[mondaymusings]

1. The PDF format is wildly overcapable compared to the majority of actual use (view text, tables and images).

2. The number of user devices with unpatched PDF readers is likely large.

3. The system of paywalled scientific knowledge drives millions of students and researchers to get their science PDFs from scihub and libgen pirate sites hosted in former Soviet countries, sometimes over http (not https).

These three facts combine to a huge vulnerabilty space.

On the flipside a sane and open PDF replacement format that also offered reduced file size could gain many users quickly by convincing scihub and libgen to convert and offer their files in the new format to cut costs and shorten download time, with reduced vuln as a positive externality.