Steve Jobs was right (yet again): Adobe has an epically abysmal security record

“Adobe’s massive security breach last week is just the latest in its long, troubled history with hackers,” Jose Pagliery reports for CNNMoney. “But cybersecurity experts warn the company’s security record is only going to get worse in the near future.”

“Nearly everyone with a computer has used Adobe software at some point, whether opening PDF files with Adobe Acrobat or watching a video on YouTube with Adobe’s Flash Player,” Pagliery reports. “But consumers likely aren’t fully aware how riddled with security flaws Adobe’s software is.”

“Former Apple CEO Steve Jobs in 2010 addressed the issue in an open letter rant about Adobe’s security, blaming the company’s Flash player for being ‘the number one reason Macs crash’ and citing Flash for having ‘one of the worst security records in 2009,'” Pagliery reports. “But Jobs didn’t go nearly far enough: Adobe’s security problems aren’t limited to Flash, and go far beyond just one bad year… Adobe’s Flash Player topped the Symantec’s annual list of vulnerable plug-in programs in 2012. Adobe’s Acrobat Reader took that spot in 2010. And in 2009, both programs tied for second place.”

Read more in the full article here.

MacDailyNews Take: Jobs certainly didn’t go nearly far enough. If we had our druthers, he’d have been here for at least another 56 years.

We miss you, Steve!

Related article:
Steve Jobs posts rare open letter: Thoughts on Flash – April 29, 2010

29 Comments

    1. ADOBE bought and KILLED FreeHand which was that lean & mean program that PRINT SHOPS LOVED. When it came to putting files through a RIP, to make the plates that allowed us to “put grease on dead trees,” Illustrator files were like a pig in a python…Choked the RIPS.
      Then Adobe bought and KILLED SuperPaint written in such tight code that it ran equally well on a Mac Plus running System 3.2 right through Mac towers running OS X…
      Alone has a long record of being the South-end of a North-bound mule!!!

      1. +20

        You nailed it, brutha. There were so many great things about Freehand that I scarcely know where to begin. Illustrator has yet to catch up to many intuitive features of Freehand. Sadly, as they say, history is written by the victors. Rather than examine what made Freehand so great, and have the company’s systems analysts work with programmers to adopt the best ideas. But instead, they summarily trashed Freehand. Ditto GoLive.

        Such is the hubris of Adobe.

        1. If you still have both programs running on a legacy machine, try this:
          Draw a 1pixel wide 3″ black circle with no fill. Save it. Check the file size. It’ll be something like 17k. Now draw the same thing in illustrator.
          You’ll have to flatten the image or the bloat will take over New York. Save the file. Now check the file size. Even with the extra step,the OBESE thing will be eligible FOR THE TV show “THE BIGGEST LOSER!” I did pre-press graphics. Can’t write a line of code, but knew something smelled of lard in those Adobe files…

        2. Having been a beta tester for GoLive over 4 versions, we were stunned that Adobe killed GL in favor of Dreamweaver. Granted GL didn’t write the leanest code, but it was far more intuitive with lots of better features that Adobe didn’t even bother to port. Brian you’re spot on about not even using the best aspects of the software they bought and trashed. The DW project mgrs weren’t even aware of them! We begged them not launch GL and study it before killing it. Couldnt het any interest. Such a stupid waste of an amazing asset and instead of combining the best of GL and DW, we have a version of DW that isn’t near the user friendly and productive app GL was. You can’t fix stupid.

  1. Adobe, Just hire Eric T Mole, he is an expert in security, just look at how Android is more secure than iPhone… well, that is not remotely correct but he know how to fool idiots and make them believe 😉
    May be he can do the same for you.

  2. It hasn’t been properly brought to the forefront exactly WHY Adobe’s servers were cracked and raided:

    It was specifically because the servers were using an out-of-date, security hole ridden version of Adobe’s own Coldfusion software. If only Adobe had updated THEIR OWN installation of ColdFusion on their servers, the crack and raid would NOT have happened.

    IOW: Adobe was too stupid to eat their own new and improved dog food. That’s idiotic in the extreme. Here is one of Brian Krebs’ source reports on this lunacy:

    http://krebsonsecurity.com/2013/10/adobe-to-announce-source-code-customer-data-breach/

    As noted in that story, the attackers appear to have initiated the intrusion into the NW3C using a set of attack tools that leveraged security vulnerabilities in Adobe’s ColdFusion Web application server.

    BTW: It’s advisable that anyone with an Adobe login account change their password ASAP.

  3. Flash definitely sucks.

    The govt of Japan created a digital textbook for use in the 5th & 6th grade English classes. I run it in Safari on my MB Air. On a page where THERE IS NO ANIMATION, NO VIDEO…. NOTHING at all happening Flash STILL keeps the processors busy! The windows peecees the school use often struggle with the flash causing slowness or mismatched audio & video.
    I can’t believe they wasted their time with flash instead better technologies!

    1. Actually, I chucked Reader off the Mac side of the MBAir coz of the intrusive updating. Preview opens all the pdfs I’ve seen in the last year or so. Unfortunately, one still needs Flash from time to time. So problem not solved until Flash dies.

  4. I was reading about the annoying Carl Icahn and thinking about how much I miss Steve, who would not have put up with Ichan’s shenanigans. I drifted into fantasy land imagining all the wondrous, amazing things Steve could accomplish if he were able to live to Carl Icahn’s age. I had the same thought when I watched Jeff Bezos boring interview recently on CNN. I asked the Heavens why they had to take our time’s Thomas Edison away so soon 🙁

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.