Hello.
I recently came across this article describing attack vector from PDF files
https://micahflee.com/2016/07/how-qubes-makes-handling-pdfs-way-safer/
Having done my share of PDF downloads (and viewing them), I decided to look into patching HardenedBSD to my OS (asked elsewhere). I use my PC as Desktop/Workstation. In the mean time I'm curious about:
1. What would be the recommended way to check whether the system has already been compromised in some fashion? The answer is probably "you really can't"?
2. So the next Q would be: How could I go about installing a sanitised environment? Downloading an ISO and placing it on a cdrom/USB to boot from would not improve the situation IMHO, if the system has been attacked. Then there's the issue of sanitising all the files, documents, images ...
3. How could one go about sanitising existing PDF files on FreeBSD? One way would be to install qubes OS in a VM and process it there, but I wonder if that's overkill. A script to just convert all the files to txt format might do the trick, processed in an trow-away jail?
Admittedly, I'm a bit confused and freaked-out by the whole thing.
Thanks for your input.