Meanwhile, Adobe is updating blah de fucking blah
jesus christ. it never stops. luckily, i dont have to worry about it as of about a year ago. i dont even use flash on the floors here anymore
Microsoft has begun its 2017 with the release of four updates to address security holes in Windows and Office, while Adobe has posted fixes for more than three dozen vulnerabilities in Flash and Reader. Microsoft's January patch load includes: MS17-001, a fix for the Edge browser to address a flaw that would let a malicious …
I stopped doing *anything* flash when gnash wouldn't play with the latest unnecessary change to the file format. I don't need Adobe's spyware running on a BSD or Linux box, after all! Fortunately, HTML5 has taken care of that. Now, why IS anyone using flash these days?
>Because BBC.
>Thats why i have to read the BBC at work as i aint installing flash on my own gear.
As has been reported here many times, user agent switcher browser extension, use an iPad user agent, problem solved.
Ohh, and do contact the BBC on this matter, if we all do, they will get their act together!
Somewhat nitpicky, but that "unnecessary change" to the file format was essentially a complete make-over.
This is what brought it from "scriptable animation (primarily vector) toolkit" to "full-fledged application runtime". Back in the days it was actually really cool compared to the alternatives for cross-platform/in-browser stuff, or even graphical RAD in general (as to the latter, it actually still is to a large extent).
"Adobe has posted fixes for more than three dozen vulnerabilities..."
Does Adobe have any clue about their own software, or is it just a fly by night situation? Wouldn't you consider a major rewrite at some point? When your only real product depends on graphical performance, you'd think you'd rewrite the software for the best performance, let alone security. Adobe is lost in the 90's.
In case you're out of the loop on what's going on in "Creative Cloud".
1. Massive price hikes, volume licensing is a joke now.
2. Photoshop updates are basically bug fixes just like Flash.
3. Lightroom updates consist of porting photoshop "fun" features to it.
4. Everything performs horribly compared to competing products.
5. Massive price hikes.
I literally run WinTin just for Photoshop, it's a nightmare.
If Photoshop is terrible and it edits pictures, why doesn't someone use Capitalism to replace it with a better program?
That is already happening, also because not everyone is happy with the whole subscription malarkey. Affinity make damn good software that may not yet be as overfull featured, but it's scary fast, amazingly well supported (via forums where you actually get an answer!), FAR simpler to use and stupidly cheap for what you get. And they make great tutorial videos for it too. I especially like their support for full 360º images where you can change and edit information like on a normal image and it will then integrate it - it's very impressive to see.
I haven't touched an Adobe product in ages. The only thing I have installed is the Adobe Reader, and that hasn't been used (or upgraded) for about 6 months now - the only reason I keep it is because some (mostly government) organisations send me stuff that requires Reader features and are unreasonable about making it work more universally. I've been "Flash free" for about a year now and in general this works, except for the BBC where my browser has to pretend to be an iPad before they do the right thing..
If Photoshop is terrible and it edits pictures, why doesn't someone use Capitalism to replace it with a better program?
Because of network effects. Graphics people are trained in Photoshop, and there is an ecosystem of plugins. Same reason Windows hasn't been replaced succesfully on desktops. Capitalism is powerless with this kind of issue.
I literally run WinTin just for Photoshop, it's a nightmare.
Could I point you at Affinity Photo then? Far more resource friendly, better code, easier to use and at a price it makes it basically silly NOT to buy it.
They tend to have the betas freely available in their forums, so you you can try before you buy.
Not affiliated, just a happy user (on Mac, but there's also a Windows version).
Adobe knows it has almost no competition in the higher segment of the market, and it's exploiting it. While Serif+ products are good, they can't still replace (nor probably is their target), Adobe ones in that segment, where you may need to add features (i.e. colour separations, IIRC they added spot colours support last year in Affinity Designer) used only by a relatively "smaller" percentage of professional users, but which are critical for some professional tasks, increasing the overall cost of a product with a limited return, especially if you have to catch up with a product already established as the market leader. But eroding the bottom line is a good way to increase customers and revenues.
For a while company like Corel, Micrografx, Aldus were competitors - but Corel (yet a pale image of the former self) they no longer exist.
All very well for you young folk. But the way things are going with spying, DRM and unreasonable protection of the rich and well connected, I expect that by 2050 things will be back to analog landlines and an extremely thin screen on the wall that shows nothing but cat videos and repeats of Top Gear (like WW2 films, so the kids can wonder at what their parents used to get up to.)
Young man, why you look so appalled.
I said, young man, better get used to it now.
I said, young man, 'cause you're in a new age
There's no need to read the EULA.
Young man, there's naught you can do.
I said, young man, when you feel so observed.
Shark the wire , and I'm sure you will find
Many ways to lose your data.
It's fun to send te-le-metry.
It's fun to send te-le-metry.
etc. etc.
That is *wonderful* :)
Regarding EULAs, allow me to assist by referring to this comic. Enjoy :).
@Electron; yes; but there are still some programs that don't work properly without higher acres permissions.
@Doc; my account has the privileges to edit my files - that doesn't mean that I want someone pwning my system and stealing/editing/deleting them, even if they still don't have permissions to do admin stuff.
>Err... ... it is, and it's been that way for more than 10 years. Ever since Vista.
Really !
Tell me what profile are you dumped straight into by default on a single PC install ? Don't give me that crap about UAC and admin, go and add up the CVE's that are mitigated by running as a PROPER STANDARD USER.
https://blogs.microsoft.com/microsoftsecure/2010/03/30/be-safer-run-as-standard-user/
http://www.zdnet.com/article/admin-rights-key-to-mitigating-vulnerabilities-study-shows/
This post has been deleted by its author
Some of us need a version of Office that actually works...
If you define "works" as doing what an Office package should do for about 95% of users, LibreOffice can comfortably claim that. You haven't tried using it for more than a week or you'd know that, and it has the added bonus that nobody tries to mess around with the UI to sell a new version so your staff has to relearn again and again where the f*ck Microsoft hid the functions they were using just fine before the update. Oh, and it works on a proper, official, arrived-at-through-real-consensus Open Standard rather than a bribed one that the company itself has trouble supporting, but that's just detail.
Not to mention that full functionality of Libre Office requires Java installed - which is second only to Flash as a security hole...
Been using it company wide for about 4 years now without any Java present. Try judging it based on facts, not on Microsoft marketing. Bonus benefit: our staff can use it at home just as well - no license risks - and it renders the same on Linux, macOS and Windows.
"If you define "works" as doing what an Office package should do for about 95% of users, LibreOffice can comfortably claim that"
Working 95% of the time isn't good enough for most businesses. Hence presumably why adoption of Libre Office is still close to zero....
"Oh, and it works on a proper, official, arrived-at-through-real-consensus Open Standard rather than a bribed one that the company itself has trouble supporting"
Microsoft Office works far better than Libre Office in regards to ODF support. The Libre Office forums are full of issues with it's standards support...
"Bonus benefit: our staff can use it at home just as well - no license risks "
But many of your staff will already have MS Office or Office 365, so it then sucks when their files don't work properly, and features they used at home are not supported in the office.....
Microsoft Office works far better than Libre Office in regards to ODF support. The Libre Office forums are full of issues with it's standards support...
Oh, here we go again. Repeating an untruth often doesn't make it reality - and I suspect you know full well that that is utter BS.
But many of your staff will already have MS Office or Office 365, so it then sucks when their files don't work properly, and features they used at home are not supported in the office.....
As a matter of fact, none of our staff use it, for a number of reasons. Our company has some of the strictest security and compliance requirements in Europe for a non-governmental setup and we prove again and again that Microsoft's "EU only" cloud isn't as "EU only" as it pretends to be, and our risk management extends to helping staff and family being secure at home and prevent them being abused as backdoors or being forced/leveraged into becoming so.
We know a lot more about Microsoft than they are comfortable with - and they know...
This post has been deleted by its author
Odd, because for several years I was responsible for patching large numbers of servers, and never had a post patch issue.
Only problem recently was caused by a .NET upgrade, and that's really down to the application that relies on it.
Is it really so bad for everyone else? I've never been responsible for desktop deployments of patches, is it worse out there? Never had a problem on any of my personal machines running scheduled updates, so why the derision?
"Good luck trying to update Edge on any other version of Windows."
That was my thought when I read that line, although I suppose it's better for Microsoft to be explicit about it.
Personally, I'd like them to fix Edge so it actually remembers my Favorites / bookmarks for more than a week. (It worked OK, then blew its brains out and reinitialized itself, and ever since then it forgets what I put in the Favorites bar about once a week.)
And that's why MS has pretty well every business over a barrel and will continue to ... well, you know what they'll do, each and every month. Pay up or else you lose access to your data.
I'm in the process of shutting down my business as I'm retiring and will take great delight in giving MS the finger next month.
"Meanwhile 2 Linux OSs topped 2016"
Yep, because they are actually useful and functional out of the box and include a lot of applications, including an office suite and image editors. Windows by itself is largely useless until one installs the apps they need.
Be interesting to compare CVE count with Windows after it has all of the equivalent apps installed.
"Be interesting to compare CVE count with Windows after it has all of the equivalent apps installed."
Well I haven't seen figures for that, but Windows historically beat both enterprise Linux and OS-X by quite a long way for vulnerability counts when the installs were made equivalent to Windows in terms of what was installed...
This post has been deleted by its author
But it's still not apples vs apples. Windows doesn't have repositories of thousands of apps built-in counting towards vuln counts, so there is no way of reliably comparing this without a lot of effort and research. So with no suitable evidence provided, your statement is completely worthless.