Modern PDF security
pdf-redact-tools
Redaction is the removal of private or sensitive information prior to releasing a document to the public. Often used in conjunction with the release of official government documents, redaction is visible in blacked out words or paragraphs. In business, redaction may also be necessary, most often when an internal document is released to the public. pdf-redact-tools
[6] aids redaction with three options. It turns each page of the PDF into a PNG file in a new directory, an operation that can also be done manually by converting a PDF into a multi-page TIF file. With --sanitize FILE
(-s FILE
), a script cleans up possibly sensitive file names, much like a bulk file renamer. However, the most useful option is --achromatic FILE
(-a FILE
), which converts color files to black and white to thwart identifying the printer a file is associated with by the use of unique printer dots – a practice that is little known to the public but widely known by civil rights groups and privacy experts [7]. This option, too, can be done manually in a graphics editor such as Gimp. However, having all these tools for redaction semi-automated and carried out by a single command is convenient. If you have trouble using pdf-redaction-tools
, which is no longer maintained, search for other Linux redaction tools online.
pdfresurrect
The main use of pdfresurrect
[8] is for viewing a file's versioning data. Using -w
, you can view the versioning history, and -q
returns only the number of versions that have been made. With -i
, you can view the objects in the file, as well as details of how the file was created and who created the file, if available (Figure 4). Any of this information could be sensitive – for instance, the versioning could be used as proof that the file was changed, or the file creator could be used to assign blame for the content. To avoid such cases, you can use -s
to scrub or redact all this information.
Modernizing PDFs
The PDF format, a relic from a more trusting age, is three decades out of date. While probably millions use its default permissions, these permissions are no longer adequate for more than the lightest of privacy and security. Today, the necessary encryption level has increased dramatically, and redaction was not even considered in the PDF standard. If privacy or security matters to you, I suggest that you use one or more of these tools with your PDFs. To do otherwise is to labor under a false sense of security.
Infos
- PDF insecurity: https://www.locklizard.com/password-protect-pdf/
- pdfcrack: https://sourceforge.net/projects/pdfcrack/files/pdfcrack/pdfcrack-0.19/
- poppler-utils: https://pkgs.org/download/poppler-utils
- QPDF: https://qpdf.sourceforge.io/
- QPDF options: https://qpdf.sourceforge.io/files/qpdf-manual.html#ref.basic-options
- pdf-redact-tools: https://github.com/firstlookmedia/pdf-redact-tools
- Printer dots: https://www.bbc.com/future/article/20170607-why-printers-add-secret-tracking-dots
- pdfresurrect: https://github.com/enferex/pdfresurrect
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.
-
ZorinOS 17.1 Released, Includes Improved Windows App Support
If you need or desire to run Windows applications on Linux, there's one distribution intent on making that easier for you and its new release further improves that feature.
-
Linux Market Share Surpasses 4% for the First Time
Look out Windows and macOS, Linux is on the rise and has even topped ChromeOS to become the fourth most widely used OS around the globe.
-
KDE’s Plasma 6 Officially Available
KDE’s Plasma 6.0 "Megarelease" has happened, and it's brimming with new features, polish, and performance.
-
Latest Version of Tails Unleashed
Tails 6.0 is based on Debian 12 and includes GNOME 43.
-
KDE Announces New Slimbook V with Plenty of Power and KDE’s Plasma 6
If you're a fan of KDE Plasma, you'll be thrilled to hear they've announced a new Slimbook with an AMD CPU and the latest version of KDE Plasma desktop.
-
Monthly Sponsorship Includes Early Access to elementary OS 8
If you want to get a glimpse of what's in the pipeline for elementary OS 8, just set up a monthly sponsorship to help fund its continued existence.