No flash update...
So that's still secure, right?
Adobe on Tuesday published updated versions of its Acrobat and Reader software to fix fourteen flaws, four of which have been designated "critical." These updates should be installed as soon as possible to close off their vulnerabilities. The security bulletin (APSB20-67) covers Acrobat DC, Acrobat Reader DC, Acrobat 2020, …
"No, I don't want...
Sounds like you don't want Acrobat at all, sorry, it's "industry standard"...
People go on and on about "Acrobat" (be honest people, it's just PDF) and its portability and printability, but last I checked there was this thing called HTML that is constantly developed by literally millions of eyes and not by 1 company with a proprietary "suite" of
bugs features. I guess it's a "squeaky wheel" scenario, because you never hear about the majority of people's complaints that are "... great... now I need a .pdf program that isn't malware".
Call me non-professional or whatever, but if it doesn't load in Firefox... it doesn't load ever. The same with "PowerPoint" (such an ironic name), which itself also has the same answer as "Acrobat".
People go on and on about "Acrobat" (be honest people, it's just PDF)
PDF != Acrobat. It's entirely possible to have a PDF renderer which doesn't support scripting and much other Acrobat idiocy.
I'm not a huge fan of PDF; for the vast majority of documents I'd prefer HTML1, or Markdown2, or plain UTF-8 text.
But there's a place for proper typographic layout. Book-length works, and even many shorter articles, are far more pleasant to read when they're laid out well. HTML+CSS simply can't do that. It can't do proper ligatures or kerning or digits with descenders or micro-protrusions or any of the other things you'll get with, say, pdflatex output.3 And for those applications, PDF remains the best choice. None of the other widely-available formats really handle that properly.
1Real HTML: POSH, cleanly formatted, with minimal CSS, and no scripting. Minimal scripting which degrades gracefully if it's disabled is acceptable for web pages.
2I generally find Markdown unnecessary, but if for some reason people feel compelled to have some markup and formatting in documents that would work just fine as plain text, it's safer and more readable in source than HTML.
3Yes, in principle, you can get some of those things with CSS and fonts, if you can find suitable high-quality fonts and you go through a lot of trouble. But anyone who lets the browser download arbitrary fonts from arbitrary sources ... well, you might as well use Acrobat.
You can use Sumatra PDF that's 100% free and open-source, since they replaced their rar plug in for an open source version. That on Windows, Linux has even more options.
Want to actually make and edit PDFs? With some workarounds LibreOffice can be used for that. Is not as good as a paid solution but hey, it works.
For legal documents PDFs are a thing (banking/medical/judicial). The problem with some pdf readers - especially Adobe is that it has system level access. This is why a couple years ago at defcon they were able to - send a PDF to a person though email, soon as they opened it - it pulled the cashed user password and put it on the screen. As a proof of concept. They said in reality they would just use that user name and password to automatically connect other systems that account had access to, until if found domain admin creds. They did give the info to Adobe and they patched it. But the reason all these exploits exist is the level of access the app has to the OS. Other PDF readers are more contained. Anyways the problems with Adobe are also on MS, since they gave to much access away. This is why some malicious PDFs aren't malicious on some lesser known readers, lack of permission to be bad.
Biting the hand that feeds IT © 1998–2021