Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adobe Reader X With Sandbox Due In November

Posted by CmdrTaco on from the i-like-the-dump-truck dept.

Trailrunner7 writes "Adobe will finally release the new version of its Reader software — which will include the much-anticipated Protected Mode security feature — next month. Adobe Reader X will include a number of other new features in addition to the sandbox feature. Adobe officials have been discussing Protected Mode for several months now and said early on that it would be included in the next version of Reader, but had never set a time line for the release of Reader X. Now, the company says the new version will be available in November, although no specific date was announced."

11 of 110 comments (clear)

  1. At Last! by WrongSizeGlass · · Score: 3, Interesting

    At last ... the malware writers will have a new challenge, and just in time for those long holiday weekends. I'm betting they find a way around Adobe's "sandbox" before the end of the year. Adobe used to make very good software - now they make very exploitable software.

    1. Re:At Last! by ByOhTek · · Score: 4, Funny

      The big question is... Which will be released first?

      The new version, or the exploits for the new version.

      --
      Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
    2. Re:At Last! by MoonBuggy · · Score: 4, Insightful

      Adobe used to make very good software - now they make very exploitable software.

      They still can make good software, which they proceed to sell for very large quantities of cash. What I don't really understand is why they ever updated PDF beyond being a simple document format - it introduced all of these vulnerabilities, and gave them a lot more work to do on their free reader software, for little real value. What was wrong with just keeping it as a simple extension of postscript?

    3. Re:At Last! by neumayr · · Score: 3, Informative

      Acrobat isn't replaced by "Print to PDF". Not by a long shot.
      If all this extra functionality is actually needed, I do not know. But making PDF popular is part of what lets them sell their ADEPT DRM solution, and I'm sure that's making them a pretty penny.

      --
      Truth arises more readily from error than from confusion. -Francis Bacon
    4. Re:At Last! by Skuld-Chan · · Score: 5, Informative

      Having worked on Adobe Acrobat (and Reader) for the last 8 or so years (my name is in a good chunk of all the release credits since version 5 or 6) the feature to add form support was added in version 3 (which came out in the mid 90's) as an addon.

      It was added for the same reason a lot of features were added - to extend the product compete in a specific marketplace - specifically places where forms are displayed. Same reason a lot of features in a lot of products are added - to make more money in another market.

      Where I work now they use a development kit from Datatel called Colleague - most of what it does is display forms from a pick database and read or save these fields (it has scheduling, accounting/ap/ar etc as well built in). You could in fact use Acrobat to display these same forms. And if your migrating from a paper based workflow - you can in fact scan all these forms in, add a bunch of fields with whatever logic JS provides (and in turn hook that into whatever logic livecycle server provides) and you have an electronic version of the paper form you used to file away.

      That was in fact (as I recall it was a while back) the marketing pitch.

      It does work too - there's even support for SAP. At one point the IRS had grand visions of filing all your taxes electronically with it (but since we can't have nice things in this country that got canned) - so it does have a lot of potential. Since something like 90% of all PC's have some version of Reader - it's an excellent target platform if you want to display paper like forms on the net.

      But like ANYTHING that has any kind of outside connectivity it's vulnerable to attack. People on here always herald other technologies as they would save us from whatever we use now, but its just a matter of what is and isn't the target. Acrobat 4 and 5 had massive vulnerabilities, but no-one ever complained about rogue pdf files because it wasn't a target. I remember the first big vulnerability on Acrobat 7 - it wasn't sanitizing inputs (it does now!) and allowed a PDF to execute commands on the PC (very similar to the bobby tables comic). After that exploit - the blood was in the water and everyone and their sister wanted to poke away at the code to find new ones (and being a very old product it has plenty of them...).

    5. Re:At Last! by pclminion · · Score: 3, Informative

      PDF is not an extension of PostScript. There is a superficial similarity between the PDF content stream format and PostScript, and although this was done deliberately to make printing PDFs to PostScript devices simpler, it is not a real derivative of PostScript. For instance, there is no operand stack, and there are no control flow or looping constructions.

      A PDF file is essentially an object-oriented database. Some of the contents of this database are graphics operator streams which are syntactically similar to PostScript. That is where the similarity begins and where it ends.

    6. Re:At Last! by Anonymous Coward · · Score: 5, Insightful

      So why is it that Acrobat reader is 200mb and takes forever to install, and installs several other adobe products with it and then requires admin rights to install updates so it always gets outdated and becomes vulnerable?... it's because it has become bloatware. Just like Quickbooks, it just keeps getting slower and slower and slower, and contains more features that 90% of users wont ever use.

      SumatraPDF is like 1.5MB and installs in less than 5 seconds and opens instantly

      Perhaps there should be a Lite version of Adobe Acrobat for people who just want to view PDF files... we could call it "Adobe Acrobat Reader"

  2. This is good but.... by mark-t · · Score: 3, Interesting

    ... I'm still waiting on acrobat reader for x86_64 Linux. While there are other PDF readers for Linux, none of them that I've found work properly with documents that use layering features apparently only found in Acrobat.

    --
    File under 'M' for 'Manic ranting'
  3. Gasp! by Quiet_Desperation · · Score: 3, Funny

    And little does anyone suspect that Reader X is actually Speed Reader's long lost brother!

  4. Great! by Local+ID10T · · Score: 4, Insightful

    New Adobe Acrobat Reader X!

    Slower and more bloated than ever before!

    New holes to exploit*!

    (*old holes still included)
    ...yeah, I'll stick with Foxit Reader.

    --
    "You want to know how to help your kids? Leave them the fuck alone." -George Carlin
  5. Re:when your os... by afidel · · Score: 3, Insightful

    Windows hasn't done that since 2000 if you know what you are doing.... Even less so for Vista/2008 and up.

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.