Slashdot Mirror

According to "several real-world tests and synthetic benchmarks," the new iPhone XS and XS Max, equipped with the world's first 7-nanometer A12 Bionic processor, are the world's fastest smartphones, reports Tom's Guide. They even significantly outperform Qualcomm's Snapdragon 845 chip. From the report: Geekbench 4 is a benchmark that measures overall performance, and no other phone comes close to Apple's new handsets on this test. The iPhone Xs notched 11,420, and the iPhone Xs Max hit 11,515. The older iPhone X scored 10,357, so that's about an 11 percent improvement. There's a lot more distance between the new iPhones and Android flagships. The fastest Android phone around, the OnePlus 6, scored 9,088 on Geekbench 4 with its 8GB of RAM, while the Galaxy Note 9 reached 8,876.

To test real-world performance, we use the Adobe Premiere Clips app to transcode a 2-minute 4K video to 1080p. The iPhone X was miles ahead last year with a time of just 42 seconds. This time around, the iPhone XS and iPhone XS Max knocked it down further to 39 seconds. The Galaxy S9+ took 2 minutes and 32 seconds to complete the task, and that's the fastest we've seen from an Android phone. The OnePlus 6 finished in 3:45, and the LG G7 ThinQ took 3:16. One good way to measure real-world performance is to see how long it takes for a phone to load demanding apps. Because the phones have the same processor for this round, we just used the iPhone Xs Max and put it up against the iPhone X and the Galaxy Note 9. The iPhone XS Max was faster every time, including a 15-second victory in Fortnite over the Note 9 and 3-second win in Asphalt 9. The phones were closer in Pokemon Go but the iPhone XS Max still came out on top. The new iPhones did lag behind the competition in the 3DMark Slingshot Extreme test, which measures graphics performance by evaluating everything from rendering to volumetric lighting. The iPhone XS Max and iPhone X received scores of 4,244 and 4,339, respectively, while the OnePlus 6 received a score of 5,124.

As for the GFXBench 5 test, the iPhone XS Max achieved 1,604.7 frames on the Aztec Ruins portion of the test, and 1,744.44 frames in the Car Chase test," reports Tom's Guide. "The Note 9 was far behind at 851.7 and 1,103 frames, respectively. However, the Galaxy S9+ edged past the iPhone XS Max on this test."

nehumanuscrede writes: Adobe ruffled a lot of feathers when they decided to cease selling their standalone products and go subscription only. While a lot of folks complained, it doesn't seem to have had much (if any) of a negative impact on Adobe financially. Now, according to PetaPixel, Adobe is poised to cease support for older operating systems by depriving those users of upgrades and updates beyond the cut-off date, even though those users are paying customers (and have been for years). I'm curious if those impacted will upgrade to the more modern OS, or simply find an alternative to Adobe software (paid or otherwise).

Personally, I'm still rocking Windows 7 because, in my opinion, there isn't anything wrong with it. So, in the near future, it seems I'm going to have a choice to make: Drop my Creative Cloud subscription, upgrade to an OS I absolutely loathe like Windows 10, or continue paying full price for apps that will cease receiving updates (which was Adobe's whole argument for going with the subscription method in the first place so folks will always have the latest updated software). What are your thoughts? "Your Windows won't be supported if you haven't upgraded beyond the Windows 10 Anniversary Update (v1607) that was released to the public on August 2, 2016," reports PetaPixel. "And if you're on a Mac, you won't be supported if you haven't upgraded beyond Mac OS 10.11 (El Capitan), which was released on September 30, 2015."

Neowin reports of Adobe's recent announcement of its new Marketing Cloud Device Co-op initiative: The announcement of the new solution for tracking customers across devices was made at the Adobe Summit this week in Las Vegas to a digital marketing conference. According to an Adobe blog post released earlier this month citing Forrester, consumers are increasingly accessing multiple devices before making a purchase decision -- an average of 5.5 connected devices per person. This behavior creates a challenge for retailers, who cannot easily target people in their marketing campaigns, ultimately depending on Facebook or Google to track people instead of devices. Both Facebook and Google are able to do this job because of the massive amount of users logged into their ecosystems regularly, so most retailers have been opting to use those platforms as a way to reach potential customers. But Adobe's approach is to provide a platform agnostic solution acting as a glue between the world's biggest brands' own data management platforms.

In order for Device Co-op to work, each company that has joined the initiative will provide Adobe with "cryptographically hashed login IDs" and HTTP header data, which Adobe claims will completely hide the customer's identity. This data will be used to create groups of devices used by the same person or household, which will then be made available to all the members of the initiative so they can target people on different devices, instead of creating one customer profile per device, as can be seen from the example given in the image above. Until now, some 60 companies have joined the Adobe initiative, including brands such as Subway, Sprint, NFL, Lenovo, Intel, Barnes & Noble, and Subaru. Also, preliminary measurements made by Adobe indicate that Device Co-op could link up to 1.2 billion devices worldwide, based on the amount of accesses seen by current members. But it is important to note that the initiative is currently collecting data of U.S. and Canada users only. Adobe is claiming the initiative will not disclose a user's identity to its members, including any personal data, but, given the recent Facebook and Cambridge Analytica scandal, many will be skeptical of those claims. Thankfully, Adobe is allowing users to completely opt out all of their devices from the services via this website.

Neowin reports of Adobe's recent announcement of its new Marketing Cloud Device Co-op initiative: The announcement of the new solution for tracking customers across devices was made at the Adobe Summit this week in Las Vegas to a digital marketing conference. According to an Adobe blog post released earlier this month citing Forrester, consumers are increasingly accessing multiple devices before making a purchase decision -- an average of 5.5 connected devices per person. This behavior creates a challenge for retailers, who cannot easily target people in their marketing campaigns, ultimately depending on Facebook or Google to track people instead of devices. Both Facebook and Google are able to do this job because of the massive amount of users logged into their ecosystems regularly, so most retailers have been opting to use those platforms as a way to reach potential customers. But Adobe's approach is to provide a platform agnostic solution acting as a glue between the world's biggest brands' own data management platforms.

In order for Device Co-op to work, each company that has joined the initiative will provide Adobe with "cryptographically hashed login IDs" and HTTP header data, which Adobe claims will completely hide the customer's identity. This data will be used to create groups of devices used by the same person or household, which will then be made available to all the members of the initiative so they can target people on different devices, instead of creating one customer profile per device, as can be seen from the example given in the image above. Until now, some 60 companies have joined the Adobe initiative, including brands such as Subway, Sprint, NFL, Lenovo, Intel, Barnes & Noble, and Subaru. Also, preliminary measurements made by Adobe indicate that Device Co-op could link up to 1.2 billion devices worldwide, based on the amount of accesses seen by current members. But it is important to note that the initiative is currently collecting data of U.S. and Canada users only. Adobe is claiming the initiative will not disclose a user's identity to its members, including any personal data, but, given the recent Facebook and Cambridge Analytica scandal, many will be skeptical of those claims. Thankfully, Adobe is allowing users to completely opt out all of their devices from the services via this website.

An anonymous reader quotes a report from Neowin: Kaspersky Lab, which has been under fire by the U.S. government as possibly being an agent of the Russian government and spying on U.S. computers, has found a previously unknown bug in Adobe Flash that was apparently exploited by a hacker group on October 10. Adobe issued a patch to fix the bug today. According to Kaspersky, "the exploit is delivered through a Microsoft Word document and deploys the FinSpy commercial malware." The company worked with Adobe to get a patch ready as quickly as possible, with Adobe releasing it a few hours ago. Users and agencies running the following versions of Adobe Flash will need to update immediately, as the vulnerability has been labeled as critical. The patch updates all versions of Adobe Flash to version 27.0.0.170.

Adobe said on Tuesday it will stop distributing and updating Flash Player at the end of 2020 and is encouraging web developers to migrate any existing Flash content to open standards. Apple is working with Adobe, industry partners, and developers to complete this transition. From a blog post: Apple users have been experiencing the web without Flash for some time. iPhone, iPad, and iPod touch never supported Flash. For the Mac, the transition from Flash began in 2010 when Flash was no longer pre-installed. Today, if users install Flash, it remains off by default. Safari requires explicit approval on each website before running the Flash plugin.
In a blog post, the company wrote: "Adobe has long played a leadership role in advancing interactivity and creative content -- from video, to games and more -- on the web. Where we've seen a need to push content and interactivity forward, we've innovated to meet those needs. Where a format didn't exist, we invented one -- such as with Flash and Shockwave. And over time, as the web evolved, these new formats were adopted by the community, in some cases formed the basis for open standards, and became an essential part of the web. But as open standards like HTML5, WebGL and WebAssembly have matured over the past several years, most now provide many of the capabilities and functionalities that plugins pioneered and have become a viable alternative for content on the web. Over time, we've seen helper apps evolve to become plugins, and more recently, have seen many of these plugin capabilities get incorporated into open web standards. Today, most browser vendors are integrating capabilities once provided by plugins directly into browsers and deprecating plugins. Given this progress, and in collaboration with several of our technology partners -- including Apple, Facebook, Google, Microsoft and Mozilla -- Adobe is planning to end-of-life Flash. Specifically, we will stop updating and distributing the Flash Player at the end of 2020 and encourage content creators to migrate any existing Flash content to these new open formats."

An anonymous reader writes: The latest Adobe Acrobat Reader security update (15.023.20053), besides delivering security updates, also secretly installs the Adobe Acrobat extension in the user's Chrome browser. There is no mention of this "special package" on Acrobat's changelog, and surprise-surprise, the extension comes with anonymous data collection turned on by default. Bleeping Computer reports: "This extension allows users to save any web page they're on as a PDF file and share it or download it to disk. The extension is also Windows-only, meaning Mac and Linux Chrome users will not receive it. The extension requests the following permissions: Read and change all your data on the websites you visit; Manage your downloads; Communicate with cooperating native applications. According to Adobe, extension users 'share information with Adobe about how [they] use the application. The information is anonymous and will help us improve product quality and features,' Adobe also says. 'Since no personally identifiable information is collected, the anonymous data will not be meaningful to anyone outside of Adobe.'"

An anonymous reader writes: Adobe released today Flash Player 24 for Linux, after previously abandoning the application without explanation in 2012. The NPAPI architecture of Flash Player for Linux is now on par with Windows and Mac releases on version 24, after spending the last few years stuck at version 11.2 and only receiving small patches and security fixes, but no new features. Today's Flash Player 24 for Linux release comes after Adobe teased its release on August 31, and later released a Beta version (v23) in October. Despite updating Flash Player for Linux to the same version number as its Windows and Mac alternatives, the Linux variant still lags behind on features. While Flash Player 24 includes all the security features included in the Windows and Mac versions, the Linux version doesn't support accelerated GPU 3D acceleration and video DRMs. If users need these features, Adobe says users should use Chrome for Linux, where Google's own port, the Pepper Flash plugin (PPAPI architecture) supports them.

An anonymous reader quotes a report from Neowin: Four years ago, Adobe made a decision to stop updating the Flash Player package (NPAPI) on Linux, aside from delivering security patches. It has made an about turn on this decision in the last week and has said that it will keep it in sync with the modern release branch going forward. In its announcement, Adobe wrote: "In the past, we communicated that NPAPI Linux releases would stop in 2017. This is no longer the case and once we have performed sufficient testing and received community feedback, we will release both NPAPI and PPAPi Linux builds with their major version numbers in sync and on a regular basis." Although this is great news for Linux users who don't want to struggle to watch Flash content online, there also a few drawbacks. Adobe writes: "Because this change is primarily a security initiative, some features (like GPU 3D acceleration and premium video DRM) will not be fully implemented. If you require this functionality we recommend that you use the PPAPI version of Flash Player." You can download the new NPAPI binaries from the Adobe Labs download page.

An anonymous reader quotes a report from Neowin: Four years ago, Adobe made a decision to stop updating the Flash Player package (NPAPI) on Linux, aside from delivering security patches. It has made an about turn on this decision in the last week and has said that it will keep it in sync with the modern release branch going forward. In its announcement, Adobe wrote: "In the past, we communicated that NPAPI Linux releases would stop in 2017. This is no longer the case and once we have performed sufficient testing and received community feedback, we will release both NPAPI and PPAPi Linux builds with their major version numbers in sync and on a regular basis." Although this is great news for Linux users who don't want to struggle to watch Flash content online, there also a few drawbacks. Adobe writes: "Because this change is primarily a security initiative, some features (like GPU 3D acceleration and premium video DRM) will not be fully implemented. If you require this functionality we recommend that you use the PPAPI version of Flash Player." You can download the new NPAPI binaries from the Adobe Labs download page.

An anonymous reader quotes an article from BankInfoSecurity: Security experts are once again warning enterprises to immediately update -- or delete -- all instances of the Adobe Flash Player they may have installed on any system in the wake of reports that a zero-day flaw in the web browser plug-in is being targeted by an advanced persistent threat group.... The bug exists in Adobe Flash Player 21.0.0.242 and earlier versions -- running on Windows, Mac, Linux, and Chrome OS -- and "successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system." Thursday Adobe released an updated version of Flash patching 36 separate vulnerabilities, including the critical vulnerability which "if exploited would allow malicious native-code to execute, potentially without a user being aware." While applauding Adobe's quick response, researchers at Kaspersky Lab say it's already been exploited in Russia, Nepal, South Korea, China, India, Kuwait and Romania, and BankInfoSecurity writes that "The latest warning over this campaign reinforces just how often APT attackers target Flash, thus making a potential business case for banning it for inside the enterprise."

wiredmikey writes: Adobe released a Flash Player update on Thursday night to patch a zero-day vulnerability that has been leveraged by cybercriminals to deliver malware via the Magnitude exploit kit. The vulnerability [CVE-2016-1019], a memory corruption that can be exploited for remote code execution, was discovered after, on April 2, security researcher Kafeine of Proofpoint noticed a change in the Magnitude exploit kit. The sample was then investigated by FireEye, which determined that Magnitude EK had been exploiting a previously unknown vulnerability in Flash Player."Despite the fact that this new exploit could potentially work on any version of Adobe Flash, including a fully patched instance of Flash, the threat actors implemented it in a manner that only targeted older versions of Flash. In other words, equipped with a weapon that could pierce even the latest armor, they only used it against old armor, and in doing so exposed to security researchers a previously unreported vulnerability," Proofpoint said in a blog post.

An anonymous reader writes: From January 2016, Adobe Flash will be renamed to 'Adobe Animate CC', killing one of the most unfortunate names in web security as the company pushes the product further and further to HTML5 output. Adobe's release about the update, which will form part of the annual Creative Cloud upgrade, states that a third of all material output from the program is now HTML5. The transitional HTML5 Adobe animation program Edge Animate will be replaced by the renamed Flash product.

Patrick O'Neill writes: In the days following a massive hack that confirmed Hacking Team's dealings with repressive regimes around the world, experts are wondering once again how to stop Western technology companies from equipping certain governments with weapons meant to attack journalists, human rights activists, and ordinary civilians. Regulation's backers say that "this is an industry that has failed to police itself," ACLU's Christopher Soghoian argued, but many including the EFF warn that overly broad legislation would harm more than help. In addition, wiredmikey points out that a number of exploits have been released in the wake of the hacking: Several exploits have been discovered, including ones for zero-day vulnerabilities, in the hundreds of gigabytes of data stolen by a hacker from the systems of surveillance software maker Hacking Team. Researchers at Trend Micro analyzed the leaked data and uncovered several exploits, including two zero-days for Adobe Flash Player. A readme document found alongside proof-of-concept (PoC) code for one of the Flash Player zero-days describes the vulnerability as "the most beautiful Flash bug for the last four years since CVE-2010-2161." In addition to the Flash Player exploits, researchers spotted an exploit for a Windows kernel vulnerability, a flaw that fortunately has already been patched. Adobe told SecurityWeek that it's aware of the reports and expects to release a patch on Wednesday.

msm1267 writes: Adobe has released an emergency patch for a Flash zero-day used in targeted attacks by APT3, the same group behind 2014's Clandestine Fox attacks. Adobe said Flash Player 18.0.0.161 and earlier for Windows and Macintosh systems are affected, as is 11.2.202.466 for Linux 11.x versions.

The current iteration of Clandestine Fox attacks shares many traits with last year's attacks, including generic, almost spam-like phishing emails intent on snaring as many victims as possible that can be analyzed for their value before additional attacks are carried out. The two campaigns also share the same custom backdoor called SHOTPUT, as well as an insistence on using a throwaway command and control infrastructure.

itwbennett writes: The vulnerability known as CVE-2011-2461 was unusual because fixing it didn't just require the Adobe Flex Software Development Kit (SDK) to be updated, but also patching all the individual Flash applications (SWF files) that had been created with vulnerable versions of the SDK. The company released a tool that allowed developers to easily fix existing SWF files, but many of them didn't. Last year, Web application security engineers Luca Carettoni from LinkedIn and Mauro Gentile from Minded Security came across the old flaw while investigating Flash-based techniques for bypassing the Same-Origin Policy (SOP) mechanism found in browsers. They found SWF files that were still vulnerable on Google, Yahoo, Salesforce, Adobe, Yandex, Qiwi and many other sites. After notifying the affected websites, they presented their findings last week at the Troopers 2015 security conference in Germany.

jones_supa writes Adobe has patched nine vulnerabilities in Flash Player — four of which are considered "critical" — in order to protect against malicious attackers who could exploit the bugs to take control of an affected system. Adobe acknowledged security researchers from Google, McAfee, HP, and Verisign. Flash's security bulletin contains more information on the vulnerabilities. The issues are fixed in mainline Flash Player 16.0.0.257 (incl. Google Chrome Linux version), extended support release 13.0.0.260, and Linux standalone plugin 11.2.202.429.

lars_doucet (2853771) writes Flash CC now has an SDK for creating custom project file formats; this lets you use the Flash IDE to prepare and publish content for (not-the-flash-player) compile targets. Among these new platforms is OpenFL, a fully open-source re-implementation of the Flash API that exports to Javascript and C++ (no Flash Player!), among other targets: When Adobe demoed the custom project feature at Adobe MAX the other night, they brought out Joshua Granick (lead maintainer of OpenFL) to show off a custom OpenFL project format that lets you make Flash Art in Flash CC, then compile it out to Flash, HTML5, and native C++ (desktop+mobile) targets. Maybe Adobe heard us after all?

sfcrazy writes Adobe is bringing the king of all photo editing software, Photoshop, to Linux-based Chrome OS. Chrome OS-powered devices, such as Chromebooks and Chromeboxes, already have a decent line-up of 'applications' that can work offline and eliminate the need of a traditional desktop computer. So far it sounds like great news. The bad news is that the offering is in its beta stage and is available only to the customers of the Creative Cloud Education program residing in the U.S. I have a full subscription of Creative Cloud for Photographers, and LightRoom, but even I can't join the program at the moment.

New submitter jvp (27996) writes "Adobe's authentication system for its Creative Cloud as well as its website services is down, and has been since Wednesday (14 May) afternoon. What this means: If you're a Creative Cloud subscriber, you can't log into your account via the desktop application. Online services such as the fonts are not available. Applications (eg: Photoshop, Premiere, etc) will continue to work. Softpedia has a nice article on it, but their time frames are off quite a bit." As of this writing, a message on the Adobe Creative Cloud page says "Creative Cloud is currently undergoing maintenance. Please check back later. Thank you for your patience." Even though I've come to like some remote-hosted software, like gmail, I don't think I'd want tools for manipulating local media tied even loosely to the uptime of a remote computer (or network connection).

An anonymous reader writes "Researchers at the Kaspersky Lab have uncovered a zero-day Adobe Flash vulnerability that affects Windows, OS X, and Linux. 'While the exploit Kaspersky observed attacked only computers running Microsoft Windows, the underlying flaw, which is formally categorized as CVE-2014-1776 and resides in a Flash component known as the Pixel Bender, is present in the Adobe application built for OS X and Linux machines as well.' Adobe has reportedly patched the bug for all platforms. Researchers first detected the bug from attacks performed on seven Syrian computers. The attacks seem to have been hosted on the Syrian Ministry of Justice website, which has led to speculation that these are state-sponsored vulnerability exploits. This speculation is further supported by evidence that one of the exploits was 'designed to target computers that have the Cisco Systems MeetingPlace Express Add-In version 5x0 installed. The app is used to view documents and images during Web conferences.'"

Hugh Pickens DOT Com writes "Bob Sutton reports that in 2012 Adobe moved from yearly performance rankings to frequent "check-ins" where managers provide employees targeted coaching and advice. There is no prescribed format or frequency for these conversations, and managers don't complete any forms or use any technologies to guide or document what happens during such conversations. They are simply expected to have regular check-ins to convey what is expected of employees, give and get feedback, and help employees with their growth and development plans. 'The aim is to give people information when they need it rather than months after teachable moments have passed,' writes Sutton. Donna Morris, Adobe's senior vice president for People and Places, says her team calculated that annual reviews required 80,000 hours of time from the 2000 managers at Adobe each year, the equivalent of 40 full-time employees. After all that effort, internal surveys revealed that employees felt less inspired and motivated afterwards—and turnover increased. According to Sutton, Adobe's bold move seems to be working. Surveys indicates that most Adobe managers and employees find the new system to be less cumbersome and more effective than the old stack-ranking system where managers must divide employees into groups — for example, maybe 15 percent of people can be assigned the highest rating. 'That goes against our core value of being genuine,' says Ellie Gates, director of management effectiveness at Adobe. 'Our goal should be to inspire people to do their best work.' Since the new system was implemented, voluntary attrition has decreased substantially, while involuntary departures have increased by 50% because the new system requires executives and managers to have regular 'tough discussions' with employees who are struggling with performance issues—rather than putting them off until the next performance review cycle comes around. 'It is reducing unnecessary cognitive load, while at the same time, nudging managers to engage more often and more candidly with direct reports to help them develop their skills and plan their careers,' concludes Sutton. 'It also bolsters accountability because managers have far more responsibility for setting employee compensation than under the old system.'"

An anonymous reader writes "Adobe has released an emergency patch for a critical vulnerability affecting Flash Player for Windows, Linux, and OS X, the exploitation of which can result in an attacker gaining remote control of the victims' systems. The flaw is being actively exploited in the wild, but apart from crediting its discovery to researchers Alexander Polyakov and Anton Ivanov of Kaspersky Labs, no details about the ongoing attack has been shared." They even updated the explicitly unsupported NPAPI GNU/Linux version.

Nate the greatest writes "Whether it's EA and SimCity, the Sony rootkit scandal, or Ubisoft, we've all read numerous stories about companies using DRM in stupid ways that harm their customers, and now we can add Adobe to the list. Adobe has just announced a new timeline for adoption of their recently launched 'hardened' DRM, and it's going to take your breath away. In a video posted to Youtube, Adobe reps have stated that Adobe expects all of their ebook partners to start adopting the new DRM in March. This is the same DRM that was launched only a few weeks ago and is already causing problems, but that hasn't stopped Adobe. They also expect all the stores that use Adobe's DRM to sell ebooks (as well as the ebook app and ebook reader developers) to have fully adopted the new ebook DRM by July 2014. That's when Adobe plans to end support for the old DRM (which everyone is using now). Given the dozens and dozens of different ebook readers released over the past few years, including models from companies that have gone under, this is going to present a significant problem for a lot of readers. Few, if any, will be updated in time to meet Adobe's deadline, and that's going to leave many readers unable to buy DRMed ebooks."

First time accepted submitter waslap writes "I have a leading role at a small software development company. I am responsible for giving guidance and making decisions on tool usage within the shop. I find the task of choosing frameworks to use within our team, and specifically UI frameworks, exceedingly difficult. A couple of years back my investigation of RIA frameworks lead me to eventually push for Adobe Flex [adobe.com] as the UI framework of choice for our future web development. This was long before anyone would have guessed that Adobe would abandon the Linux version of Flash. I chose Flex mainly for its maturity, wealth of documentation, commercial backing, and the superior abilities of Flash, at a time when HTML 5 was still in the early stages of planning. Conversely, about 15 years ago I made a switch to Qt for desktop applications and it is still around and thriving. I am trying to understand why it was the right choice and the others not. Perhaps Qt's design was done so well that it could not be improved. I'm not sure whether that assessment is accurate. I cannot find a sound decision-tree based on my experiences to assist me in making choices that have staying power. I hope the esteemed Slashdot readers can provide helpful input on the matter. We need a set of fail-safe axioms" Read on for more context. The backing of Adobe, an industry giant, gave me what I later discovered was a false sense of security. I thought that the Flex framework would not get lost in a back alley like so many open source projects. We invested heavily in Flex and were disillusioned a couple of years later when Linux support for Flash was ended. (Linux support is vital for us for reasons outside this discussion.)

I had evaluated Adobe Flex alongside OpenLaszlo, which at the time had the ability to use a DHTML back-end instead of Flash with the flick of a switch. In retrospect, this alone apparently made it a better choice in the long run regardless of its flaky state when I first looked at it.

A similar scenario arose with CodeIgniter, which we chose for getting away from classical spaghetti PHP. CodeIgniter was recently dropped after we've invested a Tesla Model X worth of money into using it. (EllisLab Seeking New Owner for CodeIgniter.)

I am standing at a cross-roads once again as people are pushing Laravel [laravel.com] for PHP, and giving other suggestions. I am scratching my (sore) head and wondering how to prevent eventual failures in the future. It seems there is no way to predict whether a tool will survive.

Even in retrospect, when I consider my decision-making processes, everything was reasonable at the time I made the choices, yet some turned out to be wrong.

vikingpower writes "The winner of this year's World Press Photo award, Paul l Hanssen, is under fire for allegedly having photoshopped the winning picture. The Hacker Factor is detailing the reasons and technicalities for the accusations. ExtremeTech also runs an item about the possible faking. Upon questions by Australian news site news.com.au, Hanssen answers his photo is not a fake. The whole story, however, is based upon somewhat thin proof: three different times in the file's Adobe XMP block; this does not necessarily mean that more than one file was used in order to obtain a composite image." Update: 05/14 20:04 GMT by S : World Press Photo says the photo is genuine.

alancronin writes with this excerpt from a PC World article: "Users of Android, Chrome OS, Linux, and iOS devices may not realize it, but FreeType open source software is used to render fonts on more than a billion such devices. Not only that, but the FreeType project this week got a significant update from none other than Adobe and Google. Specifically, Google and Adobe on Wednesday released into beta the Adobe CFF engine, an advanced Compact Font Format (CFF) rasterizer that 'paves the way for FreeType-based platforms to provide users with richer and more beautiful reading experiences,' as Google put it in an online announcement on the Google Open Source Blog. The new rasterizer is now included in FreeType version 2.4.12. Though it's currently off by default, the technology is 'vastly superior' to the old CFF engine and will replace it in the next FreeType release, the project says." The article features examples of how the new engine improves font rendering; for more explanation of the CFF, see this blog post from Adobe.

I've been really, really excited about digital video distribution lately: first Netflix greenlights jms's return to science fiction TV, and then Amazon announces their new pilots. Perhaps the decade long dearth of any good television is nearing its end! So, with that in mind, I finished up editing Slashdot for the day and sat down to watch some of these new pilots. Only to discover that Amazon has taken away my ability to watch entirely in the name of Digital Restrictions Management.

For ages now, Amazon Instant Video has worked with Android devices supporting Flash and, more importantly to many people (and me) it seems, through an unofficial XBMC plugin. It seemed like Amazon was happily using RTMPE to prevent casual stream interception, at least for content funded by others. But with the release of their new pilots, they enabled "Flash Access," Adobe's DRM that (for now) is actually effective.

This effectively kills access for everyone using GNU/Linux, even with the (officially unsupported) Adobe Flash plugin! The Adobe plugin relies on HAL for some DRM magic, but HAL is unmaintained, deprecated, and was removed from most major distros ages ago. You can't even install it by hand thanks to udev removing a few features HAL relied upon. Naturally, the Adobe Flash plugin is equally unmaintained so there is little hope even for people willing to install a piece of unmaintained software with a history of remotely exploitable security holes, instability, and poor performance.

But it seems the loss of access from XBMC is more widely felt: RMS cultists and pragmatic Windows users alike now suffer equally. And the folks who aren't GNU/Hippies with an anti-cloud-chip-on-their-shoulder might even be suffering more: they've lost access to shows and movies that they purchased.

There are a dozen pages on the XBMC forum of people pretty pissed, hundreds of angry posts on their Facebook wall, lengthy threads on Amazon's official forums. But so far the response from Amazon has simply been: it was never supposed to work, and we've fixed it.

In the absence of a clear response from Amazon, wild speculations as to why they decided to institute DRM abound: it's not intentional, piracy is a problem for them after all, Jeff Bezos personally wants to eat every XBMC user's cat, or it has something to do with those pilots.

I'd wager it had something to do with the pilots, or was somewhat unintentional (maybe they only meant to restrict HD content).

An XBMC forum member claims to have chatted with a support representative and gotten a suggestive answer:

Amazon Support: Okay, for Android devices we unfortunately don't support them except for the Kindle Fires so it was really lucky your phone was able to play our instant videos before. As to why they aren't working now, we just recently updated our Flash video playback support which is more than likely why it won't play now. I'm really sorry for any inconvenience this will cause you!
Me: I see. Was the flash video playback updated because of the new Amazon Original Pilots that was released recently?
Amazon Support:I'm honestly not sure if it was due to the pilots that came out, though the timing with the pilots and the update can't be coincidental :-)

Assuming it's not just a technical glitch (it happened once before, and Amazon turned the harder-to-break DRM off) and related to the pilots, why only now have they enabled proper DRM? Surely if content they fund is worth restricting then all content is worth restricting? After all, the party line has always been that DRM is imposed by those evil card carrying MPAA members, and not by enlightened tech companies who are just doing what has to be done to free us from the tyranny of broadcast television.

Is it that the content they already provide is widely available through piracy that they haven't cared before? Perhaps; stream ripping from Amazon/Netflix/Hulu and transforming it into a shareable form is not something a normal person would do if only because the video is streamed in mostly real-time. But there are entire groups dedicated to capturing television and uploading it, so someone out there would probably do it.

The problem is that they are going to break the DRM and pirate everything anyway. In fact. they already have (possibly nsfw, because piracy). The same goes for Netflix; their onerous DRM did nothing to stop piracy of House of Cards (finding it is left as an exercise for the reader, but Knuth would rate it 00), and yet they just posted incredible financial results and strong subscriber growth (in utter contrast to this time last year).

The cat's out of the bag: a good chunk of the world population own Infinite Copying Machines and those machines are networked. You cannot stop a determined individual from making a freely copyable version of anything digital unless you ban all output devices (certainly would make Haskell programming nicer) and burn every camera and piece of audio equipment ever built.

It seems that the same toxic thinking about distribution control that pervades the traditional networks has infected the online distributors. It's clear that torrent trackers offer something the traditional channels do not: (mostly) effortless access to content how and when you want it. But these are things that Netflix, Amazon, et al could offer as well... that they do offer. However, instead of liberalizing distribution as time goes on, the New Distributors have fallen into the same clearly failed mentality about restricting distribution that led to the entire media industry becoming a former shell of itself in a mere five years!

This mentality will only lead to failure. Pursuit of it is insanity: we are witnessing the end stages of an industry-wide collapse because of it! And it seems these new distributors have quickly forgotten that it was only the desperation of their predecessors that they were even able to license what they have now.

So, Amazon, why do you insist upon flogging people who are yelling "Shut up and take my money!"?

I've been really, really excited about digital video distribution lately: first Netflix greenlights jms's return to science fiction TV, and then Amazon announces their new pilots. Perhaps the decade long dearth of any good television is nearing its end! So, with that in mind, I finished up editing Slashdot for the day and sat down to watch some of these new pilots. Only to discover that Amazon has taken away my ability to watch entirely in the name of Digital Restrictions Management.

For ages now, Amazon Instant Video has worked with Android devices supporting Flash and, more importantly to many people (and me) it seems, through an unofficial XBMC plugin. It seemed like Amazon was happily using RTMPE to prevent casual stream interception, at least for content funded by others. But with the release of their new pilots, they enabled "Flash Access," Adobe's DRM that (for now) is actually effective.

This effectively kills access for everyone using GNU/Linux, even with the (officially unsupported) Adobe Flash plugin! The Adobe plugin relies on HAL for some DRM magic, but HAL is unmaintained, deprecated, and was removed from most major distros ages ago. You can't even install it by hand thanks to udev removing a few features HAL relied upon. Naturally, the Adobe Flash plugin is equally unmaintained so there is little hope even for people willing to install a piece of unmaintained software with a history of remotely exploitable security holes, instability, and poor performance.

But it seems the loss of access from XBMC is more widely felt: RMS cultists and pragmatic Windows users alike now suffer equally. And the folks who aren't GNU/Hippies with an anti-cloud-chip-on-their-shoulder might even be suffering more: they've lost access to shows and movies that they purchased.

There are a dozen pages on the XBMC forum of people pretty pissed, hundreds of angry posts on their Facebook wall, lengthy threads on Amazon's official forums. But so far the response from Amazon has simply been: it was never supposed to work, and we've fixed it.

In the absence of a clear response from Amazon, wild speculations as to why they decided to institute DRM abound: it's not intentional, piracy is a problem for them after all, Jeff Bezos personally wants to eat every XBMC user's cat, or it has something to do with those pilots.

I'd wager it had something to do with the pilots, or was somewhat unintentional (maybe they only meant to restrict HD content).

An XBMC forum member claims to have chatted with a support representative and gotten a suggestive answer:

Amazon Support: Okay, for Android devices we unfortunately don't support them except for the Kindle Fires so it was really lucky your phone was able to play our instant videos before. As to why they aren't working now, we just recently updated our Flash video playback support which is more than likely why it won't play now. I'm really sorry for any inconvenience this will cause you!
Me: I see. Was the flash video playback updated because of the new Amazon Original Pilots that was released recently?
Amazon Support:I'm honestly not sure if it was due to the pilots that came out, though the timing with the pilots and the update can't be coincidental :-)

Assuming it's not just a technical glitch (it happened once before, and Amazon turned the harder-to-break DRM off) and related to the pilots, why only now have they enabled proper DRM? Surely if content they fund is worth restricting then all content is worth restricting? After all, the party line has always been that DRM is imposed by those evil card carrying MPAA members, and not by enlightened tech companies who are just doing what has to be done to free us from the tyranny of broadcast television.

Is it that the content they already provide is widely available through piracy that they haven't cared before? Perhaps; stream ripping from Amazon/Netflix/Hulu and transforming it into a shareable form is not something a normal person would do if only because the video is streamed in mostly real-time. But there are entire groups dedicated to capturing television and uploading it, so someone out there would probably do it.

The problem is that they are going to break the DRM and pirate everything anyway. In fact. they already have (possibly nsfw, because piracy). The same goes for Netflix; their onerous DRM did nothing to stop piracy of House of Cards (finding it is left as an exercise for the reader, but Knuth would rate it 00), and yet they just posted incredible financial results and strong subscriber growth (in utter contrast to this time last year).

The cat's out of the bag: a good chunk of the world population own Infinite Copying Machines and those machines are networked. You cannot stop a determined individual from making a freely copyable version of anything digital unless you ban all output devices (certainly would make Haskell programming nicer) and burn every camera and piece of audio equipment ever built.

It seems that the same toxic thinking about distribution control that pervades the traditional networks has infected the online distributors. It's clear that torrent trackers offer something the traditional channels do not: (mostly) effortless access to content how and when you want it. But these are things that Netflix, Amazon, et al could offer as well... that they do offer. However, instead of liberalizing distribution as time goes on, the New Distributors have fallen into the same clearly failed mentality about restricting distribution that led to the entire media industry becoming a former shell of itself in a mere five years!

This mentality will only lead to failure. Pursuit of it is insanity: we are witnessing the end stages of an industry-wide collapse because of it! And it seems these new distributors have quickly forgotten that it was only the desperation of their predecessors that they were even able to license what they have now.

So, Amazon, why do you insist upon flogging people who are yelling "Shut up and take my money!"?

First time accepted submitter clockwise_music writes "With HTML5 we're closer to the point where a browser can do almost everything that a native app can do. The final frontier is 3D, but WebGL isn't even part of the HTML5 standard, Microsoft refuses to support it, Apple wants to push their native apps and it's not supported in the Android mobile browser. Flash used to be an option but Adobe have dropped mobile support. To reach most people you'd have to learn Javascript, WebGL and Three.js/Scene.js for Chrome/Firefox, then you'd have to learn Actionscript + Flash for the Microsofties, then learn Objective-C for the apple fanboys, then learn Java to write a native app for Android. When will 3D finally become available for all? Do you think it's inevitable or will it never see the light of day?"

tsamsoniw writes "In the wake of the most recent zero-day attacks exploiting Flash Player, Adobe claims that it's worked hard to make Player secure — and that most SWF exploits stem from users opening infected Office docs attached to emails. The company has a solution, though: A forthcoming version of Flash Player will detect when it's being launched from Office and will present users with a dialog box with vague warnings of a potential threat."

Orome1 writes "Adobe has pushed out an emergency Flash update that solves two critical vulnerabilities (CVE-2013-0633 and CVE-2013-0634) that are being actively exploited to target Windows and OS X users, and is urging users to implement it as soon as possible. According to a security bulletin released on Thursday, the OS X exploit targets Flash Player in Firefox or Safari via malicious Flash content hosted on websites, while Windows users are targeted with Microsoft Word documents delivered as an email attachments which contain malicious Flash content. Adobe has also announced its intention of adding new protections against malicious Flash content embedded in Microsoft Office documents to its next feature release of Flash Player."

Michael Ross writes "Web designers, graphics artists, and others who create and edit digital images, have a number of commercial image-manipulation packages from which they can choose — such as Adobe Photoshop and Adobe Fireworks (originally developed by Macromedia). Yet there are also many alternatives in the open-source world, the most well-known being GNU Image Manipulation Program. GIMP is available for all major operating systems, and supports all commonly-used image formats. This powerful application is loaded with features, including plug-ins and scripting. Yet detractors criticize it as being complicated (as if Photoshop is intuitively obvious). Admittedly, anyone hoping to learn it could benefit from a comprehensive guide, such as The Book of GIMP." Keep reading for the rest of Michael's review. The Book of GIMP: A Complete Guide to Nearly Everything author Olivier Lecarme and Karine Delvare pages 676 pages publisher No Starch Press rating 9/10 reviewer Michael J. Ross ISBN 978-1593273835 summary A comprehensive tutorial and reference to GIMP 2.8. Authored by Olivier Lecarme and Karine Delvare, The Book of GIMP: A Complete Guide to Nearly Everything was published by No Starch Press on 22 January 2013, with the ISBN 978-1593273835. The publisher's page offers minimal information on the book and its authors, as well as a skimpy table of contents, and a free sample chapter (the fifth one, on composite photography). Lecarme has a companion website where visitors will find additional resources, including bonus filters, a forum (albeit almost empty), and a selection of the example images used in the book.

This title's 676 pages are organized into 22 chapters and six appendices. The first eight chapters compose "Part I — Learning GIMP"; the remaining chapters compose "Part II — Reference"; and the appendices compose the third part. In a brief but pleasant introduction, the authors encourage readers to follow along by installing GIMP on a local machine. Installation instructions can be found in Appendix E (which arguably should be the first appendix, to get readers started with a local installation). The book is based upon the most recent stable version of GIMP, namely 2.8, which reportedly introduced significant improvements over earlier versions.

As one might expect, the first chapter introduces the basics of the GIMP user interface, explaining how to find and open images, use the menu system in the main image dock, and perform basic editing operations, such as resizing and cropping. It also presents some essential concepts in GIMP — filters, layers, and drawing tools — and then discusses the use of a tablet in conjunction with GIMP. The next six chapters each focus on a major category of image work: photo retouching, drawing and illustration, logos and textures, composite photography, animation, and image preprocessing. The last chapter in the group covers utilizing GIMP for crafting the visual design of a website. The only problem I found in the narrative is the inconsistency in terminology, primarily the references to something as a "dock" on some occasions, and other times as a "window"; also, the "multi-dialog window" (page 4) is later called the "multi-docks window" (page 18). Nonetheless, the prose is straightforward and concise; there is a lot of information contained in each section. Consequently, anyone reading these tutorial chapters should take them at a modest pace, and frequently compare the authors' narrative and one's understanding of it with the screenshots and/or one's own results if following along (a practice I strongly recommend for this particular book, so one will better internalize the broad ideas as well as the details).

Each chapter concludes with a set of exercises, whose questions tend to be much more open-ended and difficult than those normally found in technical books. In fact, readers may be frustrated how some of the exercises challenge one to perform task completely unmentioned in the corresponding chapter. For instance, the very first one in the book, Exercise 1.1 (page 24), asks the reader to build a new dock with dialogs, even though at no point in the chapter was the reader told how to do anything remotely like this. Appendix B contains tips for a minority of the exercises.

The bulk of the book, "Part II — Reference," offers almost 400 pages of details on every aspect of GIMP: the user interface, its displays, layers, colors, selections, masks, drawing tools, transformation tools, filters, animation tools, scanning and printing images, image formats, scripts and plug-ins, and other methods of customizing the application — with each chapter starting with the basics. All of the information is terrific, but the thoughtful reader may wonder why the book begins with advanced topics — such as photo retouching, composite photography, animation, and website design — and later presents the detailed explanations of all the aforementioned aspects of using GIMP. It seems to me that it would have been better to present the Part II chapters first, and then present the advanced topics currently in Part I, except for what is now Chapter 1 ("Getting Started"), which would still be a fine way to begin the explication.

The third and final part contains half a dozen appendices, the first of which is a fascinating exploration of the science of human vision and the three main models of digital color representation. As noted earlier, the second appendix contains tips and hints for some of the chapter exercises. The third appendix is brief, but contains a wealth of online resources for anyone who would like to learn more about GIMP and its community. The next appendix contains a list of frequently asked questions and their answers, and is well worth reading. The fifth chapter explains how to install GIMP on computers running GNU/Linux, Unix, various Linux distros, Windows, and Mac OS X. The final appendix addresses batch processing of images, including the use of ImageMagick.

The production quality of this book is excellent (judging by the print copy kindly provided to me by No Starch Press for review). It was a smart choice on the part of the authors to request full-color images on every page, and the publisher's decision to do so, given the book's visual subject — even though it resulted in a heavier product (3.4 pounds).

Naturally, as a book discussing an image editor, this one makes extensive use of example photos and other images, which are extremely helpful to the reader. Only a few problems were evident; for instance, Figures 1.24 and 1.25 are so small that the cropping pointers are almost invisible. In some cases the descriptions or screenshots do not match what I saw when following along; for instance, on page 3, the author states that the three startup windows (Toolbox, Image, and multi-dialog) by default occupy the full width of the screen, which contradicts the screenshot in Figure 1.1, which shows the Image window at partial width.

The writing is generally clear and easy to follow, even though some of the phrasing is odd (e.g., "source text" to mean "source code"), perhaps because both authors are French. That could also account for the errata — for instance, "on [the] left" (page 15) and "its there" (page 22) — of which there were remarkably few for a book of this length.

If any reader is looking for a free and full-featured image-editing program, then by all means consider GIMP, as well as this outstanding tutorial and reference book.

Michael J. Ross is a freelance web developer and writer.

You can purchase The Book of GIMP: A Complete Guide to Nearly Everything from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael Ross writes "Web designers, graphics artists, and others who create and edit digital images, have a number of commercial image-manipulation packages from which they can choose — such as Adobe Photoshop and Adobe Fireworks (originally developed by Macromedia). Yet there are also many alternatives in the open-source world, the most well-known being GNU Image Manipulation Program. GIMP is available for all major operating systems, and supports all commonly-used image formats. This powerful application is loaded with features, including plug-ins and scripting. Yet detractors criticize it as being complicated (as if Photoshop is intuitively obvious). Admittedly, anyone hoping to learn it could benefit from a comprehensive guide, such as The Book of GIMP." Keep reading for the rest of Michael's review. The Book of GIMP: A Complete Guide to Nearly Everything author Olivier Lecarme and Karine Delvare pages 676 pages publisher No Starch Press rating 9/10 reviewer Michael J. Ross ISBN 978-1593273835 summary A comprehensive tutorial and reference to GIMP 2.8. Authored by Olivier Lecarme and Karine Delvare, The Book of GIMP: A Complete Guide to Nearly Everything was published by No Starch Press on 22 January 2013, with the ISBN 978-1593273835. The publisher's page offers minimal information on the book and its authors, as well as a skimpy table of contents, and a free sample chapter (the fifth one, on composite photography). Lecarme has a companion website where visitors will find additional resources, including bonus filters, a forum (albeit almost empty), and a selection of the example images used in the book.

This title's 676 pages are organized into 22 chapters and six appendices. The first eight chapters compose "Part I — Learning GIMP"; the remaining chapters compose "Part II — Reference"; and the appendices compose the third part. In a brief but pleasant introduction, the authors encourage readers to follow along by installing GIMP on a local machine. Installation instructions can be found in Appendix E (which arguably should be the first appendix, to get readers started with a local installation). The book is based upon the most recent stable version of GIMP, namely 2.8, which reportedly introduced significant improvements over earlier versions.

As one might expect, the first chapter introduces the basics of the GIMP user interface, explaining how to find and open images, use the menu system in the main image dock, and perform basic editing operations, such as resizing and cropping. It also presents some essential concepts in GIMP — filters, layers, and drawing tools — and then discusses the use of a tablet in conjunction with GIMP. The next six chapters each focus on a major category of image work: photo retouching, drawing and illustration, logos and textures, composite photography, animation, and image preprocessing. The last chapter in the group covers utilizing GIMP for crafting the visual design of a website. The only problem I found in the narrative is the inconsistency in terminology, primarily the references to something as a "dock" on some occasions, and other times as a "window"; also, the "multi-dialog window" (page 4) is later called the "multi-docks window" (page 18). Nonetheless, the prose is straightforward and concise; there is a lot of information contained in each section. Consequently, anyone reading these tutorial chapters should take them at a modest pace, and frequently compare the authors' narrative and one's understanding of it with the screenshots and/or one's own results if following along (a practice I strongly recommend for this particular book, so one will better internalize the broad ideas as well as the details).

Each chapter concludes with a set of exercises, whose questions tend to be much more open-ended and difficult than those normally found in technical books. In fact, readers may be frustrated how some of the exercises challenge one to perform task completely unmentioned in the corresponding chapter. For instance, the very first one in the book, Exercise 1.1 (page 24), asks the reader to build a new dock with dialogs, even though at no point in the chapter was the reader told how to do anything remotely like this. Appendix B contains tips for a minority of the exercises.

The bulk of the book, "Part II — Reference," offers almost 400 pages of details on every aspect of GIMP: the user interface, its displays, layers, colors, selections, masks, drawing tools, transformation tools, filters, animation tools, scanning and printing images, image formats, scripts and plug-ins, and other methods of customizing the application — with each chapter starting with the basics. All of the information is terrific, but the thoughtful reader may wonder why the book begins with advanced topics — such as photo retouching, composite photography, animation, and website design — and later presents the detailed explanations of all the aforementioned aspects of using GIMP. It seems to me that it would have been better to present the Part II chapters first, and then present the advanced topics currently in Part I, except for what is now Chapter 1 ("Getting Started"), which would still be a fine way to begin the explication.

The third and final part contains half a dozen appendices, the first of which is a fascinating exploration of the science of human vision and the three main models of digital color representation. As noted earlier, the second appendix contains tips and hints for some of the chapter exercises. The third appendix is brief, but contains a wealth of online resources for anyone who would like to learn more about GIMP and its community. The next appendix contains a list of frequently asked questions and their answers, and is well worth reading. The fifth chapter explains how to install GIMP on computers running GNU/Linux, Unix, various Linux distros, Windows, and Mac OS X. The final appendix addresses batch processing of images, including the use of ImageMagick.

The production quality of this book is excellent (judging by the print copy kindly provided to me by No Starch Press for review). It was a smart choice on the part of the authors to request full-color images on every page, and the publisher's decision to do so, given the book's visual subject — even though it resulted in a heavier product (3.4 pounds).

Naturally, as a book discussing an image editor, this one makes extensive use of example photos and other images, which are extremely helpful to the reader. Only a few problems were evident; for instance, Figures 1.24 and 1.25 are so small that the cropping pointers are almost invisible. In some cases the descriptions or screenshots do not match what I saw when following along; for instance, on page 3, the author states that the three startup windows (Toolbox, Image, and multi-dialog) by default occupy the full width of the screen, which contradicts the screenshot in Figure 1.1, which shows the Image window at partial width.

The writing is generally clear and easy to follow, even though some of the phrasing is odd (e.g., "source text" to mean "source code"), perhaps because both authors are French. That could also account for the errata — for instance, "on [the] left" (page 15) and "its there" (page 22) — of which there were remarkably few for a book of this length.

If any reader is looking for a free and full-featured image-editing program, then by all means consider GIMP, as well as this outstanding tutorial and reference book.

Michael J. Ross is a freelance web developer and writer.

You can purchase The Book of GIMP: A Complete Guide to Nearly Everything from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

dryriver writes "Yesterday, Adobe put up a mysterious webpage from which its now seven-year-old CS2 line of products (Photoshop, Illustrator, InDesign, Acrobat, Premiere and others) could be freely downloaded by anyone. The page even included valid serial numbers that will unlock the CS2 apps for anyone who wants to. This strange 'giveaways' page at Adobe.com quickly went viral on the internet after a few tech bloggers reported on it. An Adobe spokesman said initially that the CS2 downloads are for existing owners of Adobe CS2 software only, who may not be able to activate their software anymore, due to the CS2 activation servers having been shut down by Adobe. But the internet at large took this webpage as meaning 'Free Adobe CS2 Software for Everyone,' which was probably not what Adobe had in mind. It seems that at this point, hundreds of thousands of people have downloaded their 'free' CS2 products and installed them, and started using them. So Adobe is in a bit of a PR pinch now because of this — Do you tell all the thousands of people who have downloaded CS2 products in the last 48 hours that 'you cannot use these products without paying us'? Or do you accept that hundreds of thousands of people now have free access to seven year old Adobe CS2 products, and try to encourage some of them to 'upgrade to the new CS6 products'?"

llamafirst writes "As the year flipped to 2013, we learned that Adobe and Apple don't test for "forward date" bugs. Adobe prevented any copy of FrameMaker 10 from launching and Apple broke Do Not Disturb for the first week of 2013. Surely some more critical and safety systems also have lurking issues. Got tips for catching time/date bugs 'from the mysterious future?' (Also, obligatory link to Falsehoods programmers believe about time.)"

theweatherelectric writes "Mozilla is looking for contributors interested in working on Shumway. Mozilla's Jet Villegas writes, 'Shumway is an experimental web-native (Javascript) runtime implementation of the SWF file format. It is developed as a free and open source project sponsored by Mozilla Research. The project has two main goals: 1. Advance the open web platform to securely process rich media formats that were previously only available in closed and proprietary implementations. 2. Offer a runtime processor for SWF and other rich media formats on platforms for which runtime implementations are not available.'" See also: Gnash and Lightspark.

wiredmikey writes "Adobe said Thursday it will be revoking a code signing certificate next week after discovering two pieces of malware that had been digitally signed with Adobe's credentials. Two malicious utilities, pwdump7 v7.1 and myGeeksmail.dll, both came from the same source and were signed with valid Adobe digital certificates, Adobe's Brad Arkin said. Adobe plans to revoke the impacted certificate on Oct. 4. After initial investigation, the company identified a compromised build server which had been used to access the code signing infrastructure, Brad Arkin wrote in a blog post. The build server did not have rights to any public key infrastructure functions other than the ability to issue requests to the signing service and did not have access to any Adobe products such as Flash Player, Adobe Reader, Shockwave Player, or Adobe AIR, Arkin said. According to Adobe, most customers won't notice anything out of the ordinary during the certificate revocation process, but some IT administrators may have to take some actions in response."

tqft writes "From the sourceforge page: 'Source Sans is a set of monospaced OpenType fonts that have been designed to work well coding environments. This family of fonts is a complementary design to the Source Sans family.' License: Open Font License 1.1 (OFL 1.1) (both FSF and DFSG free). Hope to see it Debian (& other) repositories soon." The example text doesn't really look too much better than Inconsolata. But, hey, who can complain about more liberally licensed fonts?

colinneagle sends this excerpt from Network World: "Google announced last Friday that, in accordance to its policy of supporting a current browser and the immediate predecessor, its Google Apps productivity suite would drop support for Internet Explorer 8 once Windows 8 ships. Neither IE9 nor IE10 are available on XP. Adobe announced on the Photoshop Blog that the next version of Photoshop CS would support only Windows 7 and 8. The current version, CS6, is available for XP but, amusingly, not for Vista, which was its successor. This is a much-needed boost for Microsoft, which anxiously wants to put XP out to pasture after 11 years. Despite efforts to get rid of the old OS, XP still holds 43% of the market, according to the latest monthly data from Net Applications. Among Steam customers, Windows 7 has 70% market share, covering both 32-bit and 64-bit, while XP has 12%. That confirms what has been known for some time: consumers are adopting Windows 7 at a much faster rate than businesses. I know there is a whole economic argument to be had, and these numbers are not precise or scientific, but if XP really can be found in only 12% of households but 43% of businesses (or something close to that), then it really is time for the enterprise to stop dragging its tail."

hypnosec writes "Adobe has announced that it will be making the Flash Player for Android unavailable for new devices and users from August 15 in continuation of its plan to discontinue development of Flash Player for mobile browsers. The company announced its decision through a blog post and further said that only those users who have already installed the flash player on their devices will be receiving any future updates. To ensure that this is the case, Adobe is going to make configuration changes on its Google Play Flash Player page."

New submitter Craefter writes "Adobe has finally seen the same light Steve Jobs did in 2010 and is now committed to putting mobile Flash player in the history books as soon as possible. Adobe will not develop and test Flash player for Android 4.1 and will now focus on a PC browsing and apps. In a blog post, they wrote, 'Devices that don’t have the Flash Player provided by the manufacturer typically are uncertified, meaning the manufacturer has not completed the certification testing requirements. In many cases users of uncertified devices have been able to download the Flash Player from the Google Play Store, and in most cases it worked. However, with Android 4.1 this is no longer going to be the case, as we have not continued developing and testing Flash Player for this new version of Android and its available browser options. There will be no certified implementations of Flash Player for Android 4.1. Beginning August 15th we will use the configuration settings in the Google Play Store to limit continued access to Flash Player updates to only those devices that have Flash Player already installed. Devices that do not have Flash Player already installed are increasingly likely to be incompatible with Flash Player and will no longer be able to install it from the Google Play Store after August 15th.'"

Trailrunner7 writes "Adobe has released a new version of their Flash player that now gives Firefox users the additional security of a sandbox and also includes a background update mechanism for Mac users. Flash has run in a sandbox on Google Chrome and Internet Explorer for some time already. The big security news in Flash player 11.3 is the addition of the protected mode sandbox for Firefox on Windows. That's a major change for Adobe, which has been adding sandbox to its main product lines for a couple of years now. Adobe Reader X has run in protected mode — which is what Adobe calls its sandbox — since its release, and the company also added a sandbox to Flash on Google Chrome. The sandbox is designed to prevent attackers from using vulnerabilities in Flash to break out of the application and move to other apps or the OS itself."

Trailrunner7 writes "Adobe has released a new version of their Flash player that now gives Firefox users the additional security of a sandbox and also includes a background update mechanism for Mac users. Flash has run in a sandbox on Google Chrome and Internet Explorer for some time already. The big security news in Flash player 11.3 is the addition of the protected mode sandbox for Firefox on Windows. That's a major change for Adobe, which has been adding sandbox to its main product lines for a couple of years now. Adobe Reader X has run in protected mode — which is what Adobe calls its sandbox — since its release, and the company also added a sandbox to Flash on Google Chrome. The sandbox is designed to prevent attackers from using vulnerabilities in Flash to break out of the application and move to other apps or the OS itself."

wiredmikey writes with a followup to Thursday's news that Adobe was recommending paid software upgrades in lieu of fixing security holes in some of its applications. After receiving criticism for the security bulletin, Adobe changed its mind and announced that it's developing patches to fix the vulnerabilities. "Developing a patch, especially for three different applications, can be costly and time consuming. Developing these patches consumes development resources, then must run through a QA process, and the patch needs to be communicated and distributed to users. And for a company like Adobe with a massive customer base using its Photoshop, Illustrator, and Flash Professional, the bandwidth cost alone can be substantial. For a popular product that was just over two years old, providing a fix to address a serious security flaw its what customers deserve. And while Adobe may have originally tried to sneak by without addressing the issue and pushing users to upgrade to its new product, the company made the right move in the end."

Nimey writes "Adobe has posted a security bulletin for Photoshop CS5 for Windows and OSX. It seems there is a critical security hole that will allow attackers to execute arbitrary code in the context of the user running the affected application. Adobe's fix? You need to pay to upgrade to Photoshop CS6. For users who cannot upgrade to Adobe Photoshop CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources."

dartttt writes "Adobe has released Flash Player version 11.2 with many new features. This is the final Flash Player release for Linux platform and now onward there will be only security and bug fix updates. Last month Adobe announced that it is withdrawing Flash Player support for Linux platform. All the future newer Flash releases will be bundled with Google Chrome using its Pepper API and for everything else, 11.2 will be the last release."

ekimd writes "Adobe has anounced their plans to abandon future updates of their Flash player for Linux. Partnering with Google, after the release of 11.2, 'the Flash Player browser plugin for Linux will only be available via the 'Pepper' API as part of the Google Chrome browser distribution and will no longer be available as a direct download from Adobe.' Viva la HTML 5!" And it appears that Mozilla won't be implementing Pepper anytime soon.

Trailrunner7 writes "Adobe, which has spent the last few years trying to dig out of a deep hole of vulnerabilities and buggy code, is making a major change to Flash, adding a sandbox to the version of the player that runs in Firefox. The sandbox is designed to prevent many common exploit techniques against Flash. The move by Adobe comes roughly a year after the company added a sandbox to Flash for Google Chrome. Flash, which is perhaps the most widely deployed piece of software on the Internet, has been a common attack vector for several years now, and the attacks in some cases have been used to get around exploit mitigations added by the browser vendors. The sandbox is designed to prevent many of these attacks by not allowing exploits against Flash to break out into the browser itself."

wiredmikey writes "Adobe issued an advisory today on a zero-day vulnerability (CVE-2011-2462) that has come under attack in the wild. According to Adobe, the issue is a U3D memory corruption vulnerability that can be exploited to cause a crash and permit an attacker to hijack a system. So far, there are reports the vulnerability is being exploited in limited, targeted attacks against Adobe Reader 9.x on Windows. However, the bug also affects Adobe Reader and Acrobat 9.4.6 and earlier 9.x versions for UNIX and Macintosh computers, as well as Adobe Reader X (10.1.1) and Acrobat X (10.1.1) and earlier 10.x versions on Windows and Mac. Patches for Windows and Mac users of Adobe Reader X and Acrobat X will come on the next quarterly update, scheduled for Jan. 10, 2012."