Slashdot Mirror
Adobe Putting PDF Reader In a Sandbox
Captain Eloquence writes "The next major version of Adobe's PDF Reader will feature new sandboxing technology aimed at curbing a surge in malicious hacker attacks. The initial sandbox implementation will isolate all 'write' calls on Windows 7, Windows Vista, Windows XP, Windows Server 2008, and Windows Server 2003. Adobe security chief Brad Arkin believes this will mitigate the risk of exploits seeking to install malware on the user's computer or otherwise change the computer's file system or registry. In a future dot-release, the company plans to extend the sandbox to include read-only activities to protect against attackers seeking to read sensitive information from the user's computer."
Probably editing and note taking. I draw on PDFs all the time, and I'm glad I'm able to save the edits.
Comment removed based on user account deletion
My cat's sandbox is the right place for Adobe's products.
Too heavy, too slow, too buggy, too dangerous, etc.
-- Rastignac was here.
Many people need it. There are plugins and workflows that use Acrobat in many different businesses, and most small/medium businesses couldn't afford to have alternatives written for them, and have to stick to the commercial offerings. For me specifically, I send clients PDF proofs of printing orders, and any reader other than Acrobat can't be relied upon to be accurate enough for proofing purposes: they usually mess up transparencies, fonts, and other critical information.
Sure there are free pdf readers that work on Linux and 64 bit, but I find that none of them are as flexible with regards to printing options as Acrobat is.
And the last time I installed multi-libraries on my system supporting both 32 and 64 bit, primarily just so I could use Acrobat, I started having some stability issues that I would just as soon not repeat.
File under 'M' for 'Manic ranting'
Signing documents, adding notes, adding addendum, filling out forms, etc. There is more to PDF's then text.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Uh, no one mentioned giving Acrobat root permissions. Where did you get that idea?
Even better would be a "Reader Light" with no write capability at all for the 99% of users who will never use Acrobat to complete a form.
A note on PDF form signing with the free Reader: the Reader does not allow electronic signing unless the document itself is signed with a producer key that is issued by Adobe. In other words, you get to sign for free if your users are using the full Adobe suite. If they only have the Reader, you need to pay something like $20000 to Adobe to get a producer key which allows you to embed the signature block which unlocks the e-signing features of the Reader. So, a hacker wanting to exploit the e-signing mechanism would need to cough up $20k to obtain a producer key, or steal one somehow, before he could even get started.
Again, where's Windows' equivalent of Apparmor or SELinux?
Well, since I've never worked with those products, you don't seem to be interested at all in explaining what the holy fuck they do, and since I'm not telepathic, I can't answer that question.
Perhaps there is one that I'm not aware of,
Not aware of? It was posted IN THIS THREAD LIKE 3 POSTS UP! Seriously, WTF is wrong with you. IIRC, you yourself picked it apart based on a fucking typo (sudo instead of su).
You're being purposefully dense to make some point about your fucking pet software you won't bother to explain. Stop it. It's pissing me off.
Comment of the year
The Australian government uses PDF forms for accepting electoral roll information from citizens.
See: http://www.aec.gov.au
memory and hardware virtualization and cpu ring modes were inventions of the 60's, before apple existed. Multics used them 10 years before Apple was incorporated
Lucky you.
I've had a small handful of pdfs (created w/ different methods, including OS X's print function, and another through PHP's pdf library) not display properly. Some worked well in Preview.app (but not in Reader on Windows; others were the other way around. Sometimes it was text that would show (or not), but typically it was a background image that didn't consistently render. The most recent incident was two+ years, a different job, and several OS versions ago (Tiger), so I can't say whether the issues persist.
Windows doesn't support ICC profiles for printers and ICM profiles for monitors that can be calibrated with any number of tools? No color management at all huh?
"Operating system level
Since 1997 color management in Windows is handled at the OS level through an ICC color management system. Beginning with Windows Vista, Microsoft introduced a new color architecture known as Windows Color System.[5] WCS supplements the Image Color Management (ICM) system in Windows 2000 and Windows XP, originally written by Heidelberg.[6][7]
Apple's Mac operating systems have provided OS-level color management since 1993, through ColorSync.
Operating systems which use the X Window System for graphics use ICC profiles, and support for color management on Linux, still less mature than on other platforms, is coordinated through OpenICC at freedesktop.org and makes use of LittleCMS."
http://en.wikipedia.org/wiki/Color_management
Its trivial to create a pretty standardized pdf as well. Just flatten everything and save as a version 5 or 6 pdf and most anything worth its salt will render it correctly.
zosxavius photography
Well if Sumatra doesn't do it for you I give my customers Foxit which has safe mode built in which halts executable code in PDFs by default, which is of course how they hit you with malware in the first place. Why Adobe decided executable code was just gravy for a document format, I'll never know. But that link will install any of the programs on their page with no toolbars, including Sumatra or Foxit, all automated. Great for setting up a PC for the first time. After version 6 Adobe became just too bloated for me to recommend to customers, but I've not gotten any complaints with Foxit.
ACs don't waste your time replying, your posts are never seen by me.