Adobe Putting PDF Reader In a Sandbox 225
Captain Eloquence writes "The next major version of Adobe's PDF Reader will feature new sandboxing technology aimed at curbing a surge in malicious hacker attacks. The initial sandbox implementation will isolate all 'write' calls on Windows 7, Windows Vista, Windows XP, Windows Server 2008, and Windows Server 2003. Adobe security chief Brad Arkin believes this will mitigate the risk of exploits seeking to install malware on the user's computer or otherwise change the computer's file system or registry. In a future dot-release, the company plans to extend the sandbox to include read-only activities to protect against attackers seeking to read sensitive information from the user's computer."
Who needs it? (Score:5, Interesting)
I have only Sumatra PDF on my Windows 7 machine. I don't have a copy of Adobe's viewer on the machine at all.
Sumatra PDF is dumb, but reasonably secure. It can't do cut and paste, it doesn't do forms, and it doesn't have Javascript.
Re:Who needs it? (Score:5, Informative)
Re: (Score:2)
If a PDF doesn't work the same in two (or more) places, someone is doing something wrong...
Re: (Score:2)
... that said, just how many (and how recently) have you tried? I've -never- once, in the 10 years since I stopped touching Adobe, seen a misrendered PDF.
Re: (Score:3, Informative)
Lucky you.
I've had a small handful of pdfs (created w/ different methods, including OS X's print function, and another through PHP's pdf library) not display properly. Some worked well in Preview.app (but not in Reader on Windows; others were the other way around. Sometimes it was text that would show (or not), but typically it was a background image that didn't consistently render. The most recent incident was two+ years, a different job, and several OS versions ago (Tiger), so I can't say whether the iss
Re: (Score:2)
You must be the same guy for whom upon installation of Linux has always had device drivers for your hardware perfectly autodetect, too.
Re: (Score:2)
This.
My customers sends a lot of blueprints as PDF files. I tried the alternatives because I think Acrobat is bloated, but the competitors had issues with printing. One printed everything as raster images and another one couldn't print anything at correct scale.
Have you tried asking your customers to send you their technical drawings in vector graphic formats? PDF can include vector graphics, but it is a horrendously complicated format that can include anything and everything, and usually does. EPS [wikipedia.org] is a much more predictable interchange format that has quite a lot of software support.
Which PDF competitors did you try?
Re:I need it. (Score:4, Insightful)
Re: (Score:2)
"Yeah hi, if you are creating your blueprints in a CAD program, it would save me time and effort if you sent me the blueprint in a vector format that I can import effortlessly into my workflow, and I can pass those savings on to you."
Re:Who needs it? (Score:4, Informative)
Windows doesn't support ICC profiles for printers and ICM profiles for monitors that can be calibrated with any number of tools? No color management at all huh?
"Operating system level
Since 1997 color management in Windows is handled at the OS level through an ICC color management system. Beginning with Windows Vista, Microsoft introduced a new color architecture known as Windows Color System.[5] WCS supplements the Image Color Management (ICM) system in Windows 2000 and Windows XP, originally written by Heidelberg.[6][7]
Apple's Mac operating systems have provided OS-level color management since 1993, through ColorSync.
Operating systems which use the X Window System for graphics use ICC profiles, and support for color management on Linux, still less mature than on other platforms, is coordinated through OpenICC at freedesktop.org and makes use of LittleCMS."
http://en.wikipedia.org/wiki/Color_management [wikipedia.org]
Its trivial to create a pretty standardized pdf as well. Just flatten everything and save as a version 5 or 6 pdf and most anything worth its salt will render it correctly.
need vs use (Score:2)
That's good that you have an alternative that works for you on your home computer, but you're never going to get my whole department to trade some of those features for security, even the ones who -could- install it themselves. Them using an insecure PDF viewer is problematic for me because I have to use the same network. Thus it's a good thing.
Re: (Score:2)
Re:Who needs it? (Score:5, Insightful)
Sorry, but the vast majority of users have Adobe Reader installed to view PDF files, and they will not know why or how they should change to something else. Add to that the fact that the security of shitty-but-popular popular affects us all by proxy, and these things really do matter.
It's like saying, "Well, I don't care about malicious JavaScript and ActiveX in Internet Explorer, because I use Firefox on Linux. Who needs that other crap?" Most other people are just going to use default garbage, and the entire Internet is impacted by this.
Still, there are always Slashdot posts in the vein, "I don't use software X, I use software Y, so it doesn't matter." It's a naive and self-centered view of the world that unrealistically assumes that because a particular geeky reader found a way around a problem, that it has ceased to become a problem, or that the entire world should then follow this in emulation. Wake up, the world is bigger than the basement you inhabit.
Re: (Score:2, Insightful)
Re: (Score:2)
> Sorry, but the vast majority of [Windows] users have Adobe Reader installed to view PDF files
Mac users hardly ever have Adobe Reader because the built-in PDF tools are better. Smartphone and iPad users definitely don't have Adobe Reader, but they can all view PDF. This is not 1995. PDF is Portable Document Format. It is not brain surgery to create a PDF you can share with any arbitrary user. If you choose to make Adobe Reader documents instead of standard PDF, then you can't complain that everyone else
Re: (Score:2)
Adobe Reader/Professional has grown into a sort of "Enterprise" software, since the PDF format is hard to edit properly (even in Adobe Professional). As Enterprise software, it's bloated, has way too many features that most users don't even know about (Javascript Debugger, wtf?), and is a security nightmare... yet those businesses who need it will never give it up (the legal domain is pretty much all about PDFs and TIFFs).
What would be needed to make an drast
Re: (Score:2)
Does it support annotations, those little post-it note things that colleagues add comments with?
Re:Who needs it? (Score:4, Interesting)
You shouldn't be relying on sumatra PDF for printing at all, its printing support is terrible and the author says that it's unlikely to be fixed.
I just use evince. It even has a native Windows installer.
Re: (Score:2)
... have no idea there is an alternative and have no idea there is a security risk involved
This is not and never will be a valid excuse for people using shit software.
Re: (Score:2)
Come on. Put the blame where it belongs. It belongs on lazy developers writing the shitty software those users are more than likely forced into using. It comes from lazy web developers who push "get the FREE Adobe Acrobat reader here" whenever they post a PDF. It comes from PHBs who see a new dufingletron in Adobe products and just have to hav
Re: (Score:3, Informative)
They should put it in the trashbox (Score:5, Insightful)
That piece of bloatware should be put on a harsh diet before that.
Re: (Score:3, Funny)
| |
| |
V V
X X
(This example brought to you by the fact that drawi
Re: (Score:2)
It was put [arsgeek.com] on a diet back in 2007. Has anyone tried this recently?
Finally.. (Score:4, Insightful)
It appears Adobe finally realized that a document reader shouldn't have access to my entire sysetm.
Re: (Score:3, Insightful)
It really amazes me that anyone could successfully get acrobat to install malware. I can barely get it to view PDFs. perhaps acrobat should hire some of these malware writers to get acrobat to stop crashing on every windows and linux box I've ever used for the past 10 years.
Question (Score:5, Insightful)
Why does a PDF viewer need to give the document the ability to write at all?
Would ripping some of the crazy features out of the PDF spec solve this more completely and reasonably?
What do we use PDFs for which involves writes?
Re:Question (Score:5, Funny)
What do we use PDFs for which involves writes?
Malware installation.
Re:Question (Score:5, Informative)
Probably editing and note taking. I draw on PDFs all the time, and I'm glad I'm able to save the edits.
Re: (Score:2)
Re: (Score:2)
Because after unlink() you might want to create some new stuff?
Re: (Score:3, Insightful)
In a PDF Writer, yes. In a PDF *VIEWER*, no.
Re:Question (Score:5, Informative)
Re:Question (Score:4, Insightful)
It's called Acrobat READER and it is supposed to be for READING PDF files. It is completely inappropriate for it to be able to WRITE anything. Adding extra crap is the reason that it has so many security flaws.
Re:Question (Score:4, Insightful)
It's called Acrobat READER and it is supposed to be for READING PDF files. It is completely inappropriate for it to be able to WRITE anything. Adding extra crap is the reason that it has so many security flaws.
Indeed... the write capabilities should be completely disabled until they are turned on by the user. Even better would be a "Reader Light" with no write capability at all for the 99% of users who will never use Acrobat to complete a form.
Re: (Score:2, Informative)
Even better would be a "Reader Light" with no write capability at all for the 99% of users who will never use Acrobat to complete a form.
A note on PDF form signing with the free Reader: the Reader does not allow electronic signing unless the document itself is signed with a producer key that is issued by Adobe. In other words, you get to sign for free if your users are using the full Adobe suite. If they only have the Reader, you need to pay something like $20000 to Adobe to get a producer key which allow
Re: (Score:2)
My bank was happy to accept an excel spreadsheet as an email attachment, email contents saying that I agreed with the stuff, a md5 of the file, and the whole email w/ attachment signed with GPG. This was 10 years ago. Of course at closing, I had to ink sign and initial everything, but I would've needed to do that anyway so the e-"signature" was fine for getting the process started.
Re:Question (Score:5, Funny)
Re: (Score:2)
Why can't that data be stored in a little SQLite database (or some such) in the PDF file? Why does it need to be able to write other files on my filesystem? Why does it need to be able to write to My Documents?
Re: (Score:3, Insightful)
Signing documents, adding notes, adding addendum, filling out forms, etc. There is more to PDF's then text.
Uhm, if this was the functionality discussed here, Notepad and vi would be just as vulnerable.
You are clearly confusing:
1. A program which saves changes to the loaded file when the user requests it.
2. A program which writes to other files in the file system, when the document requests it.
The problem with Adobe Reader is #2, not #1. So, to repeat the GP's question:
Why does a PDF viewer need to give the document the ability to write at all?
Re: (Score:2)
What spec? All that scripting support is Adobe only.
Re:Question (Score:5, Insightful)
With Acrobat, Adobe has fallen into a particular bloat trap usually reserved for Microsoft and AV vendors. It goes like this:
You release a product, and it does one specific thing well. Lots of people buy it, and you have a success on your hands. You come up with a bunch of fixes and new features, and release version 2. Again, lots of people buy it. Same thing again with Version 3, maybe version 4... and so on. This is the normal ideal for-profit software development model.
However, at some point you start developing what will become... let's say version 5. You start working on it, and you can't think of any good features to add in. Version 4 already does everything you want that software to do, but you can't just stop there-- you wouldn't be able to sell any upgrade anymore. At the same time, you can't just release bug-fixes and improve performance, since you wouldn't be able to justify charging people for a new version that consisted only in bug fixes. You don't want to head in an entirely new direction because it might alienate current users. You don't want to invest in creating a new product instead, because new products are risky. You just want to find a way to continue milking your cash cow.
Eventually you come up with a bunch of flashy-sounding features that you can advertise even if almost no one uses them. You invest in marketing to make people feel like this new version will allow them to do lots of things that they'll probably never actually do. You reorganize the interface, shifting controls around for no reason other than to make things look "new". You discontinue support for older versions. You modify your file formats so that they'll be slightly incompatible with older versions, or at least you make sure your older versions throw up some kind of warning that says, "This document was made with a newer version. Upgrade now!"
You do a whole bunch of that stuff, and sure enough, people buy it. You set out to make version 6, and you find yourself in approximately the same bind. Some people are still happily using version 4 of your software, and you haven't been able to convince them to upgrade. So then you start throwing even more powerful-sounding but useless features at your customers. "This version has SecureBit technology, which will make all of your bits secure. Make sure you upgrade, or all your information will be eaten by hackers!" and "This version has the latest support for the latest AwesomeX technology. Make sure you upgrade, or you'll find out your friends can do cool things that you can't!" Little by little, you push customers to the latest version. This is now your business model.
With each version, you throw in more and more stuff. Maybe some of it's useful. Maybe there are even 2% of your customers that actually make good use of AwesomeX technology. Mostly, though, your software gets more and more bloated with stupid things so that you have an excuse to keep charging money.
Ultimatley PDF have been fine for making print documents for a long time. Acrobat and Acrobat Reader have improved in some ways, but even old versions were adequate for producing static PDFs. Adobe's only hope for continued growth is to push PDF to be used for more and more things that it is not well suited to handle. Adobe has made it so each PDF file can be kind of like its own stand-alone application by using javascript and Flash.
Operating System Feature (Score:4, Interesting)
Should it be an operating system feature to force all user applications to run in a sandbox by default?
Re: (Score:2)
The problem is that most OSs out there (including Windows, Mac and Linux) are user-centric, rather than application centric (at least, by default). When you run Acrobat, it has the same permissions that you have (which, in many cases, allows the application to do many things). Adobe's solution is to make Acrobat limit itself in what it can do.
If you really want an operating system based solution, you could make a separate "acrobat" user (which doesn't have any read/write permissions), run Acrobat as this se
Re: (Score:2, Interesting)
If you really want an operating system based solution, you could make a separate "acrobat" user (which doesn't have any read/write permissions), run Acrobat as this separate user and do a "sudo" whenever you want to allow acrobat to read/write to a file on the filesystem.
Giving Acrobat root permission whenever it wants to write to the disk would be rather brave.
In the real world you'd create an Apparmor or SELinux profile which only allowed it to write to a few places and that would be it. Unless you're on an antiquated OS like Windows, anyway.
Re: (Score:2, Informative)
Re: (Score:2)
Uh, no one mentioned giving Acrobat root permissions. Where did you get that idea?
Uh, which part of "do a "sudo" whenever you want to allow acrobat to read/write to a file on the filesystem" did you miss?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Unless you're on an antiquated OS like Windows, anyway.
And you can't do it on Windows because...?
Oh wait, you can. If you couldn't, then this story would probably not exist, as Adobe wouldn't be able to do it either. Idiot.
This is only news because Adobe is finally admitting their product is crap. Now if they only took steps to improve the quality of all their other products... but I guess you can't have everything.
Re: (Score:2)
And you can't do it on Windows because...?
Again, where's Windows' equivalent of Apparmor or SELinux?
Perhaps there is one that I'm not aware of, but if it exists I'm rather surprised that no-one's ever used it to block the huge security holes in Windows.
Re:Operating System Feature (Score:4, Informative)
Again, where's Windows' equivalent of Apparmor or SELinux?
Well, since I've never worked with those products, you don't seem to be interested at all in explaining what the holy fuck they do, and since I'm not telepathic, I can't answer that question.
Perhaps there is one that I'm not aware of,
Not aware of? It was posted IN THIS THREAD LIKE 3 POSTS UP! Seriously, WTF is wrong with you. IIRC, you yourself picked it apart based on a fucking typo (sudo instead of su).
You're being purposefully dense to make some point about your fucking pet software you won't bother to explain. Stop it. It's pissing me off.
Re: (Score:2)
but (as far as I know - please correct me if I'm wrong) there is no generic way on Windows for administrators to restrict programs to certain actions with path-based rulesets,
You are fucking wrong. It's in this fucking thread, just a few fucking posts up. I FEEL LIKE I'M TAKING CRAZY-PILLS!
Christ. You guys are so committed to your "Windows sux, apparmor rox!!!" opinion that you've lost ALL FRONTAL LOBE ACTIVITY. That's why I'm getting worked up: stupidity. Stupidity on purpose to make a point.
I give up on t
Re: (Score:2)
Integrity Levels, while not configurable in the sense of AppArmor profiles, serve much the same purpose (low-integrity apps, like IE, can't write files outside of low-integrity locations like the Temporary Internet Files directory, can't directly invoke apps with higher integrity levels, and can't use various forms of IPC to higher-integrity processes; this is what Protected Mode is all about). It would be nice if there were more control over things like ILs, but that's largely why Windows has a bunch of us
Re: (Score:2)
If you really want an operating system based solution, you could make a separate "acrobat" user (which doesn't have any read/write permissions), run Acrobat as this separate user and do a "sudo" whenever you want to allow acrobat to read/write to a file on the filesystem.
Or you could add operating system support which would allow a program's manifest to declare that it is internet-facing and should run with lower privileges than the user launching the program, i.e. stripping the user's writing permissions and limiting reading rights.
To avoid the program (if taken over by an attacker) misusing the permissions for e.g. unsolicited downloads to an otherwise allowed download location we could restrict the process so severely that it would need another process to marshal files i
Re: (Score:2)
Apparently, I'm using more modern version of Windows, than you've got. It's NT4 and has the feature you've mentioned. Check it out.
NT4 has an equivalent to Apparmor or SELinux which allows me to prevernt Adobe Reader from writing to anywhere other than its own files?
Re: (Score:2)
Don't know about NT4 (not used it since the 90s), but XP and up have SteadyState [wikipedia.org]. Check out its disk protection feature, it's functionally chroot with a wipe after app exit.
Re: (Score:2)
This is what SELinux is for.
Re: (Score:3, Insightful)
Windows 7 and Vista offer protected mode [wikipedia.org] to any developer who wants to use it. Acrobat doesn't currently use it but other applications do and it seems they'd rather roll their own sandbox, which is fine, but the mode is available as an OS feature. This is separate from running as a limited user or enabling the UAC, both of which can be done on top of it.
Re: (Score:2)
Sandboxie, though excellent is nagware once its 30 day trial expires (a small delay before launching is hardly nagging, but, nevertheless...)
Comodo Firewall has a sandboxing app built into it (along with AV and anti-malware) without any nagging (although you have to remember to un-tick some bundled app (yahoo?) during install.
Desperation (Score:4, Insightful)
Honestly, give up on Adobe Reader. There are other options. FoxIt has about the same feature set, and CAN do all the dangerous boneheaded stuff like embedded javascript and external execution, but by default it's off, and the vast majority of people never need that stuff.
On the skinny end there's Sumatra (too skinny for me, no browser plugin). At the other end is Nitro PDF, which has a TON of features even in the free version.
Honestly, just take Adobe reader right off your machine. Do it now.
Re:Desperation (Score:5, Interesting)
I'm on OS X, so I use Preview (built in), and it's amazing. It looks great, and it's fast as heck. Because of this I was able to go a long time without having to use Adobe Reader.
Then I ran into a PDF at work (Windows boxes) and suddenly remember the word of pain and slowness that Reader caused. I now use FoxIt on Windows. It's not perfect (the experience of using Preview is much smoother), but it doesn't act like it owns my computer.
I recently discovered that not only do PDFs on Snow Leopard have icons that look like their first pages, but when you mouse over them two little buttons pop up and you can turn pages on the icon so you can easily see if a small PDF contains a specific chart without having to open preview or quicklook.
Some Mac blogger wrote a little while ago that if it wasn't for Preview, Mac users would have abandoned PDFs years ago as slow and bloated (the impression Reader leaves on both Mac and PC). Between Preview and the built in Print to PDF support, you forget how obnoxious PDFs can be on other platforms. MS should make a PDF reader and embed it into 7 SP2. It has to be better than Reader, and 95%+ of users don't use the fancy form-filling auto calculation Javascript magic stuff.
Re: (Score:2)
Adobe threatened to sue when Microsoft planned on integrating a PDF export option into Office. Due to their monopoly, Microsoft has to be careful that they do not use their monopoly to control any other markets. I guess creating a standalone PDF viewer/exporter would be OK, but they would have to charge for the exporter just like Adobe does. The other option would be for them to create an alternative format to PDF - a stunt they attempted and everyone ignored.
So including PDF with Windows would resul
Re: (Score:2)
Adobe threatened to sue when Microsoft planned on integrating a PDF export option into Office.
Isn't PDF a standard now? Wasn't it submitted to the xopen group or something like that? Can Adobe still exert control over the use of the standard?
Re: (Score:2)
Unfortunately, Adobe has so totally borked the PDF spec and PDF creation tools that I still come across PDFs that Preview can't render. A couple years ago (right after 10.5 came out) I had a strange PDF--just a basic one page, 12-month calendar, but somehow all I got were the outlines of the months. There was no text anywhere except for the year at the top and the company name at the bottom. I don't know who made it or how but I had to be able to see it which is why I've always got Acrobat around. (Thought
Re: (Score:2)
foxit is terrible these days.. it can't embed correctly to save its life, its slow, getting bloated and the installer likes to install toolbars and crap. I loved it 2 years ago.. not so much now.
Re: (Score:2)
Foxit is nice, but they just don't *get* security. At all. I mean, a fairly basic dumb fuzzer (change a random byte here and there in a template file) will reveal it to be Swiss cheese in a couple hours. This is not to say that I like Acrobat Reader or think its security is good, but its security is, in fact, a hell of a lot better than Foxit's. As with MS software, Adobe is the big target that everybody goes for, so they can be 10 times as secure and still have far more actual exploits.
How about 'read' calls too? (Score:2)
Why not sandbox it entirely? If the JS engine in Acrobat can run arbitrary commands I don't want it reading files from my local filesystem either. I suppose it wouldn't directly be able to transmit those files if its not able to write to a network socket, but that doesn't mean it should be allowed to read random things either.
Adobe obviously wants to keep a very tight grip on the PDF ecosystem, why not limit Reader and only allow it to perform scripting actions on signed and verified PDFs? This benefits Ado
Comment removed (Score:3, Informative)
Doesn't matter (Score:4, Insightful)
Re: (Score:3, Insightful)
goodbye, PDF->payload
hello PDF->chroot breaker code->payload
How do you keep stuff like tidserve out. (Score:4, Insightful)
Litter ! (Score:2, Informative)
My cat's sandbox is the right place for Adobe's products.
Too heavy, too slow, too buggy, too dangerous, etc.
software noob but... (Score:3, Interesting)
IANAMCSE but.....(I am not an MCSE :) )
Is there just no possible way to develop software that is NOT exploitable?
Re:software noob but... (Score:4, Insightful)
Re: (Score:2)
Is there just no possible way to develop software that is NOT exploitable?
Depends on what your software is doing. If your software has to change any of the bits on the hard drive - Exploitable. If your software interacts with a database - exploitable. If your software contacts the internet - exploitable.
Let's hope.. (Score:2)
One can always hope that with half of Windows 7 installations being 64 bit [slashdot.org], malicious software readily bypassing the protection will force Microsoft to finally implement a sufficient API [sandboxie.com] for sandboxing.
This reminds me of Word Macros (Score:5, Insightful)
It seems that Microsoft already went through this 15 years ago with Word macros. It's kind of scary that these companies that are producing software for looking at / creating documents would enable this sort of functionality in their file formats. I realize that there are a handful of applications where it's beneficial to have a document be able to write to the filesystem, but for 99.99% of documents, what business do they have reading or writing anything?
It would be like if you bought a book, sat it down on your desk, and when you pick it up later, you find that the book was doodling on your desk the whole time.
And yet they still haven't made a version... (Score:5, Informative)
Sure there are free pdf readers that work on Linux and 64 bit, but I find that none of them are as flexible with regards to printing options as Acrobat is.
And the last time I installed multi-libraries on my system supporting both 32 and 64 bit, primarily just so I could use Acrobat, I started having some stability issues that I would just as soon not repeat.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Curious (Score:2)
But what will they put the sandbox in? (Score:3, Insightful)
Just sayin'...
a circular sandbox (Score:2, Funny)
Sandbox A will be put inside Sandbox B, and Sandbox B will be put inside Sandbox A. Problem solved!
Why yes... (Score:2)
Why yes, because when I think of what it would take to quickly open and view PDFs, I immediately conclude that the only solution is a program big enough and complex enough to require a sandbox, to make sure that it can't be exploited.
For years, Adobe has been creating extremely bloated software. And it has been years, not coincidentally, since I've wanted to install any of their stuff.
Why did PDF have to have all this crap added to it? The answer is, it didn't; Adobe just wanted to keep extending their re
Re: (Score:2)
They should make PDFs open in a sandboxed Virtual Machine, now that will be secure!!
The real question is. . . (Score:5, Funny)
Who sandboxes the sandboxers?
Sandboxing? (Score:2)
Sandboxing Adobe PDF? How about just burying this bloated, slow, insecure garbage in the sand so it never shows again. Then in 200 years it's discovered in an archaeological dig, and people marvel at how badly written software was ever unleashed to market.
What is these need for accessing the system anyway (Score:2, Redundant)
This is like giving people guns, then throwing them in jail. Why give them guns to begin with?
I've got mixed feelings about this (Score:2)
1.) About fucking time, morons
2.) Okay, i feel a bit safer
3.) Who cares? I've not used Acrobat in several years.
Sumatra, PDF X-change or Foxit works as well or better.
Fix it instead of sandboxing? (Score:2)
Instead of sandboxing the software, couldn't they fix the software so it's not vulnerablerable to so many attack vectors?
and then sandbox it...
Re:Sandbox (Score:5, Funny)
Sounds suspiciously Apple-like. iPhone apps do this very thing.
No shit Sherlock: sandboxing, emulation, memory and hardware virtualization, CPU ring modes are all Apple inventions from 1970s and Windows 7 you're browsing from right now has its code base from Apple Lisa of that era.
Re:Sandbox (Score:4, Insightful)
And Apple Stole every aspect from the XEROX PARC development. They guy credited with creating the GUI and Mouse worked for Xerox, not Apple. Xerox let them steal it, no question, but don't give credit where it's not due, PARC is responsible for far more than what you are crediting to Apple. The only thing Apple did was make these software interfaces cost effective by using commodity hardware instead of PARC'a tendency to use specialty hardware.
Re: (Score:2)
And PARC got their ideas from Douglas Engelbart's Mother of All Demos [youtube.com]. The 1960s were a groovy time.
Re: (Score:2)
Re: (Score:2)
PARC is responsible for far more than what you are crediting to Apple
IIRC Xerox PARC created/invented the GUI, the mouse, and ethernet.
Re: (Score:2)
Re: (Score:2)
Re:This is all good but... (Score:5, Funny)
This is how they managed to get a "sandboxed" PDF reader out in less than the usual absolutely glacial Adobe development timeframe...