FORUMS: list search recent posts

adobe's history of its dismal systems security

COW Forums : Adobe Creative Cloud Debate

<< PREVIOUS   •   VIEW ALL   •   PRINT   •   NEXT >>
Ricardo Marty
adobe's history of its dismal systems security
on Oct 8, 2013 at 6:40:03 pm

http://money.cnn.com/2013/10/08/technology/security/adobe-security/index.ht...

ricardo
p.s. just to mention that last week adobes system manager sold 27k of his stocks.


Return to posts index

Chris Pettit
Re: adobe's history of its dismal systems security
on Oct 8, 2013 at 8:10:27 pm

Yeah, saw this earlier today. Wow. As someone else said, makes me wonder if Steve Jobs was right about Flash (I sure didn't think so at the time).

I'm particularly alarmed by this segment:

Adobe's chief security officer Brad Arkin revealed that, as part of the attack, hackers managed to steal source code for Adobe Acrobat, ColdFusion, ColdFusion Builder and other Adobe products. That essentially gives the hackers blueprints to find further weaknesses -- and exploit them, several security experts noted. It heightens the danger for anyone using Adobe products.

I's also be interested in what "other Adobe products" means.

http://www.digitalskye.net


Return to posts index

David Mathis
Re: adobe's history of its dismal systems security
on Oct 8, 2013 at 8:25:25 pm

Very alarming report and given the history of Adobe time to look for another option.


Return to posts index


Chris Pettit
Re: adobe's history of its dismal systems security
on Oct 8, 2013 at 8:43:49 pm

While I continue to keep my eye on other options long run, I much prefer to stay with CS6 for now and pray that Adobe fixes this entire godawful mess.

I would prefer that they come to a new understanding of reality, acknowledge somehow that they may have rushed into this whole thing too fast (hard to do, somebody would have to get fired first I imagine), fix security, and offer some kind of options for those of us who prefer to be more cautious in our businesses instead of leaping suddenly into untested waters. Many of us are in no hurry to suddenly join cloud "anything" but still very much want to pay to use Adobe products. What about us?

I really would like to get back to where I was only ONE YEAR ago: happily using Adobe products and advocating for their use. Aaaahhh... the good old days eh? Before Adobe decided push themselves and everyone else over a cliff.


Return to posts index

Andrew Kimery
Re: adobe's history of its dismal systems security
on Oct 8, 2013 at 10:46:49 pm

[Chris Pettit] "I really would like to get back to where I was only ONE YEAR ago: happily using Adobe products and advocating for their use. Aaaahhh... the good old days eh? Before Adobe decided push themselves and everyone else over a cliff."

Security problems with things like Acrobat and Flash having been ongoing battles for years so I don't think winding back the clock a year changes all that much. The big difference between now and then is that now Adobe is under a big, loud microscope because of the subscription backlash.

Honestly I'm significantly less worried about my NLE being used as a backdoor into my machine than my web browser, browser plugin, operating system or via a ubiquitous program like Acrobat Reader. Hell, recently there was a news story about a kid that remotely got into people's computers and, if they were female, secretly took pictures of them via the built in web camera (he was eventually busted by the FBI). This guy wasn't even a hacker, he just read up on vulnerabilities and used pre-made programs and/or scripts to pull it off.

Maybe the extra pressure from the subscription backlash will force Adobe into really getting on top of its game, but this is pretty much the same company everyone loved a year ago before CC knocked off the rose colored glasses. ;)




Return to posts index

Chris Pettit
Re: adobe's history of its dismal systems security
on Oct 8, 2013 at 11:51:28 pm

[Andrew Kimery] " this is pretty much the same company everyone loved a year ago before CC knocked off the rose colored glasses. ;)"

Yes, but now they want to facilitate major application updates to my computer more frequently with more risk, numerous times a year. If it was a problem before, the "always current" model has the potential to make it worse.... On top of all the other reasons CC made my rose colored glasses shatter.


Return to posts index


Andrew Kimery
Re: adobe's history of its dismal systems security
on Oct 9, 2013 at 12:02:49 am

[Chris Pettit] "Yes, but now they want to facilitate major application updates to my computer more frequently with more risk, numerous times a year. If it was a problem before, the "always current" model has the potential to make it worse.... On top of all the other reasons CC made my rose colored glasses shatter."

You don't have to update the software though. Even though the updates came out fast and furious I didn't update right off the bat. I waited, like I always do, for other people to kick the tires and stumble upon any bugs.

I ended up canceling CC after the 1yr discount ended though as it doesn't offer the value I'm looking for right now.




Return to posts index

Chris Pettit
Re: adobe's history of its dismal systems security
on Oct 9, 2013 at 3:25:23 am

[Andrew Kimery] "You don't have to update the software though."

Got ya. But if you don't regularly update the applications, what remaining argument is there for mandatory subscriptions (beyond previous discussions of magic cloud solutions in the future)? Why not just wait for big groups of updates all at once (PL or some hybrid version) and reduce the risk and headache?

EX: I want Cineware. It was supposed to be part of what we all assumed was going to be CS7, but became only available through CC. It has already been updated since the June release as I understand it. If I was subscribing monthly to CC why in the world would I not update Cineware? If I believed in the process, than I would take advantage of the process. If I don't, well, then I don't... I frankly dont get the logic: sign on to CC so you can get the updates rapidly, but if you have concerns about rapid updates, continue to pay subscriptions but DON'T update the apps...

I either want to the regular updates all the time, or forced CC simply makes no sense.

I'm of the "makes no sense" variety


Return to posts index

Andrew Kimery
Re: adobe's history of its dismal systems security
on Oct 9, 2013 at 3:56:23 am

[Chris Pettit] "Got ya. But if you don't regularly update the applications, what remaining argument is there for mandatory subscriptions (beyond previous discussions of magic cloud solutions in the future)? Why not just wait for big groups of updates all at once (PL or some hybrid version) and reduce the risk and headache?"

Which is a big reason I didn't re-up my CC subscription. Granted, I liked the fast updates (and I would usually update a few weeks after one would come out just to make sure there were no surprises) but I still wanted more unique services for my subscription payments. Behance and the cloud storage is nice but I felt like there just wasn't enough to differentiate the subscription model from the perpetual license model.




Return to posts index

Chris Pettit
Re: adobe's history of its dismal systems security
on Oct 9, 2013 at 4:03:09 am

Once again we find ourselves at roughly the same conclusion Andrew. Thanks again for your input and your candor


Return to posts index

Andrew Kimery
Re: adobe's history of its dismal systems security
on Oct 10, 2013 at 9:29:37 am

Thank you. Your's too, Chris.




Return to posts index

Oliver Peters
Re: adobe's history of its dismal systems security
on Oct 9, 2013 at 2:02:49 pm

[Chris Pettit] " I much prefer to stay with CS6 for now and pray that Adobe fixes this entire godawful mess."

So you are going to decline or disable all Adobe CS6 updates, too?

- Oliver

Oliver Peters Post Production Services, LLC
Orlando, FL
http://www.oliverpeters.com


Return to posts index

Chris Pettit
Re: adobe's history of its dismal systems security
on Oct 9, 2013 at 2:51:17 pm

I think I've been pretty clear about risk and INCREASED risk. I really don't know how I could make it any clearer. Does my reservations about constant updates mean I will never allow an update again in my life?

Of course not.


Return to posts index

Oliver Peters
Re: adobe's history of its dismal systems security
on Oct 9, 2013 at 3:02:37 pm

There are really two risks being discussed and they are not the same. The first is malicious code via software. The other is transactional theft of personal info, such as credit cards. There's nothing about Cloud that makes the first situation any more are less risky than any other method. Staying connected to the Cloud with active on-file account info does make the Cloud more risky in the second circumstance.

If your concern is whether Adobe as a company can or cannot be relied upon to safeguard either condition, then CS6 isn't inherently a safer bet than CC. If Adobe is the issue for you, then the most prudent approach is to never use any of their software.

I think in the end, the risk is having online account information and staying connected (or not) to the internet. A lot of companies - for valid reasons - keep their machines "frozen" and disconnected precisely as a way to mitigate those risks. That's a completely viable solution, although more inconvenient than most users want to deal with.

- Oliver

Oliver Peters Post Production Services, LLC
Orlando, FL
http://www.oliverpeters.com


Return to posts index

Chris Pettit
Re: adobe's history of its dismal systems security
on Oct 9, 2013 at 11:25:18 pm

[Oliver Peters] "There's nothing about Cloud that makes the first situation any more are less risky than any other method. "

I get your point I guess. But how do lots more updates, sent more frequently not add up to more risk than updates installed every year or so?

I don't buy the whole "get updates right away" argument for other reasons, but how does security not add to those issues in light of Adobe's carefully parsed language regarding Cold Fusion?

Every time I install updates to software, I keep my fingers crossed that it wont create conflicts, break other software, fail to install correctly or fail to work as advertised. That kind of thing has happened to me even with Adobe software (the conflicts between CS3 and CS4 were horrific, at least on my machine.

Wether it's security or anything else, the rapid updates argument has me at least asking tough questions. Adobe is asking us to simply "trust them" in this regard. Well, that trust just took a bit of a plunge southward.


Return to posts index

Dave LaRonde
Re: adobe's history of its dismal systems security
on Oct 8, 2013 at 11:35:07 pm

‘In a blog post, Adobe's [security chief Brad] Arkin refuted that notion, saying the company is "not aware of any specific increased risk to customers as a result of this incident."’

Apparently there were several incidents that the gent was not aware of, going back quite a number of years.

Now, there's a confidence-builder.

Dave LaRonde
Former Sr. Promotion Producer
KCRG-TV (ABC) Cedar Rapids, IA


Return to posts index

<< PREVIOUS   •   VIEW ALL   •   PRINT   •   NEXT >>
© 2017 CreativeCOW.net All Rights Reserved
[TOP]