Adobe still existing
Can anybody explain to me why Adobe still exists and hasn't gone bankrupt long since?
Adobe has issued its first patch of the year, emitting fixes for a pair of high-risk vulnerabilities in Acrobat and Reader. The APSB-02 security bundle is being recommended as a high-priority fix, so install it as soon as you can. The two CVE-listed bugs haven't been targeted in the wild yet so admins are advised to get the …
IIRC they have proved that making Photoshop a subscription limited licence is a better revenue stream than selling one-off unlimited life licences for new releases. IIRC with a subscription you lose the use of the tools if you discontinue your subscription. Not sure if they have done the same with PDF editing software.
The cloud on the horizon for Windows users is that Microsoft seem to be edging that way too.
Their mainstream products rely on the license model - corporations had to switch from single use purchase to a small monthly fee ($40/user) to continue using them. The monthly fees are paid by credit card and unless someone looks very carefully at the corporate credit card statements, they continue with the licenses forever ... even if the original user stopped using any of the applications.
Do the math, $40 times 10,000,000 users each month (and that's a conservative estimate).
Have you ever looked at the PDF spec? I wouldn’t blame you if you haven’t by the way, because A) you’ve got to pay ISO a not inconsiderable amount for the privilege, B) it’s very, very, very large, C) it’s boring, and D) it’s not always terribly clear...
Highlights include the ability to silently execute arbitrary code (either on opening the document or when specific triggers (reaching a particular page, clicking on a word/phrase, etc, etc) occur, playing external media content, opening web pages, access to the local file system, and exporting data through http post requests. Rendering documents on the screen (while supposedly the primary purpose, what most people think It does, and what most users do with it) barely scratches the surface, and even if Adobe Reader (and any third party code or OS APIs it uses) was coded perfectly it would still provide numerous opportunities to compromise any system it’s installed on just by strict compliance with the spec...
And who the hell put all that crap on the PDF spec and why? If PDF is supposed to be a "paper-on-screen" format, I can't think of any kind of tangible paper sheet that executes code or connects to remote servers.
Then, if PDF is not anymore a "paper-on-screen" thing, we need another one that just does that and nothing else.
PDF is (was) primarily about determining how a printed page should look.
PDF Readers tend to provide a less strict interpretation of the spec with the emphasis on displaying something rather than showing it correctly.
As mentioned above the PDF spec nowadays also covers multi-media, hyper-links, and other shinies.
Is there a way we can get a minimalistic PDF reader that just renders stuff. No code execution, no access to local files, etc.? Oh, you mean documents which include other documents? Should be a local file read ... if other software can safely access files Adobe can too.
Adobe seems to have done a good job capturing the market and then doing everything possible to give it away. I once was invited to a security Webinar requiring me to install Adobe Flash. I sent Intel a polite note explaining the problem ...
Adobe Acrobat Reader 4 is the best, because it won't do those nasty things to your computer. It won't even play Real media files. It is a very small - only 2.2 mb. program that's fast and simple. It won't connect itseelf to the internet. Why do they make the bloatware? Who would pay $500+ to read a document. Who needs a Huge array of tools.
Biting the hand that feeds IT © 1998–2020