Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adobe Security Chief Defends JavaScript Support

Posted by timothy on from the oh-it's-gotta-have-javascript dept.

Trailrunner7 writes "Despite the fact that the majority of [PDF-related] malware exploits use JavaScript to trigger an attack in Adobe's PDF Reader product, the company says it's impossible to completely remove JavaScript support without causing major compatibility problems. In a Q&A on Threatpost, Adobe security chief Brad Arkin says the removal of JavaScript support is a non-starter because it's an integral part of how users do form submissions. '"Anytime you're working with a PDF where you're entering information, JavaScript is used to do things like verify that the date you entered is the right format. If you're entering a phone number for a certain country it'll verify that you've got the right number of digits. When you click 'submit' on the form it'll go to the right place. All of this stuff has JavaScript behind the scenes making it work and it's difficult to remove without causing problems," Arkin explained.'"

3 of 216 comments (clear)

  1. B-A-L-O-N-E-Y by Stumbles · · Score: 0, Flamebait

    Yep Java is such a powerful language... it is the only one that can verify the correct number of digits for a phone number, the right date, etc. So there all you purist language tards; things like C++, C, perl, python, etal are utter crap compared to the almighty Java and its scripts. Who cares if there are a few security issues introduced, Adobe could not give a shit about it.

    --
    My karma is not a Chameleon.
  2. Stop right there. by geminidomino · · Score: 0, Flamebait

    Anytime you're working with a PDF where you're entering information, you've already failed

    Fixed that for you, dipshit.

    You can't defend a stupid idea by saying that without it, another stupid idea would be impossible.

    Well, I guess you CAN, since this knob just DID. He just didn't do a very good job of it.

  3. Re:Easy but far too simple solution by uniquename72 · · Score: 0, Flamebait
    Wow, three idiotic posts by morgan greywolf already, and I'm not even a tenth of the way through this page!

    Many enterprises use alternative tools for generating PDFs

    While you're correct that Adobe makes more from other tools, to say that free software is cutting into sales of Acrobat is just plain dumb. It's akin to saying, "Microsoft doesn't make that much off of Office because many enterprises use OpenOffice." Yes, there are free alternatives, but Adobe Acrobat is the standard bearer and will remain so for the foreseeable future.

    As a smart company, don't you think there's a REASON that Adobe continues product development on Acrobat? Or do you think they're just throwing away their money without any profit expectation?