It's written by Shriram Krishnamurthi, who is a really interesting researcher who cares quite a lot about CS education.
Obviously, not helpful against three-letter agencies who like to sit on browser zero-days until they need to use them, but against most threats you'll be fine.
Is it possible that you can download malware and VirusTotal not pick it up? there's a small chance. But, in my estimation, no one is really going to burn a novel strain of malware on free ebooks. It's not targeted and that site isn't a good watering hole to deploy novel malware.
Novel strains of malware are usually reserved for specific targets. Unless you're a high profile target of an authoritarian government or known to have a high networth, I don't really think you're going to get hit with the novel stuff.
TL/DR: VirusTotal will probably be enough for the average user. But no one can guarantee safety when you're downloading random files on the internet.
As well as possible code execution vulnerabilities in Evince, in 2019 and 2011:
They have also had a command injection vulnerability, in 2017:
These and other reported security vulnerabilities for Evince are listed here:
I think in the case of all software it is safest to assume that opening a file that you downloaded from the internet has the potential to do harm, regardless of whether you are using Linux, macOS, Windows, or some other operating system, and regardless of what software you use to read the file.
The best mitigation would be to keep a separate device that you use purely for unauthenticated internet browsing and opening files from the Internet. Never accessing any personal data on that device. In reality almost all of us will use the same devices for our personal files and data, and for browsing the internet and opening random files that we downloaded.
It is interesting to note that the statistics for known security vulnerabilities in Evince..
..pales in comparison to the statistics for known security vulnerabilities in Adobe Acrobat Reader:
I wonder if it indicates that Evince is so much more secure than Acrobat Reader.. Or is it simply the case that Evince has not been subject to the level of scrutiny that Acrobat Reader has been? And if so, there might be more unknown security vulnerabilities lurking under the surface of Evince than in Acrobat Reader.
> Therefore, this website is as legal as search results of any search engines like Google, Yahoo, etc.
It's worth pointing out that this site may link to copyrighted material.
Bittorrent is legally clear-cut, because the sharing part is a clear copyright infringement (you are distributing the work without authorization).
Streaming (typically) isn't that clear, because consuming the work is technically not forbidden by copyright law in most countries. It's a bit like reading a book in a bookshop without buying it.
Detection is fairly easy in both cases, they just cannot go after consumers.
I suppose I'm wondering about the realistic ability to detect and ability to prosecute. I'm not really concerned with legality for legality's sake.
There is no technical solution to the anti-piracy war, it's entirely a legal problem.
For example, my IP address is paid for by me, through a run-of-the-mill ISP subscription. Does that make me legally liable for all the activity of the other person that lives with me and uses "my" network for all their private internet traffic?
I guess there are laws about facilitating piracy, and whatnot, but you can't reasonably expect me to screen all my fiance's activity on the network. Most of it is encrypted anyway. I can't be on the hook for that.
I'm privileged in that I have an ISP that feels the same way as I do about this. They've fought for the privacy of their subscribers before, and will likely keep doing so in the future, because an IP address does not identify any individual.
I don't think you should be held responsible for the actions of the other people on your network if they can be held responsible.
What do you propose should happen if your network is in fact used to facilitate criminal or tortious activity?
That’s the funny thing about downloading copyrighted works with BitTorrent in Germany, it automatically counts as "at scale" for the courts because you’ll have many peers that all download a bit from you.
2. I turned off my adblocker and checked, it's not fair to call it a "pop-up", it's more like it slides up from the bottom of the screen whenever you load a new page.
Nonetheless ads obviously allow access for all.