Adobe's consistently shoddy security failures

Post Reply
User avatar
spot
Posts: 41336
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Adobe's consistently shoddy security failures

Post by spot »

Mozilla: Right, THAT'S IT. You, Flash, behind the shed with me. *snick snack* • The Register

Time after time after time it's Adobe, that damned company whose products facilitate malware insertion from anywhere on the Internet onto domestic PCs. And that complaint is on top of the appallingly bloated software, and the disgusting default settings aimed at allowing "legitimate" intrusion, and the near impossibility of setting the defaults to something reasonable and having the changes stick.

This thread is to discuss and recommend alternatives to piss-poor Adobe software. I've had it to the back teeth with that wretched company. It's not a sudden decision or a recent problem, it dates back twenty years when Adobe Reader glued half the world's PCs to a crawl from being so fat.
Nullius in verba ... ☎||||||||||| ... To Fate I sue, of other means bereft, the only refuge for the wretched left.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
User avatar
FourPart
Posts: 6491
Joined: Fri Jun 06, 2014 3:12 am
Location: Southampton
Contact:

Adobe's consistently shoddy security failures

Post by FourPart »

They also invented PDF, so as to allow some level of compatibility between the evil Apple & MS.
User avatar
spot
Posts: 41336
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Adobe's consistently shoddy security failures

Post by spot »

Would that they hadn't. It's no different to "they also invented the Flash specification".

If their readers had no code capable of being exploited by rogues it would be fine. Their readers are, in fact, riddled with code capable of being exploited by rogues, and consequently the fact that their file formats became the industry standard is a deplorable mistake on the part of information providers.

If you take Adobe and their blasted formats out of the equation, the rogues would find the Internet a lot harder to spread malware across. The existence of Adobe is a worldwide catastrophe.
Nullius in verba ... ☎||||||||||| ... To Fate I sue, of other means bereft, the only refuge for the wretched left.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
User avatar
LarsMac
Posts: 13701
Joined: Fri Nov 27, 2009 9:11 pm
Location: on the open road
Contact:

Adobe's consistently shoddy security failures

Post by LarsMac »

Top-notch firewall, and malware detection service has prevented me from ever experiencing the problems associated with Flash, or any other adobe product.
The home of the soul is the Open Road.
- DH Lawrence
User avatar
FourPart
Posts: 6491
Joined: Fri Jun 06, 2014 3:12 am
Location: Southampton
Contact:

Adobe's consistently shoddy security failures

Post by FourPart »

LarsMac;1482746 wrote: Top-notch firewall, and malware detection service has prevented me from ever experiencing the problems associated with Flash, or any other adobe product.
Same here.

Once you start getting more & more paranoid about such things, it's only a matter of time before you start to claim that having the Internet makes it easier for rogues to spread malware which, of course, it does. Having a computer makes it easier for them. Where do you stop? No matter what you do, there will always be a way around it. That is the real challenge to the hackers. They are also the ones that like to spread these fears. They are no different in many ways to cyber terrorists, and you are essentially giving in to them.
User avatar
spot
Posts: 41336
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Adobe's consistently shoddy security failures

Post by spot »

LarsMac;1482746 wrote: Top-notch firewall, and malware detection service has prevented me from ever experiencing the problems associated with Flash, or any other adobe product.


If every home user behaved like you, there'd be no malware.

Since they're not, Adobe spreads these unwanted parasites like headlice.
Nullius in verba ... ☎||||||||||| ... To Fate I sue, of other means bereft, the only refuge for the wretched left.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
Bruv
Posts: 12181
Joined: Sat Aug 18, 2007 3:05 pm

Adobe's consistently shoddy security failures

Post by Bruv »

What should a virtual IT illiterate do for the best ?

Using Xubuntu 14.04 with all scheduled updates.
I thought I knew more than this until I opened my mouth
User avatar
spot
Posts: 41336
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Adobe's consistently shoddy security failures

Post by spot »

Continue with the default Firefox settings. Sites will provide you with alternative non-Flash video formats behind the scenes, and the ones that don't will lose your custom for a sufficient period that they'll get the message.
Nullius in verba ... ☎||||||||||| ... To Fate I sue, of other means bereft, the only refuge for the wretched left.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
User avatar
FourPart
Posts: 6491
Joined: Fri Jun 06, 2014 3:12 am
Location: Southampton
Contact:

Adobe's consistently shoddy security failures

Post by FourPart »

I.T. evolution is factorial. No sooner than someone comes up with an "uncrackably secure system" than someone cracks it. During WW2 it took a team of experts at Bletchley Park years to crack the Enigma code which, by today's standards, is Primary School stuff.

It gets to the point at which one has to ask, "why bother". Sure, pay out a fortune for the latest security software. Then a few months later have to pay out again because by that time it's become a security hazard.
User avatar
spot
Posts: 41336
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Adobe's consistently shoddy security failures

Post by spot »

FourPart;1482788 wrote: It gets to the point at which one has to ask, "why bother". Sure, pay out a fortune for the latest security software. Then a few months later have to pay out again because by that time it's become a security hazard.
Perhaps you don't altogether understand the problem.

No amount of "the latest security software", regardless of price, is going to keep out a group with governmental resources. They have paid millions to gather together exploits for which no fix has been developed - those exploits are far too often embedded in Adobe products but they're also to be found in Linux, Android, Windows, even the BSDs.

Some non-governmental malware distributors may also know a few of these exploits but the thing is, if any such exploit is widely used then that particular hole is noticed by the Internet community and plugged within weeks. The main route malware users have most frequently adopted for spreading their viruses is called social engineering - persuading the target to be an utter prat and carelessly allow the virus onto their system just because they're invited to.

At that level, when you ask "why bother", I reckon that if I can browse your hard drive whenever I'm inclined, but you can't browse mine, then I have an advantage over you. It has nothing to do with paying out a fortune, it's more to do with hygiene.
Nullius in verba ... ☎||||||||||| ... To Fate I sue, of other means bereft, the only refuge for the wretched left.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
Bruv
Posts: 12181
Joined: Sat Aug 18, 2007 3:05 pm

Adobe's consistently shoddy security failures

Post by Bruv »

spot;1482769 wrote: Continue with the default Firefox settings. Sites will provide you with alternative non-Flash video formats behind the scenes, and the ones that don't will lose your custom for a sufficient period that they'll get the message.


Ah ha !!

I see what you mean, just clicked on a gmc link to Youtube and it has a warning, suppose I shall just have to grit my teeth and wait.
I thought I knew more than this until I opened my mouth
Bruv
Posts: 12181
Joined: Sat Aug 18, 2007 3:05 pm

Adobe's consistently shoddy security failures

Post by Bruv »

Looks like it has been fixed.
I thought I knew more than this until I opened my mouth
User avatar
spot
Posts: 41336
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Adobe's consistently shoddy security failures

Post by spot »

If you regard Adobe's Flash Player security failure as a one-off then yes, it's been fixed. Given that Adobe Flash Player security failures are fixed on a monthly basis I think it's reasonable to suspect there's further unpatched security errors in the Flash Player, and (for the same reason) in Acrobat Reader, that have not yet been identified much less fixed but which are known to malware distributors.

The long term answer is to stop using Adobe's Flash Player (sometimes called the Swiss Cheese plug-in) altogether, and to only view web pages which supply HTML5 video.

As for Adobe's Acrobat Reader, If Windows users install the free Foxit PDF Reader in place of it they'll avoid the security risks of malware-infected PDF files too. Being a Linux user you already use an alternative - possibly Okular.
Nullius in verba ... ☎||||||||||| ... To Fate I sue, of other means bereft, the only refuge for the wretched left.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
Bruv
Posts: 12181
Joined: Sat Aug 18, 2007 3:05 pm

Adobe's consistently shoddy security failures

Post by Bruv »

I have no reply to that bombshell, only that I see the problem as an ongoing battle.

Until such time there is an alternative how will sites like Youtube survive ?

I have never seen an Open source alternative (not that I have looked) Why haven't the Linux Boffins come up with a substitute ?
I thought I knew more than this until I opened my mouth
User avatar
FourPart
Posts: 6491
Joined: Fri Jun 06, 2014 3:12 am
Location: Southampton
Contact:

Adobe's consistently shoddy security failures

Post by FourPart »

The whole thing with 'secure' systems is that it's a game. They throw down the gauntlet to the hackers. The hackers have great fun in proving their 'unbreakable' systems to be flawed, and the game starts all over again. The reason that the more 'geeky' ones appear to be more secure isn't a matter of their being safer, it's that the malcontents are only interested in getting into the bigger picture. They don't want to waste their time on the small potatoes.
User avatar
spot
Posts: 41336
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Adobe's consistently shoddy security failures

Post by spot »

I haven't seen anyone here pretending there are any secure systems. What I see are justifiable criticisms of quality control within Adobe together with their appalling privacy policies.
Nullius in verba ... ☎||||||||||| ... To Fate I sue, of other means bereft, the only refuge for the wretched left.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
Post Reply

Return to “Computers Internet”