Modern PDF security

First released in 1992, the Portable Document Format (PDF) shows no signs of disappearing. The format has become a business standard and the preferred format for sending files to a print shop. Closely related to PostScript (PS), PDF has the advantages of ensuring that files are seen exactly as the user intended and of eliminating concerns about the supported formats or available fonts on the recipient's word processor. Yet for all these advantages, the PDF format comes from an era less concerned with privacy and security. It does include privacy and security permissions, but these are primitive by modern standards. In fact, these tools are literally a joke. As I have heard several times, PDFs exist in one of two states: compromised and about to be compromised. Fortunately, the means exist to address issues that the PDF format itself does not. In addition to the countless scripts available for editing PDF content and structure, there are also a growing number that enhance privacy and security.

PDF password protection continues to be used for the simple reason that it is widely available. LibreOffice users, for example, can set it by selecting File | Export As | Export As PDF… | Security. From this path, a password can be set to open a PDF file, as well as grant permission for if and how the file can be printed, edited, or copied. These settings will control a PDF file's use by unsophisticated users, but they are no match for modern cracking tools. Aside from the laxness with which many users handle security, if the file is read in an environment in which the reader can control permissions (i.e., in most modern operating systems), the password protection is easily and quickly bypassed [1]. LibreOffice itself provides stronger protection with the option of using a digital signature or a personal GPG key by selecting File | Export As | Export As PDF… | PDF Options | Digital Signatures (Figure 1). While this option guarantees the sender's identity, it does not cover every circumstance.

Depending on your purpose, you may want to use one of the scripts found in the repositories of Debian and other major distributions. Some of these scripts can carry out numerous functions, but here I will only detail their privacy and security functions. Note that several have no man page, instead offering only a brief help option, which should be enough to figure out their use.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Reconstruction

    Use QPDF to easily make structural changes to your PDFs, including reorganizing pages, creating watermarks, setting encryption options, and changing permissions.

    more »
  • LibreOffice Writer PDF Security

    Depending on your needs, LibreOffice Writer offers varying degrees of security for PDFs.

    more »
  • Protected Text

    Scattered in Writer’s menus are a surprising number of tools to keep your documents safe.

    more »
  • EncryptPad

    EncryptPad provides symmetric text encryption directly from the editor. You can also use EncryptPad to encrypt binary data.

    more »
  • NEWS

    In the news: LibreOffice 6.4 Released; Official Evernote Client Coming to Linux; Thanks to Linux, Google and Valve are Bringing Steam to Chromebooks; Nine-Year-Old Bug Found and Fixed in Sudo; and Systemd-homed Is Coming to a Linux Distribution Near You.

    more »
comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News

Tag Cloud

Administration Community Events Hardware Linux Linux Pro Magazine Mobile Programming Security Software Ubuntu Web Development Windows free software open source