Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Adobe PDF Exploits In the Wild

CmdrTaco posted more than 6 years ago | from the junkbusters-are-better-than-virus-scanners dept.

Security 150

mambosauce writes "Brian Krebs, via the security fix blog is reporting that the recent PDF vulnerabilities which were patched only for Adobe Reader 8 and not 7 are being exploited via banner ads. As if there haven't been enough banner ad attacks this year now we have another one targeting one of the most popular applications in the world this weekend. At this rate there won't be many safe applications left to use."

cancel ×

150 comments

Use a different PDF viewer instead (5, Informative)

Anonymous Coward | more than 6 years ago | (#22361204)

That's what foxit and kpdf are for.

Re:Use a different PDF viewer instead (4, Insightful)

ScrewMaster (602015) | more than 6 years ago | (#22361260)

No kidding. FoxitReader is a hell of an improvement over Adobe's crap, even if it isn't open source.

Re:Use a different PDF viewer instead (0)

Anonymous Coward | more than 6 years ago | (#22361318)

Unfortunately, I have to have it installed to do testing with PDFs since we have scripts that generate the things and sometimes they don't work correctly.

So I downloaded the new version of acrobat, and the thing doesn't actually upgrade. It installs and leaves the old version still on the system... WTF?? Adobe is retarded...

Re:Use a different PDF viewer instead (1)

ScrewMaster (602015) | more than 6 years ago | (#22361582)

Might be you have a permissions problem on the program folder or the files. You'd think the installer would have reported that fact, but maybe not. Log in as Administrator and see if it upgrades then.

Re:Use a different PDF viewer instead (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22361700)

i think this is on topic: http://www.youtube.com/watch?v=FsNFhYgIXrg [youtube.com]

Re:Use a different PDF viewer instead (0)

Anonymous Coward | more than 6 years ago | (#22361970)

Ah, yes. There's more information on that here [youtube.com] .

Re:Use a different PDF viewer instead (0)

Anonymous Coward | more than 6 years ago | (#22362032)

> So I downloaded the new version of acrobat, and the thing doesn't actually upgrade. It installs and leaves the old version still on the system... WTF?? Adobe is retarded...

That's not a bug, it's a feature! (Really, no sarcasm tag!)

Most of us using Adobe's shit in a production environment need the ability to continue using the old version, especially when we discover what the "upgraded" version breaks and how much harder it sucks.

The best way to upgrade anything in a production environment that's running smoothly is not to upgrade. Failing that, being able to install the "new hotness" (that is, the new-donkey-balls-suckingness) and run it in parallel with the "old and busted" (that is, the stable and working system on which your business depends) is the next best thing.

Re:Use a different PDF viewer instead (1)

mikapc (664262) | more than 6 years ago | (#22361406)

I second that. Foxit is so much faster and less of a resource hog then adobe reader.

But Foxit doesn't work! (4, Insightful)

Anonymous Brave Guy (457657) | more than 6 years ago | (#22361676)

Foxit is so much faster and less of a resource hog then adobe reader.

It also doesn't work. For example, two-page documents generally start with page 1 on the right, yet in two-page mode Foxit insists on displaying pages 1 and 2 together, 3 and 4 together, etc. I discovered this when I tried it after seeing comments like the parent and GP posts, and also discovered that there have been bugs logged on this for eons but no-one seems to care about fixing it. The software was uninstalled from my PC within two minutes of installing it and filed under "beyond hope".

One of these days, people on Slashdot will realise that something that is free/or more secure is still worthless if it doesn't actually do the job it's supposed to do.

Re:But Foxit doesn't work! (0)

Anonymous Coward | more than 6 years ago | (#22361754)

Just because it isn't good for what *you* want to do doesn't mean that *I* can't use it. It works for everything I need it for, and it is about 5 million times faster than acrobat reader. So it is free, probably more secure, and does everything I need. That makes it far from worthless in my book.

Re:But Foxit doesn't work! (1)

dmsuperman (1033704) | more than 6 years ago | (#22362474)

I've never had a problem with it. First of all, what does it matter which side it's on, if you're reading it the same anyway :s

Second of all, it's a huge improvement. Adobe Reader takes forever to open up (even on my fast computer), but Foxit comes up in seconds. And it's free. Beat that, Adobe.

Re:But Foxit doesn't work! (1)

milsoRgen (1016505) | more than 6 years ago | (#22362726)

Adobe Reader takes forever to open up (even on my fast computer), but Foxit comes up in seconds.
Ain't that the truth... I remember Maximum PC (or was it CPU?), either way they were able to download, install and run Foxit before Adobe had even finished loading up.

Speed up Acrobat Reader (2, Insightful)

plover (150551) | more than 6 years ago | (#22363344)

A long time ago, I learned that Acrobat Reader is so damn slow to launch because of all the crap plugins that are loaded with it. I couldn't remember exactly which of the various modules I removed, but a quick Google gave me this: http://dwtips.com/2006/06/17/how-to-speed-up-pdf-loading-with-adobe-acrobat/ [dwtips.com] It looks like the same type of instructions that I followed way back when.

Ah come on... (1)

Animaether (411575) | more than 6 years ago | (#22362546)

the page layout (right vs left) is hardly a major issue when it concerns Foxit, a PDF -reader-. I can fully understand if you want it to work correctly for a PDF authoring app, so that it comes out the printer the way you see it on screen, but geeze.

It's like calling ThunderBird "beyond hope" because the thunderbird team appear to be unwilling to fix the folder rename issue on the Windows platform (renaming "Test" to "test" will tell you that it already exists. durrr. https://bugzilla.mozilla.org/show_bug.cgi?id=92165 [mozilla.org] - July 2001. )

That said, next version (there's always a next version) of Foxit should have this implemented a la Adobe's Reader. If it is, then that's implemented a whole lot quicker than the aforementioned asinine TB bug ( http://www.foxitsoftware.com/bbs/archive/index.php/t-192.html [foxitsoftware.com] - September 2005 ), although I agree that it should have been implemented in an afternoon's work (even done dirtily so by inserting a blank invisible page in the page array).

Re:Use a different PDF viewer instead (1)

Constantine XVI (880691) | more than 6 years ago | (#22361672)

And if you need more OSS in your diet, there's SumatraPDF (http://blog.kowalczyk.info/software/sumatrapdf/ [kowalczyk.info] )

Re:Use a different PDF viewer instead (1)

Tibby Lickle (1006519) | more than 6 years ago | (#22361814)

I've found this to be a great little program. The latest version includes support for bookmarks and search, which I particularly missed in previous versions. I've had to get used to not flinching whenever I accidentally click on a PDF link. My only criticism is that I haven't found a way of using this as a browser plugin - but then I've never really missed this functionality, so I haven't looked too hard.

Re:Use a different PDF viewer instead (1)

Zackbass (457384) | more than 6 years ago | (#22361784)

I like Foxit and use it in place of Acrobat Reader, but there's one problem I have with it that makes me have to start up Acrobat Reader sometimes. Some types of PDFs like datasheets seem to cause the program to grind with what looks like completely rerendering the page every time it's scrolled. It gets hung up for a couple of seconds with every motion making it almost unusable for some documents but Acrobat Reader works perfectly with the same files. Anyone have some idea what this is about?

Re:Use a different PDF viewer instead (2, Informative)

Futil3 (931900) | more than 6 years ago | (#22362026)

Sumatra PDF [kowalczyk.info] is a very speedy and free (GPLv2) reader for the Windows people. (no affiliation, just a happy user.)

Re:Use a different PDF viewer instead (1)

drozofil (1112491) | more than 6 years ago | (#22362070)

Okular, part of KDE4, is fine too. And it's open source. Some windows/macosx binaries should be made available any time soon, if not already done. Linux binaries are available, source package are too.

Re:Use a different PDF viewer instead (1)

tokul (682258) | more than 6 years ago | (#22362508)

FoxitReader is a hell of an improvement over Adobe's crap

Some people measure things in (centi|mili)meters instead of inches.

Re:Use a different PDF viewer instead (1, Informative)

Anonymous Coward | more than 6 years ago | (#22362606)

Yes but ...
* Can FoxitReader view Flash. WMV, Real and Quicktime content embedded into PDF files?
* Can FoxitReader edit PDF files if they have been encypted and signed using Reader Extensions Server?
* Can FoxitReader let its user participate in PDF reviews?
* Does FoxitReader support submitting forms to a server backend using XML?
* Does FoxitReader let you participate in online meeting using Adobe Acrobat Connect?
* Does FoxitReader let you condense PDF files into a booklet?
* Can you sign documents with FoxitReader if they have been flagged as such?
* Does FoxitReader support OpenGL acclerated embedded 3D content?
* Does FoxitReader support DirectX and other accelerated graphics API's?

I am getting tired or all the Adobe Reader bashing from people that does not understand how capable this product really is. It can pretty much do everything that Acrobat Professional can do if the PDF signature permits it to. It's a piece of software aimed at everyone, from coorperations to home users. Adobe Reader is pretty much Adobe Acrobat without the save feature enable by default and the PDF Writer.

Re:Use a different PDF viewer instead (1)

siride (974284) | more than 6 years ago | (#22362838)

Most people don't need that, though, when they are just viewing PDFs on the web. Nobody is really saying that Foxit/et al can or even should do all of what you are saying. But they're okay with that because they don't need to participate in online meetings through a PDF reader.

Re:Use a different PDF viewer instead (1)

RMH101 (636144) | more than 6 years ago | (#22362930)

* Do I care about any of this shit, when all I want is to be able to safely view a PDF file within a few seconds of clicking on it?

View OpenGL content embedded in PDFs. For fucks sake.

Re:Use a different PDF viewer instead (1)

iamacat (583406) | more than 6 years ago | (#22361354)

Yeah, Preview is pretty good too. Unlike Acrobat, it starts instantly without the annoying logo popping up for half a minute in the middle of the screen and blocking all the other applications.

Re:Use a different PDF viewer instead (2, Informative)

FudRucker (866063) | more than 6 years ago | (#22361490)

in case anyone is interested kpdf is part of KDE's kde-graphics package...

Re:Use a different PDF viewer instead (2, Informative)

JackieBrown (987087) | more than 6 years ago | (#22361606)

Okular in kde4

I have both... (1)

SanityInAnarchy (655584) | more than 6 years ago | (#22361746)

Rather, both kpdf and acroread.

The main reason I have acroread is because I can -- it's one less program people can whine about not having on Linux, and you never know when I'll run into something kpdf can't handle.

But I also have it because it has one feature I dearly wish kpdf did: the ability to rotate the rendered PDF. Take a widescreen, clamshell laptop/notebook, turn it on its side, and let a page of a book fill the screen, and you have a pretty nice eBook reader.

Re:I have both... (1)

gEvil (beta) (945888) | more than 6 years ago | (#22361850)

But I also have it because it has one feature I dearly wish kpdf did: the ability to rotate the rendered PDF. Take a widescreen, clamshell laptop/notebook, turn it on its side, and let a page of a book fill the screen, and you have a pretty nice eBook reader.

I did that for a while a few summers ago. Take a Project Gutenberg text file (or any text file), throw it into your favorite word processor/page layout program, choose a nice body font, give it some reasonable margins, stick page # footers in, then export it all out to a PDF. Fire up Acrobat Reader, set the background color to a nice cream color, rotate the page 90 degrees, hit fullscreen, find a nice comfy chair and read! Flipping the page was a matter of hitting the mouse button, which is where my thumb was resting anyways. Worked quite well.

xrandr (1)

John Hasler (414242) | more than 6 years ago | (#22362118)

> Take a Project Gutenberg text file (or any text file), throw it into your favorite word
> processor/page layout program, choose a nice body font, give it some reasonable margins,
> stick page # footers in, then export it all out to a PDF. Fire up Acrobat Reader, set the
> background color to a nice cream color, rotate the page 90 degrees, hit fullscreen...

Seems like a lot of wasted effort. Why not just use xrandr to rotate the display?

Re:I have both... (3, Informative)

whoever57 (658626) | more than 6 years ago | (#22362068)

But I also have it because it has one feature I dearly wish kpdf did: the ability to rotate the rendered PDF.
Evince can do this.

Re:I have both... (1)

xaxa (988988) | more than 6 years ago | (#22362616)

one feature I dearly wish kpdf did: the ability to rotate the rendered PDF.
KGhostView will do this. I don't know why Kpdf won't.

Re:Use a different PDF viewer instead (1)

mambosauce (1236224) | more than 6 years ago | (#22362624)

no ones arguing the sweetness of programs like foxit, there just aren't too many fortune 500 companies that i know of with it installed

Solution: (2, Insightful)

CSMatt (1175471) | more than 6 years ago | (#22361212)

Don't use Adobe Reader.

Re:Solution: (1)

farlukar (225243) | more than 6 years ago | (#22361272)

Captain obvious to the rescue!

Re:Solution: (0)

Anonymous Coward | more than 6 years ago | (#22361280)

Don't use Adobe Reader.
Stay offline is a better proposition?

Re:Solution: (1)

zerocool^ (112121) | more than 6 years ago | (#22361886)


Use Foxit Reader.

Re:Solution: (0)

Anonymous Coward | more than 6 years ago | (#22362500)

Captain fanboy to the rescue!

One of the most popular? (1)

calebt3 (1098475) | more than 6 years ago | (#22361246)

And IE isn't already in this category?

"Safe" application? (3, Insightful)

Chas (5144) | more than 6 years ago | (#22361276)

[Windows User] WUZZAT?

You have a multitude of applications, varying versions of operating systems, and scores of browser versions out there.

Is it REALLY any surprise that there are security holes like this? The miracle is that there aren't MORE.

Note: I'm NOT saying that these holes aren't a bad thing and shouldn't be patched. But this idiotic notion of a "safe" app just irks the shit outta me.

The only "safe" app is one that has absoloutely no interaction with other programs or the user whatsoever. (IOW it don't exist.)

Re:"Safe" application? (1)

albert.wavering (1235954) | more than 6 years ago | (#22361300)

Applications would be secure if they didn't have to deal with people . . .

Re:"Safe" application? (2, Funny)

youthoftoday (975074) | more than 6 years ago | (#22361540)

If everyone did things in pure functional programming languages there would be no side-effects.

Re:"Safe" application? (0)

SanityInAnarchy (655584) | more than 6 years ago | (#22361764)

It is possible to write provably safe apps. As in, mathematical proofs.

In fact, there is a company which specializes in writing damn-near absolutely safe, bug-free apps. They do it in about as much time as the competition writes buggy, insecure apps, because the lack of bugs in the first place means less of a debugging cycle. They charge about twice as much, because very few other companies provide that much quality.

Can't remember their name now, though.

Re:"Safe" application? (1)

robo_mojo (997193) | more than 6 years ago | (#22363030)

Can't remember their name now, though.

That's a shame, because I'd like to send my application to work for them.

Got one phishing email attachment w/PDF (1)

JoeCommodore (567479) | more than 6 years ago | (#22361302)

I recently received an email spam with a PDF (not the file.xxx.exe I normally see in such emails), I figured that was one of the exploit files.

Some vague "Your Account" message from "Bank Trust" from some a 3rd party email with the Manual_Invoice.pdf attachment. 134k

Re:Got one phishing email attachment w/PDF (5, Funny)

Anonymous Coward | more than 6 years ago | (#22361316)

Yeah, I got that one, too. Thing is, I don't remember opening an account with Bank Trust. I went to the website and tried logging in with all my various bank logins, and none of them worked. I think someone at Bank Trust really screwed up when they sent that message out. Morons.

Re:Got one phishing email attachment w/PDF (0)

Anonymous Coward | more than 6 years ago | (#22361414)

Post your login details here, and we'll check. It might be that one of your banks is our subsidiary.

Bank Trust Security Guy.

Re:Got one phishing email attachment w/PDF (1)

calebt3 (1098475) | more than 6 years ago | (#22361514)

Sorry for the inconvenience. We have fixed it now. The new method also requires your email address, SSN, and your ebay/payal IDs and passwords.

Re:Got one phishing email attachment w/PDF (0)

Anonymous Coward | more than 6 years ago | (#22363150)

Er... you do realize that it was a scam right? If I were you I would change your bank login details because they try to use what you sent them!

Re:Got one phishing email attachment w/PDF (1)

alx5000 (896642) | more than 6 years ago | (#22363320)

Er... you do realize that it was a joke right? If I were you I would change your sarcasm detection details because they try to mislead you when you use them!

Re:Got one phishing email attachment w/PDF (1)

sqlrob (173498) | more than 6 years ago | (#22361384)

Possibly infected, possibly not. That's one of the tricks to get around spam filters.

Blocking Banner Ads (4, Insightful)

AngelKurisu (1173447) | more than 6 years ago | (#22361310)

This is just another addition to the mounting list of reasons I block most banner ads. Why should I download something that could be dangerous, and adds no value to my browsing experience? I manually un-block certain sites I know to have decent levels of quality assurance in their ads (Penny Arcade, Slashdot, for example). I'd much rather directly micropay for content than be served completely worthless ads anyhow.

Re:Blocking Banner Ads (5, Insightful)

calebt3 (1098475) | more than 6 years ago | (#22361530)

I have also unblocked ads for /., but it's kinda pointless because I won't allow doubleclick through NoScript. Why do we need animated ads?

lynx (3, Funny)

acidrain (35064) | more than 6 years ago | (#22361350)

At this rate there won't be many safe applications left to use.
Good old lynx. Surfing the web in text-only since the beginning of internet time.

Re:lynx (3, Informative)

McDutchie (151611) | more than 6 years ago | (#22362004)

Good old lynx. Surfing the web in text-only since the beginning of internet time.

I know you were kidding, but it's still worth pointing out that Lynx is not necessarily safer than any other app [google.com] .

Get off my lawn! (0)

Anonymous Coward | more than 6 years ago | (#22362882)

Damn kids.

Well that explains the 32mb update (1)

Sepiraph (1162995) | more than 6 years ago | (#22361366)

that I got from Acrobat 8 today and it downloaded really slow. Still it is good to know that it is being patched fairly quickly.

If only... (4, Funny)

Darundal (891860) | more than 6 years ago | (#22361372)

...there were web browsers that allowed you to block certain types of code, or had extensions that would perform a similar function...

Re:If only... (0, Redundant)

John3 (85454) | more than 6 years ago | (#22361462)

OK, obviously trolling but I'll bite...

Firefox [getfirefox.com]

Re:If only... (1)

calebt3 (1098475) | more than 6 years ago | (#22361610)

Didn't you see the /sarcasm tags?

Re:If only... (1)

John3 (85454) | more than 6 years ago | (#22362054)

No...don't see any tags for that post. Possibly I need to enable display of tagging?

Thanks!

Re:If only... (0)

Anonymous Coward | more than 6 years ago | (#22361872)

Redundant? Seems to be harmless, URL for Firefox which was not provided by the parent post. Guess they give out mod points to anyone nowadays.

Yet Another Misleading Headline (5, Informative)

dotancohen (1015143) | more than 6 years ago | (#22361396)

This is NOT "Adobe PDF Exploits In the Wild" but rather "Adobe Acrobat Reader Exploits In the Wild". The problem in is Reader, not in PDF. That's like calling Outlook scripting worms "email viruses". Oh, wait, blame the technology, not the software. Sorry, I forgot.

Re:Yet Another Misleading Headline (0)

Anonymous Coward | more than 6 years ago | (#22362432)

well, pdf is excessively complex. do we really need a full ecmascript implementation in a document format?

Re:Yet Another Misleading Headline (1)

arth1 (260657) | more than 6 years ago | (#22362764)

well, pdf is excessively complex. do we really need a full ecmascript implementation in a document format?

The question is whether we needed another such format, when there already was PostScript.

Theory != practice (1)

EmbeddedJanitor (597831) | more than 6 years ago | (#22363424)

For Joe and Jane Sixpack, PDF=Acrobat, www=IE. Saying that other readers/browsers are safe is irrelevant for the majority of people.

The solution will not be Silverlight (1)

G3ckoG33k (647276) | more than 6 years ago | (#22361424)

Whatever some companies might want to imply, the solution will not be anything called Silverlight. It would be like replacing Photoshop, because of some vulnerability, with Excel...

Re:The solution will not be Silverlight (2, Informative)

slaingod (1076625) | more than 6 years ago | (#22361572)

Except the problem is with Acrobat Reader, not Flash.

Re:The solution will not be Silverlight (1)

friedman101 (618627) | more than 6 years ago | (#22361650)

Microsoft's answer to pdf is xps. Their answer to flash is silverlight.

Proprietary software continues to bite users. (1)

jbn-o (555068) | more than 6 years ago | (#22361446)

At this rate there won't be many safe applications left to use.

There are plenty of free software programs to use. The issue here has to do with proprietary software restrictions on user's freedoms to inspect, share, and modify programs. Just because Adobe is unwilling to modify older versions of their PDF reader doesn't mean their users should be restricted from doing so.

Re:Proprietary software continues to bite users. (2, Informative)

SanityInAnarchy (655584) | more than 6 years ago | (#22361882)

*cough* *sputter* What?

Slashdotters always making me spill my coffee...

Oh, I see... is the issue that people are running older versions of Acrobat?

If they can't be bothered to upgrade to the latest version, what makes you think they'll patch themselves? Are you suggesting that the big advantage of me running Free Software here is that I could be running kpdf 0.2 and patch the security holes? Or are you suggesting that someone who can't be bothered to update their software is going to have a better time of it on Linux, for which I've never seen a built-in, GUI way to force auto-updates?

Of course, if you were going to suggest that Free Software doesn't have security bugs, I'd really have to laugh in your face...

Re:Proprietary software continues to bite users. (1)

empaler (130732) | more than 6 years ago | (#22362536)

SanityInAnarchy, please say hello to PingXao [slashdot.org] .

Re:Proprietary software continues to bite users. (0)

Anonymous Coward | more than 6 years ago | (#22362962)

But it can update ALL YOUR SOFTWARE from the same program. And there's notifications about having updates for install just a click away.

Where's the update for v6? (1)

PingXao (153057) | more than 6 years ago | (#22361508)

I bought and paid for a license for Adobe Acrobat v6. Where's my update? I have no plans whatsoever to pay for an upgrade that consists of bloatware just to get a security fix. The manufacturer, Adobe in this case, should be liable for this flaw since it has now been pointed out to them. For all vulnerable versions.

Vendor responsibility? Hahahahaha (1)

uuxququex (1175981) | more than 6 years ago | (#22361634)

If vendors would be responsible for their faulty software there wouldn't be any of the larger software companies around anymore.

It would be a much better world if software engineering would grow up and would be kept to the same standards as "proper" engineering though.

Re:Vendor responsibility? Hahahahaha (1)

John Hasler (414242) | more than 6 years ago | (#22361920)

> If vendors would be responsible for their faulty software there wouldn't be any of the
> larger software companies around anymore.

And this would be a bad thing why?

Re:Vendor responsibility? Hahahahaha (1)

Sancho (17056) | more than 6 years ago | (#22362158)

There would effectively be no software, and thus no computers.

A luddite might think that's ok....

Re:Vendor responsibility? Hahahahaha (1)

John Hasler (414242) | more than 6 years ago | (#22362896)

> There would effectively be no software...

All the software I use would still be available. So would most closed-source software: most does not come from the "larger software companies".

Re:Where's the update for v6? (0)

Anonymous Coward | more than 6 years ago | (#22361714)

See, that's the nice thing about Acrobat (despite all you haters out there) - you can install separate versions of Adobe Reader and the full Acrobat program. Install a patched version of the reader and use the plugin for that in your browser (or better yet, don't!). Then if you ever need to actually use the full program (to edit text, check color values, change trap settings, etc), you open the file you need in the full program. Ahhh, but that makes too much sense now, doesn't it?

Re:Where's the update for v6? (0)

Anonymous Coward | more than 6 years ago | (#22362136)

I am putting them on notice (as if they care)...

If Adobe doesn't issue a fix for V.6 by Tuesday, I will remove it from all computers I manage. The "patch Tuesday" cycle will include removing Acrobat 6 and replacing it with Foxit Reader 2.2. I just downloaded and tested Foxit, and it appears to work as advertised, with no reporting back to a third party about which pdf documents are "popular." That is the "feature" which put the kabosh on upgrading to v.7.

If v.6 is not affected, then they should say that. There website states "all previous versions" affected.

glowbull war(monger)ing nazis exploit your child (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22361568)

& everybody else. let yOUR conscience be yOUR guide. you can be more helpful than you might have imagined. there are still some choices. if they do not suit you, consider the likely results of continuing to follow the corepirate nazi hypenosys story LIEn, whereas anything of relevance is replaced almost instantly with pr ?firm? scriptdead mindphuking propaganda or 'celebrity' trivia 'foam'. meanwhile; don't forget to get a little more oxygen on yOUR brain, & look up in the sky from time to time, starting early in the day. there's lots going on up there.

http://news.yahoo.com/s/ap/20071229/ap_on_sc/ye_climate_records;_ylt=A0WTcVgednZHP2gB9wms0NUE [yahoo.com]
http://news.yahoo.com/s/afp/20080108/ts_alt_afp/ushealthfrancemortality;_ylt=A9G_RngbRIVHsYAAfCas0NUE [yahoo.com]
http://www.nytimes.com/2007/12/31/opinion/31mon1.html?em&ex=1199336400&en=c4b5414371631707&ei=5087%0A [nytimes.com]

is it time to get real yet? A LOT of energy is being squandered in attempts to keep US in the dark. in the end (give or take a few 1000 years), the creators will prevail (world without end, etc...), as it has always been. the process of gaining yOUR release from the current hostage situation may not be what you might think it is. butt of course, most of US don't know, or care what a precarious/fatal situation we're in. for example; the insidious attempts by the felonious corepirate nazi execrable to block the suns' light, interfering with a requirement (sunlight) for us to stay healthy/alive. it's likely not good for yOUR health/memories 'else they'd be bragging about it? we're intending for the whoreabully deceptive (they'll do ANYTHING for a bit more monIE/power) felons to give up/fail even further, in attempting to control the 'weather', as well as a # of other things/events.

http://video.google.com/videosearch?hl=en&q=video+cloud+spraying [google.com]

dictator style micro management has never worked (for very long). it's an illness. tie that with life0cidal aggression & softwar gangster style bullying, & what do we have? a greed/fear/ego based recipe for disaster. meanwhile, you can help to stop the bleeding (loss of life & limb);

http://www.cnn.com/2007/POLITICS/12/28/vermont.banning.bush.ap/index.html [cnn.com]

the bleeding must be stopped before any healing can begin. jailing a couple of corepirate nazi hired goons would send a clear message to the rest of the world from US. any truthful look at the 'scorecard' would reveal that we are a society in decline/deep doo-doo, despite all of the scriptdead pr ?firm? generated drum beating & flag waving propaganda that we are constantly bombarded with. is it time to get real yet? please consider carefully ALL of yOUR other 'options'. the creators will prevail. as it has always been.

corepirate nazi execrable costs outweigh benefits
(Score:-)mynuts won, the king is a fink)
by ourselves on everyday 24/7

as there are no benefits, just more&more death/debt & disruption. fortunately there's an 'army' of light bringers, coming yOUR way. the little ones/innocents must/will be protected. after the big flash, ALL of yOUR imaginary 'borders' may blur a bit? for each of the creators' innocents harmed in any way, there is a debt that must/will be repaid by you/us, as the perpetrators/minions of unprecedented evile, will not be available. 'vote' with (what's left in) yOUR wallet, & by your behaviors. help bring an end to unprecedented evile's manifestation through yOUR owned felonious corepirate nazi glowbull warmongering execrable. some of US should consider ourselves somewhat fortunate to be among those scheduled to survive after the big flash/implementation of the creators' wwwildly popular planet/population rescue initiative/mandate. it's right in the manual, 'world without end', etc.... as we all ?know?, change is inevitable, & denying/ignoring gravity, logic, morality, etc..., is only possible, on a temporary basis. concern about the course of events that will occur should the life0cidal execrable fail to be intervened upon is in order. 'do not be dismayed' (also from the manual). however, it's ok/recommended, to not attempt to live under/accept, fauxking nazi felon greed/fear/ego based pr ?firm? scriptdead mindphuking hypenosys.

consult with/trust in yOUR creators. providing more than enough of everything for everyone (without any distracting/spiritdead personal gain motives), whilst badtolling unprecedented evile, using an unlimited supply of newclear power, since/until forever. see you there?

"If my people, which are called by my name, shall humble themselves, and pray, and seek my face, and turn from their wicked ways; then will I hear from heaven, and will forgive their sin, and will heal their land."

meanwhile, the life0cidal philistines continue on their path of death, debt, & disruption for most of US. gov. bush denies health care for the little ones;

http://www.cnn.com/2007/POLITICS/10/03/bush.veto/index.html [cnn.com]

whilst demanding/extorting billions to paint more targets on the bigger kids;

http://www.cnn.com/2007/POLITICS/12/12/bush.war.funding/index.html [cnn.com]

& pretending that it isn't happening here;

http://www.timesonline.co.uk/tol/news/world/us_and_americas/article3086937.ece [timesonline.co.uk]
all is not lost/forgotten/forgiven

(yOUR elected) president al gore (deciding not to wait for the much anticipated 'lonesome al answers yOUR questions' interview here on /.) continues to attempt to shed some light on yOUR foibles. talk about reverse polarity;

http://www.timesonline.co.uk/tol/news/environment/article3046116.ece [timesonline.co.uk]

Benifits of Adobe Reader? Seriously. (3, Informative)

Nemilar (173603) | more than 6 years ago | (#22361632)

Seriously, Adobe Reader has gotten huge in terms of file size, when compared to xpdf/kpdf/foxit/etc. I'm wondering if someone can explain to me what all this extra code is for? Obviously it must be doing something, but personally I've never seen the difference.

Re:Benifits of Adobe Reader? Seriously. (1)

calebt3 (1098475) | more than 6 years ago | (#22361682)

I don't know what the exra code is doing, but the fact that only one of those alternatives you offered works in Windows, (ordinary) people's options are severely limited.

Re:Benifits of Adobe Reader? Seriously. (0)

Idiot with a gun (1081749) | more than 6 years ago | (#22361806)

Your options will always be extremely limited if you restrict yourself to only one OS.

Re:Benifits of Adobe Reader? Seriously. (5, Funny)

chubs730 (1095151) | more than 6 years ago | (#22361944)

True. I usually run at least 6 boxes at a time, just to cover all the major operating systems. I'd never want to be without the software clones I need!

Re:Benifits of Adobe Reader? Seriously. (1)

Idiot with a gun (1081749) | more than 6 years ago | (#22363382)

Or, do like a lot of people, and have a dual boot setup. I run Linux the vast majority of the time (over 98%), but for that 2% of the time I need something that I can't run in Wine, I have a small XP install to use.

Re:Benifits of Adobe Reader? Seriously. (2, Insightful)

domatic (1128127) | more than 6 years ago | (#22361892)

Adobe appears to be moving away from PDF as "electronic paper" to "all singing all dancing Internet Document". You can now embed movies, audio, and javascript in PDF to make some sort of "active document". Personally, I think PDF has jumped the shark.

Re:Benifits of Adobe Reader? Seriously. (1)

B3ryllium (571199) | more than 6 years ago | (#22362212)

DRM, most likely.

Re:Benifits of Adobe Reader? Seriously. (1)

perlchild (582235) | more than 6 years ago | (#22362836)

Their various forms of DRM come to mind

"Warning: PDF" (1)

MillionthMonkey (240664) | more than 6 years ago | (#22363038)

I had to upgrade from Acrobat Reader 6 to 7 at work, more than a year ago. My memory is hazy and repressed but this is what I seem to remember.

First you downloaded the upgrade installer for 7.0. It rebooted the computer. Then 7.0 started up, and downloaded the upgrade installer for 7.0.1. Then it rebooted the computer. Then 7.0.1 started up, and downloaded the upgrade installer for 7.0.2. Then it rebooted the computer. Then 7.0.2 started up, and downloaded the upgrade installer for 7.0.3. Then it rebooted the computer. Then 7.0.3 started up, and downloaded the upgrade installer for 7.0.4. Then it rebooted the computer.

My current laptop has 7.0.4. Before I attempt to upgrade to 8.1.2, maybe one of you can let me know if my prediction is right:

First you download the upgrade installer for 8.0. Then it reboots the computer. Then 8.0 starts up, and downloads the upgrade installer for 8.1. Then it reboots the computer. Then 8.1 starts up, and downloads the upgrade installer for 8.1.1. Then it reboots the computer. Then 8.1.1 starts up, and downloads the upgrade installer for 8.1.2. Then it reboots the computer and congratulations, you can safely surf the web without someone turning off your antivirus using a hole in Adobe Acrobat Reader!

I can barely wait to get started.

Re:"Warning: PDF" (1)

MillionthMonkey (240664) | more than 6 years ago | (#22363192)

Never mind, I just did the upgrade and it seems they must have fired the clowns who wrote the installers for 7.

disable javascript (4, Informative)

bcrowell (177657) | more than 6 years ago | (#22361706)

The article doesn't say explicitly, but I'm assuming this is related to the fact that the default configuration of AR will execute javascript that's embedded in pdf files. This is both a privacy issue (people can track readers) and a security issue (more than one stack overflow bug has been discovered that's related to js). To disable js, go to Edit, Preferences, JavaScript, and uncheck "Enable Acrobat JavaScript".

There have been a lot of posts along the lines of "why the hell even use AR?" Well on Linux, I actually have Firefox set to open pdf files in xpdf, because it's faster, and I also habitually use xpdf to view pdf files when I'm not in a browser. (Evince is a little slower, but a little more full-featured and modern.) But I also have a copy of AR 8 installed on my Linux box, because it has some features that I find really useful once in a while, and also I want to be able to test my pdf files sometimes and make sure they'll look right for AR users. It's one of only two proprietary apps I have on my machine, the other being Flash. It would be great if the OSS community could produce a pdf viewer that was just a little more full-featured than Evince. (Flash is a whole different issue -- many of the things Gnash can't do, it can't do because of patents.)

Re:disable javascript (0)

Anonymous Coward | more than 6 years ago | (#22361876)

Do we know this is a bug in AR scripting?

Registering external handlers (or plug-ins) with your web browser massively increases exposure to security threats. It's the security/convenience trade-off, I personally will always choose inconvenience.

xpdf is the only reader I use but the lack of AA is staring to make it a real eyesore :-(

What??? (1)

Jane Q. Public (1010737) | more than 6 years ago | (#22361826)

Maybe I misunderstood... but who the hell uses .pdf for banner ads anyway?

I, for one, would also recommend other readers. The most recent incarnation of Adobe Reader is even slower than before, and they took a perfectly usable interface and messed it up.

Whatever happend to, "If it ain't broke, don't fix it!" ??

Browser warning? (1)

ssjx (1235532) | more than 6 years ago | (#22361884)

So the banner serves a pdf which runs some javascript that uses a hole to install a trojan? Surely the user will be prompted by the browser to ask whether they want to open the pdf to begin with? Unless it was a pdf that the user was actually after that was tampered with, why would anyone open an unknown pdf accidently? I suppose, there are always the click happy that will open anything...

Re:Browser warning? (1)

robo_mojo (997193) | more than 6 years ago | (#22363152)

Surely the user will be prompted by the browser to ask whether they want to open the pdf to begin with?


There's an HTTP header:

Content-disposition: inline

With a typically configured browser, it doesn't ask the user anything if you use that, it just launches the plugin. However, you can change the configuration to treat it like a file download instead.

Hello? Flash?! (2, Informative)

Dachannien (617929) | more than 6 years ago | (#22361962)

People have been doing this with Flash (another now-Adobe product) for ages. One flash ad redirects you to a second flash widget on a malicious website to get around Adobe's lame attempts at cross-site protection, and that second flash ad gives you the business.

Malware, that is. Intarweb gold. Russian tea.

No more safe apps (1)

nurb432 (527695) | more than 6 years ago | (#22362028)

"At this rate there won't be many safe applications left to use."

One can only hope this comes to pass. Perhaps if mostly everything on the planet is compromised people will actually care enough to do something about it.

Amusing coincidence. (2, Funny)

John Pfeiffer (454131) | more than 6 years ago | (#22362518)

Funny that I should read this headline RIGHT NEXT to an Adobe Acrobat ad being run on /.

Acrobat? (1)

shpoffo (114124) | more than 6 years ago | (#22363162)

Interesting that people still use it that much. It is so much bloat now that it's kind of a bust.

Adobe eBook DRM status? (post-Sklyarov) (1)

An Anonymous Hero (443895) | more than 6 years ago | (#22363210)

Wishing I wasn't forced to use Acrobat for increasingly many eBooks... [gnu.org]

While Touretzky prefaces his page on the subject with "Computer professionals who have examined these mechanisms have found them easy to defeat" [cmu.edu] , I miss something able to decrypt or print the latest crop -- where APDFPR [elcomsoft.com] says

APDFPR Error
The document was created with 'eBook Exchange (EBX_HANDLER) 128-bit security v.3' encryption handler. This protection method is not supported.
Yet I see some nicely decrypted ones floating around. E.g. (one of many for purely instructional purposes): ISBN 0387954775 here [eknigu.org] .

Having the eBook and the etx.etd file [woodmann.com] I guess that should in principle be possible, but how's that done in practice?

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...