I use markitdown[0] religiously. You’ll lose fidelity for anything complex (math equations, images), but it does a great job 95% of the time in my experience.

I’m assuming the attack surface is reduced. I invoke it through a docker container. But this might be a misplaced sense of safety.

[0] https://github.com/microsoft/markitdown

Open it with Firefox. The Firefox PDF renderer is implemented in Javascript and sandbox-restricted like any unknown web site.

Dropbox is rendering that pdf as html, so using that link should be safer than downloading the pdf.

Sumatra PDF if you are on Windows.

A one-way link (data diode) transmits it to a box with simplified hardware (eg RISC architecture). The box has a dedicated monitor and keyboard. Once you're finished, you sell the box on Craiglist. Then, buy a new, sealed replacement from Best Buy.

Pay per view was an expensive, business model for cable. For PDF's, it's even more expensive.

Note: It's more convenient than full, per-app, physical security.