Adobe Introduces the Paid Security Fix 392
Nimey writes "Adobe has posted a security bulletin for Photoshop CS5 for Windows and OSX. It seems there is a critical security hole that will allow attackers to execute arbitrary code in the context of the user running the affected application. Adobe's fix? You need to pay to upgrade to Photoshop CS6. For users who cannot upgrade to Adobe Photoshop CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources."
Fuck you, Adobe! (Score:5, Interesting)
Since I can't mod Adobe "-1 flamebait" I'll just say it again. Fuck you, Adobe! I'd like to go on record as stating that you should all be ashamed of yourselves.
Re:Fuck you, Adobe! (Score:5, Interesting)
Re:This is not new (Score:5, Interesting)
This is not only not new, but the exact same thing happened for CS4 -> CS5. I still use CS4, because I spent so much time waiting for CS5, which kept missing its release dates, that I bought CS4 instead. Then they wanted me, TWO MONTHS LATER, to shell out another $400 for what amounted to a security/bug fix, as I didn't need any of the new features included in CS5, just the bugs fixed -- and they weren't willing to fix the bugs.
At least at this point, all the attacks are targeting CS5, so CS4 isn't getting any worse than it already was....
I'm starting to think I should try migrating to another package again... anyone know of decent (yes, decent) equivalents for Photoshop, Distiller, InDesign and Illustrator? GIMP takes care of many of the Photoshop issues, but Inkscape isn't there yet, Ghostscript has the wrong feature set for me (and I don't have the time to write my own scripts to fix that), and nothing else I've found is integrating these other apps into one workflow package the way InDesign does, nor will they read InDesign templates or publish to industry workflows with proper color and bleed profiles.
Re:Ugh (Score:2, Interesting)
"If this was a years-old version, I'd understand"
Well, I don't.
If it's a years old version and *yet* after years of pushing security and bugfixes there're still more, it can only mean that the product they sold was basically cow shit and they deserve what it takes to protect it.
You don't want to push security updates forever? Damn easy: just don't push away shitty software.
Re:Call it the Microsoft method (Score:5, Interesting)
CS6 is not available in some markets. And this is going to be a real killer for chunks of the corporate world. My pet artists are going to be on a sneakernet if they want to keep CS5 and are going to have to learn a new toolset in the meantime if they want to come back onto my network. (The one hooked up to the internet with support contracts and enterprise agreements and production web servers)
PAIN.
Re:Fuck you, Adobe! (Score:2, Interesting)
Sorry, but you'll have to pay for that service...
Re:What a scam (Score:5, Interesting)
I just go with a policy of buying new copies of software every several versions. If I need a feature or bug fix from a version in between buying cycles, I have no moral issues obtaining an upgrade through alternate channels.
Pretty much the way I look at it is, if I buy a product with a manufacturer defect, there should be no limitations on my ability to obtain a refund for the product. In the case of software, I don't find it unreasonable to skip past the unreasonable methods I would need to pursue to obtain a refund and purchase a fixed version.
Lemon laws don't exist to protect consumers from the idea that an automobile is a failure, but rather to prevent consumers from being burdened by unreasonable processes for obtaining a working automobile pursuant to the arrangements they made at purchase.
Also, no one should ever feel respect or bound to an EULA. The practice itself is inherently outside of common and established legal practices. If I were presented the license at the time of purchase, prior to paying, I might be able to respect it. Based on the concept of the EULA, I could have my PC pass a counter EULA to the installer or e-mailed to the vendor which outlined my requirements of their software in order to occupy space on my hard drive. If the installer continues, can I not consider their consent to be implied.
It's the same reason, no one thinks twice about installing an ad-block on their browser. They have a right to control what content runs and executes on their computing device. I've voiced the opinion for quite some time that advertisements which attempt to get around ad-blocking actually constitute violations of most computer hacking laws (use of processing time on a computing system without authorization).
And the real shitty thing? (Score:5, Interesting)
CS6 just launched and I mean JUST. It shipped on May 7th. So this isn't a case of an old version where Adobe is saying "Look guys, we are discontinuing support, have to buy the new one if you want it." The "old" version is only "old" by 3 days now.
Re:What a scam (Score:5, Interesting)
The house analogy is much closer to open source. If you find a flaw in the design, such as that thieves figured out how to pry open the windows, then you can't go back and sue the builders. You can however get new locks, add on new security to the house.
Adobe though is more like a landlord who is anal about you making any, even tiny repairs. You aren't allowed to make any changes to the house itself. You find out that thieves have figured out how to pry open the windows. You report this to your landlord, expecting them to make appropriate repairs. They refuse to make reasonable repairs, but tell you that they have a different property for rent, with better secured windows, if you are willing to pay higher rent.
The issue is that since they do not give you the source code to even allow you to make repairs, they should be obligated to make repairs themselves for a decent amount of time.
Re:What a scam (Score:5, Interesting)