[JupiterMoon]

In response:

(a) I wish I could but I doubt I ever will. I've heard so much bad stuff about US border guards being annoying and transiting through the US being slow and painful that I won't even use a US hub anymore.

(b) Cool I guess I can't know if this is true without opening it though? This is partly the fault of the pdf spec itself. Maybe a more transparent document format would help (does that even exist)?.

(c) I suspect that they already have them.

Furthermore. I actually really want to read it. I'd really like to trust the NSA. However, their record is not good on being trustworthy.

[leni536]

How is PDF not as transparent as any other open binary format (though PDF is more like mixed)?

Edit:

> Maybe a more transparent document format would help (does not even exist).

I don't know if more transparent, but djvu exists for scanned documents. Postscript also exists but I would doubt that it's safer than PDF.

[JupiterMoon]

I am aware that the pdf specific is open. However pdf does a lot of things and is somewhat complex. I argue more than is needed for transmitting documents. Can you personally verify that a given pdf does nothing malicious?

[leni536]

Can you personally verify that a given jpeg does nothing malicious? Same thing, you trust (or not) your reader and its parser and hope it doesn't have any remote code execution vulnerability. Or you stop reading PDF files and stop viewing images.

[JupiterMoon]

Nope I can't. In reality how many exploits have actually been contained in jpegs vs pdf though?

[leni536]

That's an other question. Parsers of multimedia formats often have nasty vulnerabilities though. The most vulnerable part of PDF readers is the handling of embedded javascript. It can be easily evaded by using a viewer that doesn't implement the javascript functionalities of PDF, most files don't use it anyway.

[JupiterMoon]

Wow this got a lot of downvotes. I don't normally comment on downvotes but I'm wondering why so many? What about this is causing annoyance?