Saturday, April 05, 2014

Why is Adobe Reader such bad software that it needs to be fixed every few weeks?

I run Adobe Reader on about six different devices so I see that annoying "update required" notice far too often. I've just given in and updated to version 11.0.03 but when I went to the website I saw that you can download version 11.0.06. I assume that means I'm going to be prompted to update three more times in the near future.

None of the other programs I run are so flaky that that the manufacturer needs to issue updates on a regular basis. What's wrong with Adobe? Why can't they get it right after all these years?

I think I may know part of the answer. If you aren't careful when you update the Adobe software it will automatically install "McAffe Security Scan Plus" on your computer. This will screw up a lot of other programs so you must be sure to uncheck the box. I wonder if the purpose of these frequent "updates" isn't to sneak McAffee software on to your computer—and maybe some other things as well?

Oops! I almost forgot. Flash Player is also pretty bad software that needs frequent fixing. I wonder who makes it?

Stop bundling McAfee in Flash updater!
Why Adobe is recommending McAfee security scan during flash player installation?
Adobe Reader installing McAfee Security Scan Plus Scareware
Why does Adobe require DAILY updates? Are they just trying to push McAfee on everyone?
Adobe Please Stop Including Bloatware Like McAfee Security Scan and Toolbars With Free Downloads
Trust Nobody – Especially Adobe and McAfee


18 comments :

  1. It's 65 years since the novel 1984 was published and thirty years since the year 1984. Computers are taking over!

    ReplyDelete
  2. Have you ever seen the PDF spec? I don't think ANYBODY can implement that bug free.

    ReplyDelete
  3. I don't like the way Adobe includes "shovelware" like McAfee either (although that's only on Windows; using it rather than a UNIX based system like OSX or Linux is half your problem), but as Unknown alludes to, the other half is that the PDF file format is so convoluted that criminals can (and do) hide viruses and other nasty things in them. So it is an evolutionary arms race between Adobe and the virus creators -- a new virus is created, a new version of Reader needs to be created to counter it, the virus writers try again, etc.

    ReplyDelete
  4. Hi Larry. Assuming you use Windows I recommend...

    [1] Uninstall Adobe Reader using Revo Uninstaller [Free version]. It's an improvement over the standard windows uninstaller, removing more traces of the programs you choose to uninstall.
    http://www.revouninstaller.com/revo_uninstaller_free_download.html

    [2] Install Nitro Reader 3 [Free]
    It is lighter, faster & more secure than the Adobe product & the updates are less frequent & less intrusive. It's also the only free pdf reader that can create pdf documents. There's also a plugin for Firefox & Chrome that natively opens pdf documents in a tab in your browser.
    http://www.nitropdf.com/pdf-reader

    ReplyDelete
  5. Adobe Reader was (and still is) a common attack vector for malware infection. It installs with javascript enabled by default! 99% of PDF files don't use javascript, so it boggles the mind to enable it by default. Booby-trapped PDF files is a favorite tool by criminals for spear-phishing attacks against organizations and companies.

    Best bet is to use a third-party PDF reader, and make sure javascript is off!

    ReplyDelete
  6. I ditched Adobe Reader for Foxit Reader long ago

    ReplyDelete
    Replies
    1. I killed Foxit after it installed a search engine hijiacker with one of the updates.

      Delete
    2. I have never had any problems with Foxit

      Delete
  7. If you are running OSX on a Macintosh, the program Preview that comes with the operating system will open and read PDF files. It also is faster then Adobe Reader, especially when printing the tile in hard copy.

    ReplyDelete
    Replies
    1. That's true — except that Preview can't handle some of the extra junk that Adobe has insisted on forcing into the PDF spec, and doesn't open some of the non-PDF, but PDF-related, document types at all. (There's a couple of other document types which are similar, but not the same, and Reader is exclusively able to handle them.) Even on a Mac, where PDF-reading is actually an OS-level thing (Preview doesn't actually contain the PDF-rendering code), you can still end up having to install Reader.

      Delete
    2. That's probably true. It is my information that it depends on what program created the PDF file to start with. If it was created by Microsoft Word or Corel Draw or TurboTax, my experience indicates that there doesn't seem to be a problem as these programs don't include all the bells and whistles that Adobe Acrobat has.

      Delete
  8. What's wrong with Adobe Reader? Well, 3 things:

    1. Adobe is actually really bad at programming. Their business model relies entirely on being able to charge high prices on their flagship products because of a lack of serious competition (and this has been the case since at least the 1980s). (And no, "The GIMP" is not a serious competitor to Photoshop, any more than "OpenOffice.org" and its ridiculous schism-driven derivatives is a serious competitor to Microsoft Excel.)

    2. Since Reader has hooks into all kinds of other things, there are a lot of ways for it to have bugs. Most of the updates don't change anything YOU are using, but fix some obscure problem caused by an interaction with a program you've barely ever heard of. If Adobe would stop trying to convince people to wedge unnecessary hooks to Reader into their programs, this problem would at least be simplified.

    3. Ever since the PDF standard became more or less public property, Adobe has been pushing really, REALLY hard to make it more complex, so that only their software can deal with all the cases. (For example: keeping in mind that PDFs are meant to describe PRINTABLE documents, there's really no need for the standard to be a storage medium for video and audio... which Adobe insisted on pushing into it.) As a result, even Reader has to be so complex that there's a lot of potential for bugs. The more code is involved in a program, the more places there are where a bug can arise, and Reader has had feature creep for so long now that it has a very large amount of code indeed.

    ReplyDelete
  9. Sumatra PDF is another good free alternative.

    ReplyDelete
  10. I know you don't really give a s...t what I write here Larry... Well only technically ....but I'm going on vacation and I really wanted to make sure I have all of my files set up and up-to date.... And... Yes.. they are very sorry though... that it didn't work.. Evolution seems to have all this s..t sorted out;.. It is a miracle... as far as s...y science can go...

    ReplyDelete
  11. Many years ago they issued a Font Manager that was so buggy a major computer magazine called it a virus. So the problem is very deep.

    My daughter who works at a major publishing house tells me that Acrobat is not fully compatible with the new Mac OS and that some key features don't work. Adobe has not indicated whether it intends to fix the problem.

    ReplyDelete
  12. I used to work on Acrobat, though I left Adobe years ago and do not represent them in any way now.

    You think they are annoying for you? Believe me when I say releasing so often is no fun for the Acrobat/Reader team! You may install the English / Windows / Reader (free) version to read static research papers, but there is a lot going on in Acrobat/Reader. Reader and Acrobat are supported in countless languages, on every Apple and Windows OS in memory, and in Reader (free), Acrobat, and Acrobat Pro flavors. Oh, and you can buy Acrobat licenses as retail or volume. Multiply all those together, that's a lot of SKUs. They all have to be updated and tested prior to a release. Even just installer testing requires all these combinations installed on various types of system setups from "clean" to w/ or w/o applications that Acrobat works with (browsers, MS Office, etc), to various installer “paths” (having all updates in order or skipping some). It's a lot of work, and you get it all for free.

    Maybe you only look at static documents, but that's not all Acrobat does. The "knowledge workers" who pay to keep Acrobat alive use all of the security, collaborating, commenting, signature, multimedia, automation, and other features that the average user probably does not even know are there. Like someone said above, the PDF spec is HUGE. Acrobat is a big piece of software. Just to make it clear that Adobe does not want to release updates every quarter. It's a ton of work.

    There are a lot of security people poking at Acrobat for problems. Last I heard, Acrobat is on 95% of computers world wide. Flash is on 99%! Since Acrobat 9, Flash is inside Acrobat. So if there is a problem with Flash, Acrobat needs the same patch. Similarly, Javascript has been in there since v.3 (1996). This all makes Acrobat a desirable target for security researchers to search for vulnerabilities.

    The security people who find these problems come to Adobe, and extortion aside, tell them the problem. The will also threaten that they are going to post the threat on their blog in 24 hours (for example). They say, and surly think, that they are doing the world a service, and in a way they are. No one believes in security through obscurity anymore. But it is unreasonable to expect Adobe to release a new update that quickly. Acrobat has engineers spread all over the world. Just building a release takes hours. Running just those installer tests I mentioned takes hours, days to run every combination like we would on a milestone build. Even if the security problem in question was isolated to a small piece of code owned by one team, they would have to fix it and branch it into all of those SKU's I mentioned. RE would release a new build, which would have to run through lots of automated tests, and then QE would have to look at it. This takes time.

    It's a really big problem. And there was a little while there when every blogger trying to boost traffic and ever security researcher trying to build a reputation was going after Acrobat and Adobe. This was also around the time that Apple vs. Adobe drama was very popular to play up in the blogosphere. Security people said Acrobat needed to be updated more frequently and quickly. Sys Admins said they like regular updates they can schedule (alla patch Tuesday). So Adobe made changes. A little before I left they started to release quarterly updates and also maintain an emergency 0-day branch.

    So, yes, there is an update every 3-months at minimum. Everyone who had been criticizing Adobe got what they wanted, just at the cost of the average end user experiance. Moral of the story, careful what you wish for!

    ReplyDelete
  13. This latest version is so freaking annoying, making the toolbar disappear. Why would they assume anyone would want this as a default?

    ReplyDelete