Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adobe Putting PDF Reader In a Sandbox

Posted by kdawson on from the and-stay-there dept.

Captain Eloquence writes "The next major version of Adobe's PDF Reader will feature new sandboxing technology aimed at curbing a surge in malicious hacker attacks. The initial sandbox implementation will isolate all 'write' calls on Windows 7, Windows Vista, Windows XP, Windows Server 2008, and Windows Server 2003. Adobe security chief Brad Arkin believes this will mitigate the risk of exploits seeking to install malware on the user's computer or otherwise change the computer's file system or registry. In a future dot-release, the company plans to extend the sandbox to include read-only activities to protect against attackers seeking to read sensitive information from the user's computer."

20 of 225 comments (clear)

  1. Who needs it? by Animats · · Score: 4, Interesting

    I have only Sumatra PDF on my Windows 7 machine. I don't have a copy of Adobe's viewer on the machine at all.

    Sumatra PDF is dumb, but reasonably secure. It can't do cut and paste, it doesn't do forms, and it doesn't have Javascript.

    1. Re:Who needs it? by Suicidal+Teapot · · Score: 5, Informative

      Many people need it. There are plugins and workflows that use Acrobat in many different businesses, and most small/medium businesses couldn't afford to have alternatives written for them, and have to stick to the commercial offerings. For me specifically, I send clients PDF proofs of printing orders, and any reader other than Acrobat can't be relied upon to be accurate enough for proofing purposes: they usually mess up transparencies, fonts, and other critical information.

    2. Re:Who needs it? by plasticsquirrel · · Score: 5, Insightful

      "I don't use Adobe Reader, so why would anyone else need to? Why can't everyone just change to something else?"

      Sorry, but the vast majority of users have Adobe Reader installed to view PDF files, and they will not know why or how they should change to something else. Add to that the fact that the security of shitty-but-popular popular affects us all by proxy, and these things really do matter.

      It's like saying, "Well, I don't care about malicious JavaScript and ActiveX in Internet Explorer, because I use Firefox on Linux. Who needs that other crap?" Most other people are just going to use default garbage, and the entire Internet is impacted by this.

      Still, there are always Slashdot posts in the vein, "I don't use software X, I use software Y, so it doesn't matter." It's a naive and self-centered view of the world that unrealistically assumes that because a particular geeky reader found a way around a problem, that it has ceased to become a problem, or that the entire world should then follow this in emulation. Wake up, the world is bigger than the basement you inhabit.

      --
      Systemd: the PulseAudio of init systems
  2. They should put it in the trashbox by Joe+Snipe · · Score: 4, Insightful

    That piece of bloatware should be put on a harsh diet before that.

    --
    Sometimes, life itself is sarcasm...
  3. Finally.. by Anonymous Coward · · Score: 4, Insightful

    It appears Adobe finally realized that a document reader shouldn't have access to my entire sysetm.

  4. Question by wonkavader · · Score: 4, Insightful

    Why does a PDF viewer need to give the document the ability to write at all?

    Would ripping some of the crazy features out of the PDF spec solve this more completely and reasonably?

    What do we use PDFs for which involves writes?

    1. Re:Question by Anonymous Coward · · Score: 5, Funny

      What do we use PDFs for which involves writes?

      Malware installation.

    2. Re:Question by Anonymous Coward · · Score: 5, Informative

      Probably editing and note taking. I draw on PDFs all the time, and I'm glad I'm able to save the edits.

    3. Re:Question by Kenja · · Score: 4, Informative

      Signing documents, adding notes, adding addendum, filling out forms, etc. There is more to PDF's then text.

      --

      "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
    4. Re:Question by rudy_wayne · · Score: 4, Insightful

      Signing documents, adding notes, adding addendum, filling out forms, etc. There is more to PDF's then text.

      It's called Acrobat READER and it is supposed to be for READING PDF files. It is completely inappropriate for it to be able to WRITE anything. Adding extra crap is the reason that it has so many security flaws.

    5. Re:Question by nine-times · · Score: 4, Insightful

      With Acrobat, Adobe has fallen into a particular bloat trap usually reserved for Microsoft and AV vendors. It goes like this:

      You release a product, and it does one specific thing well. Lots of people buy it, and you have a success on your hands. You come up with a bunch of fixes and new features, and release version 2. Again, lots of people buy it. Same thing again with Version 3, maybe version 4... and so on. This is the normal ideal for-profit software development model.

      However, at some point you start developing what will become... let's say version 5. You start working on it, and you can't think of any good features to add in. Version 4 already does everything you want that software to do, but you can't just stop there-- you wouldn't be able to sell any upgrade anymore. At the same time, you can't just release bug-fixes and improve performance, since you wouldn't be able to justify charging people for a new version that consisted only in bug fixes. You don't want to head in an entirely new direction because it might alienate current users. You don't want to invest in creating a new product instead, because new products are risky. You just want to find a way to continue milking your cash cow.

      Eventually you come up with a bunch of flashy-sounding features that you can advertise even if almost no one uses them. You invest in marketing to make people feel like this new version will allow them to do lots of things that they'll probably never actually do. You reorganize the interface, shifting controls around for no reason other than to make things look "new". You discontinue support for older versions. You modify your file formats so that they'll be slightly incompatible with older versions, or at least you make sure your older versions throw up some kind of warning that says, "This document was made with a newer version. Upgrade now!"

      You do a whole bunch of that stuff, and sure enough, people buy it. You set out to make version 6, and you find yourself in approximately the same bind. Some people are still happily using version 4 of your software, and you haven't been able to convince them to upgrade. So then you start throwing even more powerful-sounding but useless features at your customers. "This version has SecureBit technology, which will make all of your bits secure. Make sure you upgrade, or all your information will be eaten by hackers!" and "This version has the latest support for the latest AwesomeX technology. Make sure you upgrade, or you'll find out your friends can do cool things that you can't!" Little by little, you push customers to the latest version. This is now your business model.

      With each version, you throw in more and more stuff. Maybe some of it's useful. Maybe there are even 2% of your customers that actually make good use of AwesomeX technology. Mostly, though, your software gets more and more bloated with stupid things so that you have an excuse to keep charging money.

      Ultimatley PDF have been fine for making print documents for a long time. Acrobat and Acrobat Reader have improved in some ways, but even old versions were adequate for producing static PDFs. Adobe's only hope for continued growth is to push PDF to be used for more and more things that it is not well suited to handle. Adobe has made it so each PDF file can be kind of like its own stand-alone application by using javascript and Flash.

    6. Re:Question by jim_v2000 · · Score: 5, Funny

      YEAH! And Microsoft WORD should only let you use WORDS...not crappy images and all that.

      --
      Don't take life so seriously. No one makes it out alive.
  5. Operating System Feature by Anonymous Coward · · Score: 4, Interesting

    Should it be an operating system feature to force all user applications to run in a sandbox by default?

  6. Doesn't matter by MadGeek007 · · Score: 4, Insightful

    A sandbox doesn't matter if said sandbox has as many flaws as the orignal reader...

  7. Re:Sandbox by repka · · Score: 5, Funny

    Sounds suspiciously Apple-like. iPhone apps do this very thing.

    No shit Sherlock: sandboxing, emulation, memory and hardware virtualization, CPU ring modes are all Apple inventions from 1970s and Windows 7 you're browsing from right now has its code base from Apple Lisa of that era.

  8. This reminds me of Word Macros by Lord+Byron+II · · Score: 5, Insightful

    It seems that Microsoft already went through this 15 years ago with Word macros. It's kind of scary that these companies that are producing software for looking at / creating documents would enable this sort of functionality in their file formats. I realize that there are a handful of applications where it's beneficial to have a document be able to write to the filesystem, but for 99.99% of documents, what business do they have reading or writing anything?

    It would be like if you bought a book, sat it down on your desk, and when you pick it up later, you find that the book was doodling on your desk the whole time.

  9. And yet they still haven't made a version... by mark-t · · Score: 5, Informative

    ... for 64 bit linux.

    Sure there are free pdf readers that work on Linux and 64 bit, but I find that none of them are as flexible with regards to printing options as Acrobat is.

    And the last time I installed multi-libraries on my system supporting both 32 and 64 bit, primarily just so I could use Acrobat, I started having some stability issues that I would just as soon not repeat.

    --
    File under 'M' for 'Manic ranting'
  10. Re:Desperation by MBCook · · Score: 4, Interesting

    I'm on OS X, so I use Preview (built in), and it's amazing. It looks great, and it's fast as heck. Because of this I was able to go a long time without having to use Adobe Reader.

    Then I ran into a PDF at work (Windows boxes) and suddenly remember the word of pain and slowness that Reader caused. I now use FoxIt on Windows. It's not perfect (the experience of using Preview is much smoother), but it doesn't act like it owns my computer.

    I recently discovered that not only do PDFs on Snow Leopard have icons that look like their first pages, but when you mouse over them two little buttons pop up and you can turn pages on the icon so you can easily see if a small PDF contains a specific chart without having to open preview or quicklook.

    Some Mac blogger wrote a little while ago that if it wasn't for Preview, Mac users would have abandoned PDFs years ago as slow and bloated (the impression Reader leaves on both Mac and PC). Between Preview and the built in Print to PDF support, you forget how obnoxious PDFs can be on other platforms. MS should make a PDF reader and embed it into 7 SP2. It has to be better than Reader, and 95%+ of users don't use the fancy form-filling auto calculation Javascript magic stuff.

    --
    Comment forecast: Bits of genius surrounded by a sea of mediocrity.
  11. The real question is. . . by jafac · · Score: 4, Funny

    Who sandboxes the sandboxers?

    --

    These are my friends, See how they glisten. See this one shine, how he smiles in the light.
  12. Re:This is all good but... by fuzzyfuzzyfungus · · Score: 5, Funny

    No, don't worry. Because of how bloated Acrobat Reader already is, Adobe was able to fit a re-skinned copy of virtualbox, containing a minimal linux image running Evince, in a package smaller than the prior download.

    This is how they managed to get a "sandboxed" PDF reader out in less than the usual absolutely glacial Adobe development timeframe...