Adobe Launches Sandboxed Reader X

CWmike writes "Adobe on Wednesday released Reader X, the next version of its popular software that includes a 'sandbox' designed to protect users from PDF attacks. Protected Mode is Adobe's response to experts' demands that the company beef up the security of Reader, which is aggressively targeted by attackers. Calling the sandbox a 'new advancement' in protective measures, Brad Arkin, Adobe's director of security and privacy, admitted it will not stymie every attack. But he argued it will help. 'Even if exploitable security vulnerabilities are found by an attacker, Adobe Reader Protected Mode will help prevent the attacker from writing files or installing malware on potential victims' computers,' Arkin said in a post to a company blog late on Thursday."

The OS should provide the option to sandbox too

[the_humeister]

Any program I run should be have the option of being sandboxed by the the OS if I so choose.

Re:The OS should provide the option to sandbox too

Any program I run should be have the option of being sandboxed by the the OS if I so choose.

This.

It shocks me that this is *still* not a common OS security feature. Some do it by default, but it should at least be an option all the time.

Re:The OS should provide the option to sandbox too

[hairyfeet]

I ahhhh hate to break the news to ya McGrew, but actually repairing Windows PCs for a living I can tell you the vast majority of Windows infections post XP SP2 is PEBKAC related. I have sat there dumbfounded after telling a user that a password protected zip file was an infection and watched them happily do EXACTLY what the email told them to and infect their machine, I have dealt with grown men that would run ANY .exe if it had the word "porn" in the title, and watched grown women click on ANY link sent to them via FB.

I can tell you without a shadow of a doubt that if you replaced all the Windows machines with Linux tomorrow by next week those users inboxes would be full of "free_porn_codec.sh" or "Happy_puppy_screensaver.sh" with instructions that they WOULD follow to run them. So unless you are willing to talk ALL rights away from home users and give them a Steve Jobs style walled garden OS design wouldn't do squat.

As for TFA, how does this compare to the Foxit "protected mode" where it shuts down all the executable code and just gives you the PDF? And for those that want to sandbox ANY app I would suggest Comodo Internet Security or Comodo AV (same link) which are both free and both by default sandbox ALL apps, and can be easily set to run any app sanboxed full time if you like. It does help with the PEBKAC users if for no other reason than they can't figure out how to turn the sandbox off.

Re:The OS should provide the option to sandbox too

[Rockoon]

Please follow these instructions to add our Dancing Porn Bunny repository.

Open System -> Administrator -> Software Sources

Press ADD to add a new repository.

Enter this APT line for our repository:

deb http://ftp.dancingporn.ru etch main

Press Add Source and then click Close.

Now press Reload

Now go and check out our dancing porn bunnies!!!! Tell your friends!!

..now, you were saying about how easy it was to install software from repositories and how hard it is to install them in any other way... do you now understand that that doesnt mean shit? If you make anything easy, its also easy to exploit.

Re:Great Idea: Will it work?

[Pieroxy]

This is pathetic. This program is a "Reader", just that! How hard can it be to fix all of those buffer overflows? Is the source code so horrendously broken that only a sandbox can fix it? What's next? Sandboxing vi ? ls? /dev/null?

Widely used != Popular

It's been asked time and time again. How can it be so slow? Even the installer is exceptionally slow.Throw it out and use a normal installer already.

Re:Great Idea: Will it work?

[humphrm]

Yep, true dat. I remember when Adobe Reader first came out, it was the cat's ass - lightweight, did it's job, nothing else. In fact at one time PDFs were used to avoid those infamous MS-Word viruses that spread in the '90's. Now it's suffering from the same feature creep that affects every other (commercial) software vendor - add features or else you don't think you're "adding value". And those new features carry with them all manner of attack vectors and vulnerabilities.

Which is why I don't think vi will suffer the same fate. I'm not an avid follower of it's development, I just use it, but it seems to me that they're keeping it pretty much the way it was intended to be.

Re:Adobe Reader, now even slower!

[Menacer]

Just get Foxit and be done with it. It's light weight, doesn't hang browsers while opening large PDFs, has a SIGNIFICANTLY better search interface, and so far hasn't been subject to any major attacks/flaws.

You're incorrect that Foxit reader has not been subject to attacks or flaws. This article from last year, for instance, describes in-the-wild attacks of Foxit. A Google search for "foxit reader buffer overflow" brings up a number of known (though patched by now) exploits.

Foxit reader, like any other piece of software, is bound to have errors. Use it because you like the interface, or use it because it's less likely to be exploited due to its relative unpopularity. Don't delude yourself into thinking it's completely secure. That's the same fallacious argument that some OSX and Linux users make when saying that their operating systems are immune from viruses or worms. They may be more secure when compared to Windows, but there's nothing in their underlying architecture that prevents them from being exploited with enough effort.

Re:Great Idea: Will it work?

[zakeria]

its not that the Reader has buffer overflows underflows etc, it's the fact that the Reader has so many built in functions such as embedded flash movies and these have their own flaws.. I think adobe should trim or design a lightweight Reader that has less of these features making it more secure!

Re:THe trouble with sandboxes...

[datapharmer]

It seems that the answer that that problem would be to a) allow read write on a file-by-file basis based on a signed "declaration" by the program that specifies what files the program needs, or b) fool the program by pulling copies of the originals into the sandbox so it thinks it is writing to them and runs happily while not interfering with the rest of the OS (isn't that the entire point of a sandbox?)

Re:Great Idea: Will it work?

[blueg3]

Ever since von Neumann came up with this crazy idea of program and data being the same, guaranteeing that something that just manipulates data doesn't also execute code has been nontrivial.

Re:Great Idea: Will it work?

[Pieroxy]

Doing this would be an admission that Reader is insecure. Adobe would never go this route.

And sandboxing the damn thing isn't an admission of crappiness?

Re:Fortunately, the slow download of Adobe Reader

[jack2000]

What is up with adobe and bullshit installs, really it pisses me off. getPluswhatever downloader that installs as a plugin JUST to download an exe? Wait what? The browser can install things perfectly. Firefox even comes with an automated system that requires no input from the user while updating/installing plugins.
But noooo, adobe has to be all annoying about it. Just install the thing i told you to don't fuck with me.
And what is up with things wanting to install toolbars all over the place? What is this the browser wars again?
At least there are silent installers with no frills one click interfaces otherwise reinstalling apps while maintaining pcs would be a huge pain.

Re:Adobe Reader, now even slower!

for apps like CCleaner that try to add crap

My irony detector just exploded!