Slashdot Mirror

← Back to Stories (view on slashdot.org)

F-Secure Suggests Ditching Adobe Reader For Free PDF Viewers

Posted by timothy on from the jane-the-sex-was-good-but-I've-had-enough-circus dept.

hweimer writes "Yesterday at RSA security conference, F-Secure's chief research officer recommended dropping Adobe Reader for viewing PDF files because of the huge amount of targeted attacks against it. Instead, he pointed to PDFreaders.org, a website maintaining a list of free and open source PDF viewers."

14 of 249 comments (clear)

  1. Already there by andytrevino · · Score: 5, Informative

    I've been using Foxit Reader for some time on my aging laptop because of performance issues with Adobe Reader 9, and it works great. http://www.foxitsoftware.com/pdf/reader/

    1. Re:Already there by Saint+Stephen · · Score: 5, Insightful

      Foxit has a couple of problems with some forms-based PDFs my work gave me, but on the other hand, it lets me save form field values in pdfs where acrobat won't.

      It's great; I got sick of the bloat ware and "run all the time! in the background! always show up with checks for prompts for updates every time I open my browser!" that adobe has turned into.

      now if foxit only made a flash player

    2. Re:Already there by FlyingBishop · · Score: 5, Insightful

      Actually, the article specifically suggests that Adobe needs to improve its automatic update system, not remove it.

      Foxit is getting pretty widely used, and it will be especially vulnerable if it lacks a mechanism to update itself automatically.

      Convenience != good architecture.

      I'm not sure who are more dangerous, those that don't update because they don't know what updates are, or those that don't update because they're too paranoid about corporations whose software they already use to allow that software to be patched against demonstrated security issues.

      That said, Adobe is bloated. It just has nothing to do with running all the time in the background and prompting for updates, but just with generally shitty programming. Anything used for a significant portion of web traffic needs to have a mechanism to automatically retrieve updates, especially if the user is to lazy make sure that their system is up to date and secure.

    3. Re:Already there by DanWS6 · · Score: 5, Informative

      I was a firm believer in foxit, until I had to fill out my 1040 and related forms. Some of the fields were just screwed up. I had to cave and install acrobat. I died a little inside that day.

    4. Re:Already there by JoeBuck · · Score: 5, Funny

      What about those of us who don't update because we're too lazy?

      You might be lazy, but your computer isn't; it's been sending out spam 24/7 for a while now.

    5. Re:Already there by jbn-o · · Score: 5, Insightful

      Foxit Reader is proprietary, no more inspectable or modifiable than Adobe's PDF reader and therefore no more trustworthy than any other proprietary software. No proprietary software is not a good solution to the problems faced with Adobe's proprietary PDF Reader. You are merely jumping from one proprietor to another.

      A reasonable recommendation is a FLOSS PDF reader such as Sumatra, Skim, or one of the other fine PDF readers recommended by PDFReaders.org.

      --
      Digital Citizen
  2. Helpfully by Anonymous Coward · · Score: 5, Funny

    F-Secure posted a PDF with exploits to uninstall Adobe Reader and install a new free reader.

  3. Re:Not Much Cross-Platform by dov_0 · · Score: 5, Insightful

    I've been using Evince on Linux for years now. No dramas. Runs about 10 times faster than the Adobe Reader as well.

    Does whether a particular reader is cross-platform really matter? Most people only seem to use the zoom in/out, scroll up/down and preview pane functions anyway. Not a lot to figure out on a different system...

    --
    sudo mount --milk --sugar /cup/tea /mouth /etc/init.d/relax start
  4. Acrobat: The Worlds Worst Software by gilgongo · · Score: 5, Insightful

    Acrobat utterly takes the biscuit when it comes to being the most execrably awful, arrogant, bloated, buggy, piece of software ever made, ever. And that's in a world where Microsoft exists as well.

    But as if that isn't bad enough, it ALSO ranks as the most tragic irony in *all* *computing* *history* that such a screamingly, revoltingly, tear-out-your-hair-and-become-a-monk awful software is essentially based on an open standard. I'll say that again: PDF is an *open* ISO standard. HOW did Adobe rape and strangle it to death like they did? If anyone wants an example of how unspeakably evil marketing and sharp practices can be, they need look no further than Adobe Acrobat.

    If I never used Acrobat ever again it would be too soon.

    --
    "And the meaning of words; when they cease to function; when will it start worrying you?"
    1. Re:Acrobat: The Worlds Worst Software by Anonymous Coward · · Score: 5, Funny

      the most execrably awful, arrogant, bloated, buggy, piece of software ever made, ever.

      It's called Realplayer.

  5. For those on the go by compro01 · · Score: 5, Informative

    Sumatra PDF is also available in a portable format.

    --
    upon the advice of my lawyer, i have no sig at this time
  6. Adobe: The Worlds Worst Software Company by Anonymous Coward · · Score: 5, Interesting

    That was my response to the dreamweaver CS3 install that dumped over 800 meg of bolt-on garbarge and two new services BEFORE starting the actual dreamweaver install.

    And the new-and-improved dreamweaver was almost exactly the same as the macromedia version. They added a new CSS selector and a new tab for their adobe ajax framework. And they broke the best interakt extension. So the product went backwards, despite trending towards epic MS levels of application footprint.

    They acquired the interackt folks and I think CS4 suckers are still waiting for the supported port.

    Everything adobe touches turns to shit if you ask me.

  7. What about DRM PDFs? by Orion+Blastar · · Score: 5, Interesting

    I have a ton of DRM protected eBooks from my college. They only work in Adobe Acrobat Reader. How do I remove the DRM, or would removing the DRM so that I can use them in a third party PDF viewer be a violation of my license with the college and publishers?

    I really don't want to lose my eBook library, but I don't want to get infected either.

    --
    Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
  8. Okular has no chance there ... by MartinSchou · · Score: 5, Insightful

    Okular has no chance there. Not amongst regular Windows users at least.

    Step 1 - Go to PDFreaders.org - no issue
    Step 2 - Click on "Download" on the intersection between Okular and Windows - no issue
    Step 3 - Click "Download latest installer for immediate installation. - no issue
    Step 4 - Run the KDE installer - not so much an issue, as what it does is
    Step 5 - Click Next - "install from Internet" is the default setting, sounds reasonable
    Step 6 - Select a download server - "What the hell did I just download then?"
    Step 7 - Select an available release - Ehh? Whut?
    Step 8 - Select the package you want to install - Well, that's just fucked up. 140+ packages to choose from. They're sorted by package name ONLY, cannot sort by package notes.
    Step 9 - Look for something called Okular as package name. None found
    Step 10 - "Oh, well, maybe these are packages I want in addition to Okular. I mean, I downloaded the Okular installer, right?"
    Step 11 - Click Next
    Step 12 - Installation/Update finished
    Step 13 - Realise that NOTHING has been installed.
    Step 14 - Get annoyed
    Step 15 - Call tech support (realise this is a free program and there's noone to yell at)
    Step 16 - Download and run the installer again (because they forgot where they downloaded it to)
    Step 17 - Get to the package list and start reading very carefully
    Step 18 - Wonder why the hell the package list goes Czech, Kashubian, Welsh, Danish, German, Greek, English, Esperanto, Spanish, Estonian [spelling package]
    Step 19 - Realise there's still no Okular package anywhere
    Step 20 - Read the list for the 3rd time and note that "Graphics applications" has a note "(including Okular)"
    Step 21 - Wonder why the hell the download Okular link from before doesn't give you the fucking package to begin with
    Step 22 - Notice that you're now downloading 40 (forty!) packages from the servers
    Step 23 - Notice that one of these files are 60+ MB
    Step 24 - Wonder why they call Acrobat Reader bloated and slow when that installer is less than 25 MB and takes about 30 seconds to install, just by clicking Next until you're done.
    Step 25 - Notice that you now have a folder called "Programs" in your Start menu's program folder, which is aparently a sym-link to the program folder (doesn't point to itself though)
    Step 26 - Find the "KDE 4.22 Release" folder in Programs and notice these programs:

    • Help
    • Graphics\More Applications\KColorChooser (Color Chooser)
    • Graphics\More Applications\KRuler (Screen Ruler)
    • Graphics\Gwenview (Image Viewer)
    • Graphics\KolourPaint (Paint Program)
    • Graphics\Okular (Document Viewer)
    • Network\KNetAttach (Network Folder Wizard)

    Step 27 - Wonder once more why the hell people call Acrobat Reader bloated when this program installs with 5 extra programs.
    Step 28 - Start the bloody program!
    Step 29 - KConf_update.exe would like to run. So, Acrobat Reader running its updater - Bad! This - GOOD!
    Step 30 - TRY to put frustrations aside and use the program

    That installer REALLY needs some work.

    And if you are going to have a Windows program, be as kind as to have an actual uninstaller. NONE of the KDE programs installed are listed in (Add/Remove)Programs(and Features). No uninstallers in the start menu either. I realise a lot of vocal FOSS supporters don't like Windows, but please - if you're going to advocate FOSS, at least make it live up to the LOW standards of Windows software (the non-malicious part of that group).