldn't expect a given user to persistently view > PDF files as html for very long before deciding to install a PDF > reader. i persistently use the view as html option, but i also persistently use the view cache option as well... why? because then my search terms are automagically highlighted for me... if someone doesn't have a pdf reader installed and had the choice of clicking on the view as html option or installing a pdf reader and then clicking the search result, i would guess most would click on the view as html option because it requires less clicks and less work... are they missing something by not using a real pdf reader? sure, but they aren't likely to know they're missing something because they aren't frequent enough consumers of pdf documents to have a pdf reader installed... >> the fact that it is a common format for many useful or >> important documents means that many people are going to >> be users... > > So what are you saying? > > That the number of systems currently without an installed PDF reader > is zero? now who's embellishing? >> the fact that it has such a wide variety of uses means >> that it will have a broad pool of users > > You're now arguing that a PDF reader is likely to be installed on the > majority of systems. I'm not disputing that. I would tend to agree, > and the fact that it comes pre-installed by some large vendors > certainly helps that argument. > > But I'm betting that there are systems out there that don't have it > installed. and i'm betting that at least one bear shits in the woods... of course there are systems that don't have it, but the correlations you're making between not having it and responding to spam don't seem well founded to me... [snip] >>> Clearly this conversation pertains to situations (or the >>> implications) of a PDF reader NOT being pre-installed by >>> a vendor, >> no, clearly this conversation pertains to how insignificant >> those situations are to the spammer... > > Isin't that an implication of whether or not a PDF reader is installed > (by the vendor)? Which is what I said above, to which you answered > "no" ? no, and the reason is because you keep tying it exclusively to pre-installation of the reader... you refuse to acknowledge the possibility that pre-installation might be a non-sequitur in this case... many sites that link to pdf documents link to the acrobat reader on the same page to help the newbies and that drives user installation rates... >> the spammer chooses a format that will get his message into >> as many inboxes as possible ... > > That, and the rest of that paragraph, is mostly obvious. > > I don't buy the argument that PDF spam has a "clickability" advantage > that makes it (even slightly) more likely for the average reader to > open it just because it's a pdf. If that were true, we would be > seeing more executable attachments masquerading as PDF attachments. just because it hasn't happened yet doesn't mean it won't... -- "it's not the right time to be sober now the idiots have taken over spreading like a social cancer, is there an answer?"