Start here: https://github.com/freedomofpress/dangerzone I've never used it, but I've been meaning to check it out. At least it should give you a jumping off point for further investigation. If that is insufficient, use proofpoint. For archives that are tickling bugs, you have to use a similar technique. it's not enough to analyze them and send them on... - Source: Hacker News / 7 months ago
I've read about the concept of "trusted PDFs" [1] from Qubes OS and the Dangerzone project [2]. I noticed people saying they use such tools to open applicant attachments in the context of employee hiring processes. Isn't it simpler to just open these untrusted files in a cloud service like Google Drive or Microsoft Office online? [1]... - Source: Hacker News / 10 months ago
You can use something similar on macOS, Windows or Linux, based on Docker containers, see Dangerzone: https://github.com/freedomofpress/dangerzone. - Source: Hacker News / 10 months ago
Https://github.com/freedomofpress/dangerzone has been a great tool to use as an added layer of defense. Definitely check out this users other projects as you can tell by the users name that they are made for journalists. Source: about 1 year ago
This is exactly what DangerZone is built for. Takes ‘dangerous’ PDFs, converts them to images and back (via OCR) so there’s nothing potentially harmful inside. Does all the conversion inside docker containers so there’s little chance of a sandbox escape or network access. Source: about 1 year ago
In light of the Linus Tech Tips hack, the CEO of the company wants us to find a way to securely open files uploaded by clients. I'm new to the team and with little development experience, but I want to learn. How can I implement this tool as an API? There's instructions for the GUI, but I can't really understand how you'd implement it without the GUI, just as a script that can run on every file uploaded to our... Source: about 1 year ago
Check out DangerZone. It encodes a .pdf (and other formats) to image data then converts it back to .pdf, optionally preserving OCR'ed text, so that any potential executable code hidden within is lost. For further security, all operations run sandboxed. https://github.com/freedomofpress/dangerzone. - Source: Hacker News / over 1 year ago
Isolating … like setting up a VM without net access or shared folders and then use e.g. dangerzone? Source: almost 2 years ago
Use dangerzone to create safe PDF files, although in my experience it doesn't complete the conversion for some PDF files. Source: about 2 years ago
An alternative is to use dangerzone, which does the same pdf to image to pdf conversion except using a container instead of a VM. Source: over 2 years ago
"Unsafe: BitTorrent over Tor....Don't torrent over Tor....Not only do you deanonymize your torrent traffic and your other simultaneous Tor web traffic this way, you also slow down the entire Tor network for everyone else....If you must work with files downloaded via Tor, we strongly recommend either using a disconnected computer, or using dangerzone to create safe PDF files that you can open. Under no... Source: almost 3 years ago
For a security focused method of flattening pdfs check out dangerzone. It uses docker to spin up containers to flatten the pdfs. It creates one container which opens the suspect pdf, word document, etc and converts it to an image. A second container takes this image and converts it to a pdf. Source: almost 3 years ago
Do you know an article comparing Dangerzone to other products?
Suggest a link to a post with product alternatives.
This is an informative page about Dangerzone. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.