Have a look at Google's answer when both "PDF" and "Javascript" are in the search box. When I did, I got 4 results out of 10 concerned with security faults.
So, here is my initial question: Why should Javascript be put inside PDF files?
Answer: it's in the ISO norm defining PDF 1.7, with no precise details, but at least references to more detailed documents.
It's long known to web developers that Javascript is a nest for problems, especially when it's not correctly documented. Yet Adobe looks to develop forward the possibilities of its software, its file formats and that's normal. However I would wish they did it differently. First, that they did not melt innovations under a unique "PDF" name, which refers to a format that users choose primarily because it's supposed to be portable, simple and solid like rock. Then, that they did not activate Javascript by default. Few users really require it and even they recommend to deactivate it.
Showing posts with label adobe. Show all posts
Showing posts with label adobe. Show all posts
Sunday, May 24, 2009
Wednesday, April 29, 2009
Acrobat Reader blocks my audio system, WTF?
I wanted to play a song (yes I have a legally bought copy from which I made the mp3) in mplayer and got the following result:
For reference, it's a Ubuntu 8.04 on a PC, with a typical AC97 integrated chip. Package alsa-base is 1.0.16-0ubuntu4 and Acrobat Reader itself is 7.0.
EDIT1 30/04: I should say Adobe Reader, not Acrobat Reader, the former name.
EDIT2 30/04: The package acroread is version 7.0.9-0.0.ubuntu0.7.04+medibuntu2
$ mplayer "01 - Adiemus - Karl Jenkins.mp3"After a few researches, I found:
[...]
open /dev/dsp: Device or resource busy
# lsof /devAn open document in Acrobat Reader was blocking my sound system. Why? No idea. I closed Acrobat Reader and opened it anew: no problem anymore.
[...]
acroread 32723 christophe 61r CHR 116,33 11606 /dev/snd/timer
acroread 32723 christophe 62u CHR 116,16 12023 /dev/snd/pcmC0D0p
For reference, it's a Ubuntu 8.04 on a PC, with a typical AC97 integrated chip. Package alsa-base is 1.0.16-0ubuntu4 and Acrobat Reader itself is 7.0.
EDIT1 30/04: I should say Adobe Reader, not Acrobat Reader, the former name.
EDIT2 30/04: The package acroread is version 7.0.9-0.0.ubuntu0.7.04+medibuntu2
Friday, April 24, 2009
Acrobat Reader dangerous target
Acrobat Reader, the most common PDF viewer, is a lot targeted by attackers, in the form of specifically crafted PDF files. Through such attacks, access can be gained into the infected system and other threats such as botnets can occur. The security company F-Secure recommends to replace it with an alternative viewer. (the news from slashdot)
I remember foretelling this to colleagues six months ago.
I remember foretelling this to colleagues six months ago.
Subscribe to:
Posts (Atom)
Posts
