dangerzoneDec 2, 2022

Dangerzone 0.4.0 has been released! This release includes more convenient functionality for converting more than one document at a time, support for Fedora 37, Ubuntu 20.04 and Ubuntu 22.10, and several other bugfixes and improvements.

See https://dangerzone.rocks/ for installation instructions and see our changelog for details:

https://github.com/freedomofpress/dangerzone/blob/main/CHANGELOG.md#dangerzone-040

Dangerzone

Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF.

halophoenixJul 13, 2023
Show threaddangerzone

Dangerzone lets you take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs.

Say you're a journalist receiving a tip in the form of an electronic document. It could be your next big story, or it could be a file containing malware intended to spy on you.

Dangerzone is intended to help anyone manage these risks when dealing with electronic documents. See our "About" page for more information:

https://dangerzone.rocks/about.html

Dangerzone

Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF.

Dec 2, 2022 at 1:09amWeb
Show threadDavid GerardDec 2, 2022
@dangerzone literally could have done with this two nights ago 😄
Show threadAlbatroz JeremiasDec 2, 2022
@dangerzone yeah cool project.. buuuuuut, maybe would be also cool to incentivate people to install linux.. :)
Show threadJoby (chaotic good)Dec 2, 2022
@jeremias @dangerzone or maybe instead of being a snob it’s better for all of us to meet people where they’re at and provide *everyone* with widely accessible tools to improve their security and privacy 
Show threadAdam Shostack  Dec 2, 2022
@dangerzone This is awesome, thank you.
Show threadEQV AnalyticsDec 2, 2022

@dangerzone

I'll admit I'm intrigued. Anyone here have any hands-on experience with Dangerzone for threat reduction when you just *have to* open an untrusted email attachment?

Show threadmkbDec 2, 2022
@dangerzone This is genius.
Show threadWtfPdfJul 13, 2023

@dangerzone

And then after processing each file, we hurl the server into the sun!

Seriously, tho, this is what it takes. I 😍 what you're doing.

Parsing is dangerous...really, really dangerous.

Show threadJustin DerrickJul 13, 2023
@dangerzone My first thought is... Is adding Docker Desktop wise? Increasing attack surface, etc, etc.
Show threaddangerzoneJul 13, 2023

@JustinDerrick

We're definitely interested in exploring alternatives - please don't hesitate to weigh in on https://github.com/freedomofpress/dangerzone/issues/118

Investigate removing Docker Desktop dependency for Windows and Mac · Issue #118 · freedomofpress/dangerzone

It would amazing if Dangerzone could be a standalone program without requiring the user to separately install Docker Desktop. Dangerzone relies on Linux containers though, and so Docker Desktop run...

GitHub
Show threadKrutonium://Jul 14, 2023

@dangerzone As much as this seems like a neat idea, and is likely made with good intentions, all I can think is if I was a nation state, or even just a random hacker, this is both (A) a really great target to hit for infecting users or even just passive surveillance, or (B) setting up as a malicious actor for both of those same reasons.

:/

Show threadErik MoellerJul 14, 2023

@krutonium

Care to elaborate? Dangerzone runs locally on your computer and works offline - it's not a web service.

Show threadMysturjiJul 14, 2023
@eloquence @krutonium
Is that link safe?🤨🤓🤔
Show threadKrutonium://Jul 15, 2023
@mysturji @eloquence What link?
Show threadMysturjiJul 15, 2023
@krutonium @eloquence
I meant the dangerzone link. Sorry, replied to the wrong toot in the thread. Oopsy.
Show threadKrutonium://Jul 15, 2023
@eloquence Ah, I thought it was a service people could host for other people. Still feels... I dunno, running it locally just means they escape a sandbox and have access before you even open the document yourself. And that assumes they don't compromise the software itself; such things do happen.
Show threadErik MoellerJul 15, 2023

@krutonium

The containers are networkless and a container escape is far from trivial -- which is far preferable to opening a potentially unsafe document without a sandbox. The result is effectively a virtual photocopy of the document which protects the user from malware, tracking beacons, etc.

See https://dangerzone.rocks/about.html for a bit more detail on how it works.

Dangerzone

Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF.