Adobe Introduces the Paid Security Fix 392
Nimey writes "Adobe has posted a security bulletin for Photoshop CS5 for Windows and OSX. It seems there is a critical security hole that will allow attackers to execute arbitrary code in the context of the user running the affected application. Adobe's fix? You need to pay to upgrade to Photoshop CS6. For users who cannot upgrade to Adobe Photoshop CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources."
What a scam (Score:5, Insightful)
I can see it now, all software vendors are going to introduce security flaws or wait until one is discovered to release the next paid upgrade release.
I think a class action suit is in order for all the holders of the older version. It their software causes a security hole and if one person gets hammered by it then like the car companies having to recall and fix cars, software vendors will have to do likewise.
Are you listening Adobe.
Re: (Score:3)
Sure, except to use the software you agreed to the EULA where Adobe disclaimed themselves against any such defects. Good luck with that.
Re: (Score:2)
I would love to see it.
Adobe made a defective product. A recall should happen.
Re:What a scam (Score:5, Interesting)
The house analogy is much closer to open source. If you find a flaw in the design, such as that thieves figured out how to pry open the windows, then you can't go back and sue the builders. You can however get new locks, add on new security to the house.
Adobe though is more like a landlord who is anal about you making any, even tiny repairs. You aren't allowed to make any changes to the house itself. You find out that thieves have figured out how to pry open the windows. You report this to your landlord, expecting them to make appropriate repairs. They refuse to make reasonable repairs, but tell you that they have a different property for rent, with better secured windows, if you are willing to pay higher rent.
The issue is that since they do not give you the source code to even allow you to make repairs, they should be obligated to make repairs themselves for a decent amount of time.
Re:What a scam (Score:4, Insightful)
"Sure, except to use the software you agreed to the EULA where Adobe disclaimed themselves against any such defects. Good luck with that."
They might in fact have good luck with that. The fact that something in the EULA doesn't make it law. Or even valid.
For example, some states have laws saying that if you sell a product intended for a particular purpose, there is an implied warranty that the product is fit for that purpose... no matter what kind of disclaimer the seller puts on it.
Don't mistake EULAs and Limited Warranties for law. Corporate lawyers don't necessarily put valid stuff in there. On the contrary: what they include are things they'd like you to believe, and that they HOPE they can convince a judge of, if it ever goes to court. And in some cases they even include stuff that they KNOW won't stand up in court.
Re: (Score:3)
If software producers can get away with that, why cant car producers? Or the other way around, if nobody else can get away with self-absolving EULAs, why do software producers?
Because software is "Intellectual property", so you don't own the software once you bought a copy: you are only allowed to use it. (yes, I know, copyright infringement is not theft for this very same reason...).
Re: (Score:3)
"Because software is "Intellectual property", so you don't own the software once you bought a copy: you are only allowed to use it. (yes, I know, copyright infringement is not theft for this very same reason...)."
Wrong on both counts.
A book is intellectual property, too, but if you buy it you own it. The idea that you are just using it (or "licensing" it) is pretty much unique to the software industry, and has between little and nothing to do with the fact that it is "intellectual property".
I should qualify my comment about your last bit, though. While the fact that it isn't theft is related to the intellectual property concept, I suppose, but only indirectly. The more direct reason they are distinct in law is
Re: (Score:3)
Re:What a scam (Score:5, Interesting)
Re: (Score:3)
Clearly you haven't looked very far. Windows has crept into all kinds of application that would make you think "WHAT!!!??? Who authorized this!!!???" Just a few off the top of my head include trains, cranes and ships. In any case here's a list of the 10 worst uses for Windows [networkworld.com] and they range from the silly to the life threatening. Like I'm sure you'd be all warm and fuzzy knowing that the radiation machine measuring your near lethal dose of gamma rays is running vista and hooked up to a network. Good luck wi
Re: (Score:2)
No one's going to get killed if their PC gets pwned by malware in an image file. It's not like elevator control systems (see nearby Slashdot article) are running Photoshop. I don't see how they have any responsibility at all to even bother making their software secure. If you don't like it, don't buy their products.
Re: (Score:3)
Why not? Sony got in trouble for damaging people's PCs (making them unbootable or breaking installed software). Let's put Adobe in a courtroom too.
Of course Adobe could argue other companies do it. Apple and Microsoft do it when they stop filling holes in their old OSes, and tell you to upgrade to OS 10.7 or Win7. Mozilla does it when they abandon Firefox 4 or seaMonkey 2.0 and say, "You're on your own."
Re: (Score:3)
As for Adobe, or any software product. The developer should be required to fix security problems as long as there are people using the software, just like Microsoft and Windows XP.
Oh please. There's still people using DOS and Windows 3.0. Hell, there's people still running PDP11s somewhere. Manufacturers have no responsibility to support their products indefinitely. On top of that, why do you have a double standard? You insist on Fort Knox-level security for consumer software, but you don't insist on
Re:What a scam (Score:5, Interesting)
I just go with a policy of buying new copies of software every several versions. If I need a feature or bug fix from a version in between buying cycles, I have no moral issues obtaining an upgrade through alternate channels.
Pretty much the way I look at it is, if I buy a product with a manufacturer defect, there should be no limitations on my ability to obtain a refund for the product. In the case of software, I don't find it unreasonable to skip past the unreasonable methods I would need to pursue to obtain a refund and purchase a fixed version.
Lemon laws don't exist to protect consumers from the idea that an automobile is a failure, but rather to prevent consumers from being burdened by unreasonable processes for obtaining a working automobile pursuant to the arrangements they made at purchase.
Also, no one should ever feel respect or bound to an EULA. The practice itself is inherently outside of common and established legal practices. If I were presented the license at the time of purchase, prior to paying, I might be able to respect it. Based on the concept of the EULA, I could have my PC pass a counter EULA to the installer or e-mailed to the vendor which outlined my requirements of their software in order to occupy space on my hard drive. If the installer continues, can I not consider their consent to be implied.
It's the same reason, no one thinks twice about installing an ad-block on their browser. They have a right to control what content runs and executes on their computing device. I've voiced the opinion for quite some time that advertisements which attempt to get around ad-blocking actually constitute violations of most computer hacking laws (use of processing time on a computing system without authorization).
Ugh (Score:3, Informative)
If this was a years-old version, I'd understand, but CS5 was the latest version until literally days ago!
Re:Ugh (Score:4, Insightful)
No, CS 5.5 was the latest version before 6. And considering CS5 came out April of 2010 it technically is a 'years-old version'. Still a scam, though.
Re: (Score:2, Interesting)
"If this was a years-old version, I'd understand"
Well, I don't.
If it's a years old version and *yet* after years of pushing security and bugfixes there're still more, it can only mean that the product they sold was basically cow shit and they deserve what it takes to protect it.
You don't want to push security updates forever? Damn easy: just don't push away shitty software.
Car analogy (Score:3, Funny)
This is akin to buying a 2010 Chevy (under warranty), then finding out that the brakes catch on fire under certain circumstances, and the company's suggestion: buy a 2012.
Re: (Score:2)
This is a terrible analogy. First of all, software doesn't come with a warranty. In fact don't most (or all) EULA's specifically say there is NO warranty, explicit or implied, that makes them liable for damages of any sort?
Also, if the "certain circumstances" for your brakes catching fire are "you don't know how to drive properly", that changes things, right?
Re: (Score:2)
oh, well a EULA. stop the presses.
Re: (Score:3)
"In fact don't most (or all) EULA's specifically say there is NO warranty, explicit or implied, that makes them liable for damages of any sort?"
Yes, so they say.
And for the same price they could say you owe them your firstborn.
They saying what they want doesn't make it automatically legally bonding, didn't you know it?
Re: (Score:3)
First of all, software doesn't come with a warranty. In fact don't most (or all) EULA's specifically say there is NO warranty, explicit or implied, that makes them liable for damages of any sort?
This is the basic approach:
We provide no warranty:
COMPANY PROVIDES NO REMEDIES OR WARRANTIES, WHETHER EXPRESS OR IMPLIED, FOR THE SOFTWARE.
We try and get out of any warranty that you might get from consumer protection laws by explicitly decaring its sold "as-is" and that we don't represent that its "merchantable" or
Re: (Score:2)
If I operate on a patient, and then give them instructions on how to properly care for their wound, which they fail to follow, I still have to treat their infection.
horrible analogy. when you go back to the doctor with the infection, regardless of whether you followed instructions, the doctor charges you for that second visit. if you don't (or your insurance doesn't) pay, they don't have to treat it.
Re:Car analogy (Score:4, Insightful)
I know people here like to bash on Microsoft, but thay are going to support XP through 2014. Windows 8 will be out. That's 13 years, and *3* versions later.
Considering the insane price Adobe sells CS, You'd think they could at least fix security holes for a little while.
Re: (Score:2)
This is akin to buying a 2010 Chevy (under warranty), then finding out that the brakes catch on fire under certain circumstances, and the company's suggestion: buy a 2012.
Your Adobe CS suite is under warranty and they are denying you a fix?
Re:Car analogy (Score:5, Insightful)
No, but I could have my identity stolen, bank accounts compromised, vital information about friends/family/co-workers/customers stolen, etc. Looking only at one extreme possibility (or non-possibility, as you used) is, well, pretty damn narrow-minded.
Re: (Score:3)
"No, it's not. You're not going to die if your computer gets pwned. If you don't like it, don't buy Adobe products."
Well, how is it any different that in the case of life-threatening menaces? You don't want the new Sukhoi Superjet 100 because it tends to kill you? then don't buy it.
The point is that if a product produces an unforeseeble damage that can be tied to producer malice/miscalculus, then it is the producer the one to pay the bill. Bigger if there are deaths involved than in other case, but still
Re: (Score:2)
$500? In proportion to the total cost of a new car would be reasonable.
Its called a trade-in.
Awful nice program ya got there... (Score:2)
Be a shame if something bad happened to it...
Wow... Actually sounds like our medical system. And just about every other "system" we have. Cars, houses, etc...
Wow, now that I think about it, that sucks.
Blech.
Fuck you, Adobe! (Score:5, Interesting)
Since I can't mod Adobe "-1 flamebait" I'll just say it again. Fuck you, Adobe! I'd like to go on record as stating that you should all be ashamed of yourselves.
Re:Fuck you, Adobe! (Score:5, Interesting)
Re: (Score:3)
I think it's great, and I hope more proprietary software vendors choose this method of dealing with security problems. If you don't like it, you're free to not buy their products.
I don't have this problem with GIMP or various other open-source products I use.
Re:Fuck you, Adobe! (Score:4, Insightful)
You also can't accomplish the same things on-budget and on-timeline with GIMP that you can with the full CS suite.
While I'm mightily annoyed with Adobe for how they handle bugfixes, the sheer size of their product means that a proper QA cycle would last them almost as long as their point release cycle. I don't really think there's any good solution -- the open source suites are too disjointed and just don't cut it still for most professional work (this is true... GIMP is really good at what it does, but it's a lossy image editing program, not part of a DTP workflow), and spending the time to create bugfixes and then QA them properly for previous versions of CS would just cost Adobe too much money, more than they'd be able to pass on to the consumer.
Re: (Score:3)
If you're making buckets of cash of their produt, pay for the upgrade and quit bitching...wow.
You'd be amazed how many companies in this world aren't making buckets of cash. They're making enough to meet payroll and cover any loans, but beyond that every month is a struggle.
Even when you look at national and even multinational companies, the story frequently doesn't change much. Yes, they cover their expenses every month but for many, it doesn't take a particularly big problem to come bouncing out of nowhere and that's it, thank you and goodnight.
And the real shitty thing? (Score:5, Interesting)
CS6 just launched and I mean JUST. It shipped on May 7th. So this isn't a case of an old version where Adobe is saying "Look guys, we are discontinuing support, have to buy the new one if you want it." The "old" version is only "old" by 3 days now.
Lifecycle Management (Score:2)
Re: (Score:3)
That's because their Lifecycle policy is approximately: "Fuck you." They'll support a version up until around the time a new version is getting ready to go, then they stop and only deal with the new version.
And they wonder why there's so much piracy ... (Score:3, Insightful)
And this is still on /.'s front page (Score:5, Funny)
"Just released, and coming in at 370 MB in size, the Mac OS X 10.7.4 update includes general OS fixes, and addresses more than 30 security vulnerabilities. But aside from typical security fixes, Apple has made an interesting move in an effort to protect users. Through this latest software update, Safari 5.1.7 will now automatically disable older â" and typically more vulnerable â" versions of the Adobe Flash player. While many software vendors would prefer OS makers to keep their hands off their software, the move appears to be welcomed by Adobe, which has constantly battled vulnerabilities in its widely installed Flash Player."
Maybe Apple should disable Photoshop CS5 as well?
Re: (Score:2)
If Apple automatically disabled the latest versions of Flash Player as well, I'd actually buy one.
This is nothing new (Score:5, Insightful)
There is an old story I will retell that should serve as a warning for all customers.
Once upon a time, there was a transport company employee charged with replacing a large segment of the companies trucks made by Volvo. The employee, being a bright individual called up a sales clerk from Ford that had been trying to get a foot in the door and asked him to send three Ford trucks for testing. The day the Volvo sales clerk came to make discuss the purchase of new Volvo trucks, these three Ford trucks happened to be parked on the lot. When the trucking company employee saw the Volvo sales clerk glance at them, he said "Yeah, the boss has been looking them, he seems to think they are an alternative worth looking into. But that is for later, lets discuss the deal you were going to offer us".
In another company far far away, an CTO who loved IBM hardware knew it was time to discuss the purchase of new hardware, so he ordered an underling to set up a trial project with HP servers, just to see what the competition was doing. When the IBM man came by he of course showed him the workfloor including the corner where the junior was working on those shiny new HP servers, "Got to give the kids their toys to play with " the CTO told the IBM sales clerk. "Btw, what was the price you were going to ask for again".
But in the dark and damp lands of Mordor, a very different tale was playing out. There the CTO invited the MS and Abobe sales clerk and proudly showed them how his entire business depended completely on their software product and how not only did they need the software to work flawlessly or they would be bankrupt in seconds, all the staff could only use the latest software and their customers demanded that they use the latest software. "BTW", The CTO asked, "what was that deal you wanted me to sign in my own blood again while bending over"? And there was much rejoicing among the Tribes of MS and Abobe, for they knew exactly who was calling the shots. One lockin to rule them all and in Eula bind them. For the users of MS and Abobe where greedy and feeble minded and could not break free of the spell.
---
Really, this is nothing new. In the land of NAS and control systems, this is par de course. You let a supplier control you, control you they will. Want to break free? Good luck, your company needs the new version, license or risk being unable to produce so you hand them the cash and lock yourself in just a little bit more.
Not a SINGLE Photoshop user will invest in his own freedom by making sure there are alternative methods to do his production. They will grind their teeth buy the latest version and invest yet more to make sure their production is entirely locked into Adobe clutches.
Cue countless protests about how there are no alternatives... no, there are none because any who dares to try is ridiculed for not instantly producting a 100% compatible product for free because freedom should be free of effort and cost.
You gave Adobe the control, enjoy it.
It is not as if you are alone. Governments often dictate that procurement must be regulated, meaning that once a procurement contract has been done, all interest in customer satisfaction goes out the window because the contract is fixed, can't be ended and renewal depends solely on the price offered (not charged) so fuck you peon.
I seen it to often in other industries, entire production line depended on one type of machine, fired your own maintenance team and anyone who could switch them out with other hardware. Goes, the "extra" charges sure went up a lot didn't they? Suddenly maintenance must be done by their certified team, at weekend charges.
Lockin, avoid it or pay the price.
Re: (Score:2)
" can't be ended and renewal depends solely on the price offered (not charged) so fuck you peon."
not true. A government agency can put out a request for a bid on something else.
Re: (Score:3)
Did it ever occur to you that people may value things differently?
Maybe Photoshop users enjoy the freedom being able to hire any artist without special training. Maybe they enjoy the freedom to be able to go to any art school, photography school, community college, or vo-tec program and get quality training on the product. Maybe they enjoy the freedom to get a job at any professional shop that does graphics work. Maybe they enjoy the freedom of being able to send files to and from their clients. Maybe t
Re:This is nothing new (Score:5, Insightful)
Sounds About Right (Score:2)
Now, I'm glad that I never even attempted to work there. They've become known for security holes all over the place in Flash and Acrobat, glacial pace of development, one poor design decision after the other, and no shortage of performance issues.
Solution: The Gimp (Score:2)
I made the switch to the Gimp years ago. I got tired of pirating Photoshop. Then, when I switched to Linux, Photoshop doesn't run on Linux. Lo and behold, Gimp is an easy install, and I learned that. Now that I've switched to Mac (for the desktop), I still use Gimp. Ooh, and there's a new version out, and the development version handles high-bit images!
gimp.org [gimp.org]
I bought CS5 Ultimate In March (Score:2)
or maybe it was the last week of February. That's a mighty short support cycle for an expensive product. Perhaps a class action would be nice.
(note: I did not pay retail, but having essentially a 3 month supported period on a major software suite is pretty crappy)
Suckers. (Score:5, Insightful)
Adobe's fix? You need to pay to upgrade [from CS5] to Photoshop CS6.
Ah yes, I would be delighted to buy more software from you, since it worked out so well last time around.
They knew over six months ago! (Score:4, Informative)
Again, hard to empathize (Score:3)
People pay for Photoshop? (Score:4, Funny)
That's news.
Re: (Score:3)
This factoid has been published in the press, and is attributed either to someone from Adobe, or to someone doing a study on the subject.
Re:Call it the Microsoft method (Score:5, Informative)
Sorry but Microsoft does the best at offering security fixes at no cost. I can't think of another company that does it better than Microsoft.
Re:Call it the Microsoft method (Score:5, Insightful)
Three orders of magnitude is very large in real life.
Windows 7 Ultimate: $200
Photoshop CS6: $700
Oh yeah, Microsoft is so much worse.
Re: (Score:3, Insightful)
1000 / 3.5 ~= 285. Of course, that assumes you believe the OP's billions vs millions claim.
Sources claim 650M for windows 7:
http://news.softpedia.com/news/Windows-7-Approximately-650-Million-Sold-Licenses-by-the-End-of-2011-202026.shtml [softpedia.com]
http://finance.yahoo.com/q/ks?s=ADBE+Key+Statistics [yahoo.com]
If 100% of Adobe's 4.2B revenue comes from $700 Photoshop sales, that's 6M units/year, call that 24M units over the lifespan of windows 7 since release in 2009.
So for every unit of Photshop, you have at least 27 units of win
Re:Call it the Microsoft method (Score:5, Funny)
Re: (Score:3)
$50/mo for 12-24 mos (until CS6.5/CS7 upgrade time) = $600-$1200, and you don't even have a license to use the software if you stop paying $50/mo.
Nope, doesn't sound like a good deal to me.
Re:Call it the Microsoft method (Score:5, Informative)
Windows: Pirate our software, we'll still give you security fixes (although we might put a watermark asking you to stop pirating it)
Adobe: Buy our software, but you only get security fixes if you give us even more money.
Hell, MS gives security fixes even to XP until 2014 (13 years after its release). CS5 is less than 2 years old.
Slight correction (Score:2)
Re:Slight correction (Score:4, Informative)
And it has only been released for purchase for a few DAYS. It was released this week (the week of the 7th).
Almost makes me wonder if they new about the problem and only acknowledged it now so they didn't have to patch it for free. captcha revenues
Re:Slight correction (Score:5, Funny)
Photoshop 6 == Photoshop CS1, the CS is quite important here.
And the CS stands for Compromised Security.
Re:Call it the Microsoft method (Score:5, Insightful)
MS security fixes are not "no cost".
They just look cheaper on the surface, because the cost is amortized across BILLIONS of forced Windows licenses, instead of MILLIONS of Photoshop licenses.
Three orders of magnitude is very large in real life.
Does not compute. Windows XP has been around for a decade. XP will have received "free" updates for 12 years when support is finally dropped. On the other hand, Adobe Photoshop has had 8 major version releases during that time. According to Adobe's website site, 4 of those versions are no longer supported...and apparently we need to add another few versions to the list.
Bitch about MS all you want, but their support of security fixes for Windows and Office has been excellent compared to companies like Adobe. If I were a Photoshop user I would have spent thousands of dollars to keep my version in support compared to the $200 that XP costs up front. And yes, it really isn't fair to compare OS support to application support.
Re:Call it the Microsoft method (Score:5, Insightful)
I have to agree, MS has indeed patched XP for a long time. MS gets lots of practice in patching security holes but to their credit (I never thought I'd say that about MS!) they have not charged anything for it. I can't even complain about them dropping support for XP in 2014; they've carried it for a long, long time and that is pretty responsible behavior (given the very slow move away from XP). Neither did they need to provide patches to pirated versions, but they did that in the best interests of the worldwide computing community.
IIRC Adobe is not the first to pull this "buy the new version" stunt.
Re:Call it the Microsoft method (Score:5, Insightful)
You're not a programmer, are you?
You certainly know nothing about how impossible it is to write "perfect" software.
Re:Call it the Microsoft method (Score:4, Informative)
So are you offering to pay $10K or more for this hypothetical near-perfect software?
or will you pay $200 and accept that there may be bugs (and that the company will offer fixes for major security issues for x years) ?
It all comes down to economics at some point.
Re: (Score:3)
you can't tell at the same time "it's impossible to write zero bug software" and "but I didn't know my software had bugs"
Excuse me, I'm not sure if you are aware of it but your post has an identifyable bug, it contains an obvious strawman that your proof-reading appears to have missed. Can you please patch your original post and remove said strawman. Note, I don't want a new post, I want you to fix the original. I've donated to slashdot several times over the last decade to the tune of maybe $30 total, I know it's not a lot but nevertheless I didn't pay to see your bug ridden posts. /sarcasm
Re: (Score:3)
Call it the /. method (Score:5, Insightful)
Re: (Score:3, Insightful)
Re:Call it the Microsoft method (Score:4, Insightful)
*cough*IBM typewriters*cough*
Re:Call it the Microsoft method (Score:5, Insightful)
If it's broken, get them to buy something to fix it.
Oh come on, this 'oh Microsoft is just as bad' is the biggest cop-out. In this case it's just a blatant lie, CS5 was released early 2010 and this announcement means they've discontinued support for it, Windows XP was released in 2001 and is still supported now and will be until mid-2014.
Re:Call it the Microsoft method (Score:5, Interesting)
CS6 is not available in some markets. And this is going to be a real killer for chunks of the corporate world. My pet artists are going to be on a sneakernet if they want to keep CS5 and are going to have to learn a new toolset in the meantime if they want to come back onto my network. (The one hooked up to the internet with support contracts and enterprise agreements and production web servers)
PAIN.
Re: (Score:3, Informative)
Actually, if by "RHEL from 2008" you mean RHEL5 then you were quite wrong. Apparently, redhat promises security updates at last until sometime in 2017:
https://access.redhat.com/support/policy/updates/errata/ [redhat.com]
Re:Call it the Microsoft method (Score:5, Insightful)
Windows ME got 6 years of support (Microsoft offers a minimum of 10 years of support for Business and Developer products). Mac OS 10.3 got 4 years of support (Apple don't have a defined policy for their life cycle, just a general rule that they offer support for the current and previous version). REHL will get 13 years of support.
Two years of support for CS5 is not just "a *bit* quick" for such expensive, professional software. It is an insult.
Re: (Score:3, Informative)
This is not support. This is fixing something that was broke in the first place.
Re: (Score:3)
Exactly. If people don't like this, they should find another vendor.
Re: (Score:2)
Re: (Score:2)
Good point, though Adobe's gone one step further... Microsoft ends "mainstream" support fairly consistently (and longer than Adobe, to be sure), but extended support is not so bad (XP will be dead to the world in 2014).... I'll keep my XP machine running until it dies of old age (gotta play all my old games and the machine's woefully underpowered for Win 7.... heh.)
So in Adobe's case, they support only the current version, it seems... no patches.. gotta upgrade for those. If they offer free patches to othe
Re:This is not new (Score:4)
Re:This is not new (Score:5, Insightful)
More importantly, if you bought CS5 for $2000 just three months ago, you have to pay to upgrade. It's like your iPhone 4 warranty running out when the 4s was released, even if you just purchased a v4 a couple weeks before hand.
Re:This is not new (Score:5, Insightful)
"More importantly, if you bought CS5 for $2000 just three months ago, you have to pay to upgrade."
Good reason not to pay for it in the first place.
Re:This is not new (Score:5, Interesting)
This is not only not new, but the exact same thing happened for CS4 -> CS5. I still use CS4, because I spent so much time waiting for CS5, which kept missing its release dates, that I bought CS4 instead. Then they wanted me, TWO MONTHS LATER, to shell out another $400 for what amounted to a security/bug fix, as I didn't need any of the new features included in CS5, just the bugs fixed -- and they weren't willing to fix the bugs.
At least at this point, all the attacks are targeting CS5, so CS4 isn't getting any worse than it already was....
I'm starting to think I should try migrating to another package again... anyone know of decent (yes, decent) equivalents for Photoshop, Distiller, InDesign and Illustrator? GIMP takes care of many of the Photoshop issues, but Inkscape isn't there yet, Ghostscript has the wrong feature set for me (and I don't have the time to write my own scripts to fix that), and nothing else I've found is integrating these other apps into one workflow package the way InDesign does, nor will they read InDesign templates or publish to industry workflows with proper color and bleed profiles.
Re: (Score:2)
Indeed... this even lines up with Adobe's "trade in" policy -- and the prices for a Chevy and Adobe CS are starting to equalize too. Of course, having your DTP business go under due to getting hacked via CS isn't really comparable to dying at the wheel.
Re:Glad I'm using the GIMP... (Score:5, Insightful)
Re: (Score:3, Insightful)
Actually, they now have a $50/month subscription service that allows install on 2 computers (non-simultaeneous use).
The $600/year comes to 2-3 times as much as keeping current ($300 year for every upgrade since CS3, or about $200 year to go from 3-6), but does not have the $1800 upfront cost, meaning for new purchasers are actually ahead for about 4-6 years. An upgrade from 5 -> 6 is $725, so it's 2 years before it's more expensive to use the subscription than purchasing the upgrade (the subscription com
Re: (Score:2)
I'd call em back with my lawyer on the line. Or a friend who can do a passable imitation of a lawyer, at least. They wouldnt know the difference.
You're dealing with low-level drones that have to just follow the scripts they are given. Escalate it and force the issue. Companies setup ridiculous policies like this because they know it will cost the customer a lot more to get legal relief than it would be worth, and count on that. The moment they believe they are dealing with a customer who is stubborn and irr
Re: (Score:2)
My paid Acrobat 9 isn't much better -- some of the key features, such as Cleartype OCR, just don't work. Period. Adobe's response? Upgrade because they don't support it anymore (despite the fact that it didn't work when they sold it to me right off their own website).
I had that licensing issue with a previous version of an Adobe product, and ended up finding a cracked version of the product I'd purchased, just to get around it not working. This, to me, is entering MPAA territory of the pirates putting o
Re: (Score:2)
Sure, blame it on the Eskimos - as if they don't suffer enough...
Re: (Score:2)
Updates bugfixes.
Re: (Score:2)
There should be a "not equal" sign in the middle. Bad Slashdot! Bad!
Re: (Score:2)
I'm usually on the side of commercial software houses in discussions on this site, but in this case I'm thinking adobe is a bit of an ass. And as far as any company goes, I'd love to see them come into court saying that their software has no "fitness for a particular purpose" after spending tens of thousands of dollars trying to convince
Re: (Score:2)
If you provide a defective product in the marketplace, you can be held accountable regardless of any shrinkwrap text you provide with it. It is still subject to law with regard to the sale of goods (and/or services).
Re: (Score:2)
That "old version" was the current version less than 2 months ago. I shelled out the money for my daughter to have a full legal copy of PS5 and now the only way to get the bug fix is to shell out more money for the latest version. My kids just got taught a great lesson by Adobe on why people pirate their products. I say BULLSHIT on this policy by Adobe.
Re: (Score:2)
No kidding.. I'm still using CS3, and I've never run into a virus/exploit for it. It's a 700-2500$ program... there can't possibly be as many people with CS as MS Office, outlook, firefox, or a dozen other programs that have holes discovered all the time.
Re:Nobody is going to exploit this. (Score:4, Insightful)
They used to do that but it's rare now.
These days all that saying you have never run into a virus or exploit means for many people is that they are silently pwned.
Re:A non story (Score:4, Informative)
Re:obvious.... (Score:4, Insightful)
In a way, it is obvious...
if old version has a problem
and new version doesn't have (this particular) problem
then solution = buy the new version.
If it was the current release that was buggy, I would say they should put developers on a fix... If it is a flaw in an older version, that doesn't exist in the new version, then telling the customers to buy the current version is perfectly acceptable.
If they were already in development on the new version when they found out about a flaw in the current version... then its a decision about how much developer time it will cost to create a fix for the old (current) version and whether that time could be put to better use working on the new version. I deal with those kind of questions all the time at work myself. They are not easy.
Re:obvious.... (Score:5, Insightful)
Re:obvious.... (Score:5, Insightful)
Look at the release date of Adobe CS6. It was released on the 7th of May, basically just a few days ago. Now look at when the bug apparently reported to them [protekresearchlab.com] - back in September of last year! It looks very much like Adobe have delayed fixing a serious security vulnerability until they could get away with charging users for the fix.
Re: (Score:3)
It's also a matter of time...
CS5 was released in 2010, followed by CS5.5 in 2011. CS6 was just released in April.
So to say the solution for a owner of Adobe's CS suites (which can run over a thousand dollars) is to upgrade to a newer version is kind of ridiculous.
Say you just bought CS5.5 in February. Now you have to pay $550 to make your software safe? Or let's say you bought CS5 Master Collection back in March 2011.
You now have to pay over $1,000 to upgrade a 14 month old program.
SERIOUSLY
Adobe please po