Saturday, September 3, 2011

Privacy issues with PDFs created using Preview.app

I just found a small privacy issue affecting Preview.app. If you wanna see a demonstration simply watch the video below. I am making this issue public so that every user can find out about it and is able to prevent bad things from happening with their (private) data. In addition to that I have already reported this issue to Apple. What do you think about this?


Download the video

You can add you comment here and/or ping me on Twitter. :)


4 comments:

  1. No need to rotate the pasted PDF - you can see the entire document by simply clicking View > PDF Display > Media Box.

    ReplyDelete
  2. Thank you very much for your comment. I found it out via the rotate gesture so thats why I showed it that way and I didn't know better. :) Even more scary...

    ReplyDelete
  3. This is a technical issue with PDF, not a security one. It is a very hard job to actually remove most of the data around the cropping area without changing the content in every edge case. Just adding the crop box is the obvious solution, and has been this way since the beginning of mac os x. If you want to be sure to not send additional data, save as png or take a screenshot at a resolution of your choice.

    ReplyDelete
  4. Oh - one of my favorite podcaster here in my blog...

    I am well aware of the fact you mentioned. But if you use the crop-command then you will see a warning that explains the described behavior:

    "The content outside the selection is hidden in Preview, but you might be able to view it in other applications."

    This warning is missing if you use the copy-command. And IMHO this is a flaw in the software. Again: I am well aware of the fact that its a hard job to remove the data around a rect in a PDF document. Even some tools that are included in some LaTeX distributions have problemens dealing with this. But then the right choice would be to show a warning dialog - don't you think?

    ReplyDelete