
"Adobe has released Adobe Photoshop CS6, which addresses these vulnerabilities" - sirn
http://www.adobe.com/support/security/bulletins/apsb12-11.html
======
Smerity
If a car company sells you a car engine that bursts into flames, they're still
held liable for damages. They can't just say "Uhmm... The engine may burst
into flames, you should buy our next model".

The fact that Adobe can get away with this amazes me! With the theoretical
engine problem you need to recall/repair each and every engine individually.
With software, once you've developed the patch you can distribute it at next
to no cost. There's no excuse for this.

Why can software engineers and companies get away with such horrendous
practices?

~~~
doc4t
Please stop comparing software with real world objects.

While popular the comparison between cars and computer programs are not well
chosen. Actually comparing software to any physical object is point-less.
These two only have anything in common on the surface.

If you were to make software require the rigorous testing that physical
products like cars undergo you would likely never be able to ship anything. If
you did the customer would not be willing to pay the price.

Software is infinitely more complex than even space shuttles. The number of
possible combinations which you program can traverse is so big it doesn't make
any sense.

You could of course start proving mathematically that your software will
always behave correctly. This would require you to use a language which
facilitates such a method like erlang. No more web development in PHP, Ruby,
JavaScript or anything else which relies on probabilistic garbage collection.

I guarantee you that once you spend the money having your code proven your
costs are so high that no one will buy your software. In stead they'll turn to
the competitor who wrote it in VB and accept their EULA and live with any
errors.

The nature of software is not the same as of physical objects. You can either
accept this and plan accordingly or you can betray yourself and keep getting
angry about bugs.

~~~
krschultz
"Software is infinitely more complex than even space shuttles"

Hardly.

I write software for fun, everything from low level drivers up the stack to
web apps. My job is engineering mechanical systems more complex than the space
shuttle - and with more lives at stake.

The two are not even remotely comparable.

~~~
Nrsolis
There was actually a great story of the Space Shuttle software engineering
team and their development practices. Generally speaking, they wrote code with
zero bugs. Like...NONE. For 25 years.

They did it with an almost insane level of attention to detail.

<http://www.fastcompany.com/magazine/06/writestuff.html>

So it certainly is possible to do.

~~~
clebio
Thanks for that link. I really like krschultz's parent comment and your follow
up. Does anyone know how to get a single-page view of that article, though?

~~~
Nrsolis
<http://www.fastcompany.com/node/28121/print>

------
earnubs
Those of you who are surprised must not be actual Adobe customers. Only when
you've been through the process of handing of thousands of pounds for their
software will you realise how awful a company they actually are.

It's a more of a subjugation than a transaction, like a sacrifice to a cruel
god, the cherry on the cake is you have to actually wait until a person
"approves" your purchase/sacrifice.

~~~
skeletonjelly
Nobody has ever put it so succinctly like this. I feel like this should be the
byline of a widely read article on this disaster. Bravo.

------
ChrisLTD
Given the enormous cost of Adobe software, you'd think they could afford to
support their previous major release version with patches. CS5.5 is only a
year old, and was not a free upgrade from CS5.

Other commenters here are right. Microsoft does the right thing by supporting
old OS's with patches years after the new versions have been released. That's
the kind of support you deserve when you pay a premium price for software.
These aren't $2 app store diversions made by an indie developer.

~~~
shinratdr
> These aren't $2 app store diversions made by an indie developer.

That's kind of an insult to smaller devs, who by and large offer excellent
service and typically provide multiple free content updates. I paid $2.99 for
Plants Vs Zombies and it has been updated more times than I can count.

~~~
skeletonjelly
It's not so much an insult as it is a testament to the current state of
customer service between indie devs and a megacorp like Adobe. I don't like
the comparison though, if a $2 product doesn't get fixed, people won't buy it
en masse (or recommend it), Adobe has an insane market position. People will
buy their product. Watch Adobe not go out of business as people purchase CS6.
Having said that I'm not sure how people can vote with their wallets when
Adobe pull shit like this (security patch via purchased update).

~~~
chii
"I'm not sure how people can vote with their wallets when Adobe pull shit like
this"

please name another suite of software that can compete with adobe's creative
suite.

They have a defacto monopoly on professional publishing software. This is why.

~~~
skeletonjelly
Totally agree. That was the point I was trying to make.

------
danilocampos
That's some brass fucking balls, right there. Break working software, demand
users pay for the fix.

Photoshop, I mourn for thee.

~~~
TazeTSchnitzel
>"This upgrade addresses critical vulnerabilities in the software."

Not only broken, broken with "critical vulnerabilities." They have no shame,
do they?

~~~
valisystem
Only engineers would be really ashame of that, and I often wonder if there is
some left at adobe.

------
JoachimSchipper
Looking at the timeline from
[http://www.protekresearchlab.com/index.php?option=com_conten...](http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=40&Itemid=40),

    
    
        2011-09-20  Vulnerability reported to Adobe
        2012-03-20  Publication of this advisory
                    (180 days after reporting to the vendor)
    

Adobe may have been blindsided, thinking that they'd "get around to fixing
that one of those years".

That said, there is even a proof of concept available (see bottom of linked
page), so this is rather serious.

~~~
rsynnott
Well, Adobe had to wait til they had the new version out for people to upgrade
to.

~~~
exDM69
Or they could have pushed a minor security upgrade that fixes this bug. For
free. It's probably a simple buffer overflow bug and can be fixed with a
change to only a few lines of code. After the problem has been identified, it
takes roughly 10 minutes of coding to fix the issue and perhaps a day or two
for regular testing and distribution processes.

------
nkurz
Does anyone with legal knowledge know how a class action suit would play out
here?

I own a copy of CS5.5 that was purchased 5 months ago. I'm already frustrated
at the cost of the CS6 upgrade. Now Adobe is _publicizing_ a critical
vulnerability in their software for which the solution is me paying them for
that upgrade.

This feels a lot like extortion: "Sure would be a shame if someone followed
our explicit directions and sent you a TIF file that took over your computer.
Have you considered buying some protection?"

Does one need to wait for the threat to be carried out before one has a claim,
or is the veiled threat itself illegal?

~~~
JoachimSchipper
Adobe links to an advisory; _they_ are not the one releasing proof-of-concept
code.

~~~
nkurz
I agree that there is a difference, but I'm not sure that the courts do.
Consider what Adobe's interpretation would be if someone was merely linking to
a torrent of their software, rather than directly publishing it. Then consider
that in this case their negligence yields them financial gain.

I don't know what the legal standard is in this case --- my question is
genuine. But I do know that I consider Adobe's stance reprehensible, and as an
affected party I would willing to be the lead plaintiff in a class action suit
if a qualified attorney would like to take this on.

My contact information is in my profile.

------
bobsy
I don't understand.

I have Photoshop CS5. I didn't event know there was a vulnerability in it. So,
after all I paid for this, there is a vulnerability which lets an attacker
take control of my system... and they aren't fixing it?

Seriously... what... the... fuck. I'm never buying an Adobe product again.

~~~
quink
> I'm never buying an Adobe product again.

So, you pirate it instead. Adobe will still win out, since you'll still keep
using Photoshop and are still bound to their toolkit. You'll put it on your
resume, you'll be employed by a company that buys it and has to buy it
legitimately. You're not punishing Adobe unless you create a genuine
replacement for the toolbox of Illustrator, Fireworks, InDesign and Photoshop
and are putting those on your resume, unless you're versatile with those more
open-source tools, whenever they should exist.

~~~
protolif
Is Pixelmator not a decent alternative to Photoshop? What about the GIMP? I
haven't installed Photoshop in years, but then again, I'm a developer, not a
designer.

~~~
xinsight
I've tries using pixelmator as an alternative to photoshop. The main problems:
No layer effects, no pattern fill, no paths. Good for simple stuff though.

------
pilif
Under details they state

> Adobe released a security upgrade for Adobe Photoshop CS5.5 and earlier for
> Windows and Macintosh. This upgrade addresses vulnerabilities that could
> allow an attacker who successfully exploits these vulnerabilities to take
> control of the affected system.

so what is it now? Still - even using security fixes as a vehicle to push
people into upgrading is a bit crazy considering that the new version has just
come out. Not even volunteer-supported software stops supporting the previous
version the moment the new one comes out.

~~~
ralfd
I also wondered about that phrase till it dawned on me:

The released security upgrade (not "update") for Adobe Photoshop CS5.5 is …
wait for it … Adobe Photoshop CS6!

~~~
sil3ntmac
Wow, I fell for that too! Double-speak insanity. Thanks for catching that.

------
mwill
It took me a while to fully understand this bulletin because the idea that
Adobes suggested solution to a security vulnerability is to sell you CS6 was
so foreign it didn't seem possible. It looks like CS6 is a $199 upgrade.

I've had "Make stuff in Flash" sitting on my todo list for a while now, I'm
officially ready to strike it from the list of things I'd like to learn, if
this is Adobe's corporate attitude.

~~~
larrik
Flash is dead. They've dropped it from Linux and Android, etc.

Now is not the time to learn it.

~~~
mwill
To clarify, I wanted to submit to portal sites like newgrounds and kongregate,
just for fun. Nothing commercial, just a bit of fun with some well established
communities. But I don't see myself looking into it at all now.

~~~
ryanac
If you want to do cartoon animation, look into ToonBoom. If you want to make
games, you don't need to buy Flash, look into FlashDevelop and some AS3 game
frameworks, etc.

This is coming from a guy who's been using Flash for years and every day at
work. Adobe is really mishandling a lot of things at this point and in my mind
the future of Flash is questionable at best.

Thankfully there are better options for what you're looking to do. :)

~~~
dclowd9901
I'd go a step further and recommend looking into HTML5/Canvas and the
frameworks that are starting to go up for that platform.

~~~
wtracy
I just realized that Haxe might fit the bill, with support for both Flash and
HTML5: <http://haxe.org/>

------
remotesynth
I have sent some emails internally at Adobe to clarify the message here and
hopefully this will be addressed soon. The bulletin notes a security update to
CS5.5 and earlier versions as well as this issue being resolved in CS6. I
suspect that it is really a matter of poor wording within the bulletin but, as
this isn't my area of expertise within the company, I am trying to confirm.

~~~
skeletonjelly
Please keep us updated! It's possible Adobe may have just alienated any of
what remains of their remaining paying users. An exaggeration I know but who
knows the extent.

Edit: I see that you posted another comment below
<http://news.ycombinator.com/item?id=3955220>

------
danieldk
One would guess that this is done by Adobe to push paying customers to use the
new subscription program:

[http://www.adobe.com/products/photoshop/buying-guide-
subscri...](http://www.adobe.com/products/photoshop/buying-guide-
subscriptions.html)

The marketing ploy will probably be that with a subscription you will always
have the latest, secure, version.

------
nailer
Microsoft famously did this on a _much higher level_ with their Exchange
product. Not affecting individual users, but entire companies.

Exchange Server 5.0 was released without any relay control. Every Exchange 5.0
box would happily send all the porn spam anyone wanted to spend, with
Microsoft customers paying for it with their bandwidth bill.

The 'fix' was to purchase Exchange 5.5.

~~~
Dylan16807
A missing feature, even an important one, is part of the initial purchase
consideration. It's not comparable to a severe defect found months after
purchase.

~~~
nailer
I don't understand. Do you think relay control is a feature? Is a product
advertised as a standalone mail usable without it?

~~~
Dylan16807
I'm looking at it in terms of a 5.0 product. Unless they secretly removed the
feature from that version (I'm assuming not but please tell me if I'm wrong),
then anyone buying it knew what to expect.

In terms of car analogies, one that 'bursts into flames' needs a recall, but
one that tends to overheat in the worst days of summer, in a product line
that's always done that, is a fair deal.

------
odddogmedia
Adobe has a new marketing strategy! This must have come straight from the
sales team... after a wild night of drunken fun in Vegas.

You just can't make this stuff up! True creativity right there.

~~~
Luyt
Don't forget that the majority of people see computers as tools or vehicles,
and just like you have to fill your gas tank from time to time with expensive
gas, they think it's perfectly normal to pay for software regularly, even when
it doesn't offer new features. Just keeping it going costs money. That the
upgrade from CS5.5 to CS6 is a 'Critical security vulnerability fix' is a
detail most users won't even notice.

~~~
draven
That's just like saying you should pay for car repairs when a faulty design of
the cruise control made you loose control of it and crash into something.

~~~
jodrellblank
If it's your car and that's the only way to get the cruise control fixed, then
you probably _should_.

------
beatpanda
So, is someone going to do a startup to obliterate Adobe's print and graphics
production monopoly, or what?

~~~
rplnt
You can take Gimp, fix it up, brand it, and sell.

~~~
gaius
"Fix it up" includes adding 16-bit-per-channel colour, something that
photographers have been crying out for that the GIMP team hasn't managed in 15
years of trying.

[http://en.wikipedia.org/wiki/Color_depth#Deep_color_.2830.2F...](http://en.wikipedia.org/wiki/Color_depth#Deep_color_.2830.2F36.2F48-bit.29)

~~~
exDM69
More than 8bpp color depth is available in GIMP and has been so for a while
now if you use the development version. GIMP was a little late to the game,
but the issue has been fixed.

Also: your comment was arrogant and impolite towards the GIMP team.

~~~
epo
Having to use the development version with it's collection of unknown bugs and
misfeatures is not, in any meaningful sense, being available.

~~~
exDM69
Sometimes you just need a feature before it's available in a released version.
You can either go get the dev version or bitch about it. I tend to do the
former.

In fact, I use quite a lot of software from their development repositories,
e.g. GCC and Blender. It is a very rare occasion that I come by a bug as most
open source projects have sane version management practices and branching
processes.

------
fruchtose
At Adobe, an engineering code of ethics only matters when your manager wants
it to.

------
remotesynth
I've looked into this internally and here is the official response from the
security team:

While Adobe did resolve the vulnerabilities addressed in the security bulletin
you are referencing below (APSB12-11) in the Adobe Photoshop CS6 major
release, no dot release was scheduled or released for Adobe Photoshop CS5 or
CS5.5. In looking at all aspects, including the vulnerabilities themselves and
the threat landscape, the team did not believe the real-world risk to
customers warranted an out-of-band release for the CS5 and CS5.5 versions to
resolve these issues. The security bulletin for Photoshop is rated as a
Priority 3 update, indicating that it is a product that has historically not
been a target for attackers, and in this case we are not aware of any exploits
targeting any of the issues fixed. Installation of the upgrade is therefore at
the user’s/administrator’s discretion.

~~~
mkopinsky
_Installation of the upgrade is therefore at the user’s/administrator’s
discretion._

If this is purely because it's not high enough priority to justify pushing a
new release, they should provide an optional download link for security
conscious users. Is there such a link? Sounds from the linked page that there
isn't and that the only option is to shell out cash.

------
Heliosmaster
Great, Linux is not affected at all by the vulnerability! Oh wait...

------
antimora
I don't understand what kind of a best practice could be applied in this case?

Here is the quote from the doc:

    
    
      Adobe recommends users follow security 
      best practices and exercise caution when 
      opening files from unknown or untrusted sources.

~~~
wazoox
Open the files with the GIMP only, and export to some other format.

~~~
wtracy
Scarily enough, that actually sounds like a decent idea.

------
purephase
I'm not surprised. One of my favourite anecdotes is either Warnock or Geschke
giving a keynote in which the audience was asked the following question:

What business am I in?

Naturally, being an industry conference the consensus was they were in the
software/technology business.

Wrong on all counts. The correct answer was:

The business of making money.

And, each time, their actions speak to that goal.

------
ralphsaunders
It's just unbelievable, really. Can you imagine the outrage if Microsoft did
this with Word?

~~~
TazeTSchnitzel
They might have until around 2001(/2002?) when they got serious about
security, to be fair.

~~~
yuhong
[http://technet.microsoft.com/en-
us/security/bulletin/MS99-04...](http://technet.microsoft.com/en-
us/security/bulletin/MS99-044)

~~~
TazeTSchnitzel
Huh. Guess I was wrong, then.

------
captain_mars
On reading that paragraph, my instinctive reaction was that they (Adobe) got
to be kidding. But no, they are completely serious.

------
sirn
It's also worth noting that there's no Photoshop CS5.5, only Photoshop CS5.1
(which comes bundled with Adobe CS5.5).

------
DomBlack
This is completely stupid, what ever the fix is;

Why can the not just take the patch file from the commit which fixed the flaw,
apply it against previous versions of Photoshop and release a upgrade for all
versions instead of making people charge for it.

A better bit of advice would be "Do not use TIF files unless you have brought
CS6"

~~~
anigbrowl
Adobe's internal culture is all about denying the existence of problems.
Alpha/beta testing for them is...challenging.

~~~
philjohn
Adobe certainly do beta test, they just get their paying customers to do it
for them.

------
lnanek
It's a tough call for the company. They don't make money on old versions of
Photoshop, they make money on selling the current version. Engineers may have
long since all been assigned to working on the current version or later, or
even switched companies. So if the fix required significant work you'd have to
make some current product schedule slip to go fix an old product used by
people who haven't bought the latest version and may never buy again. Do you
put your resources into supporting your current and future buyers or put your
resources into supporting old buyers who haven't upgraded and may not, just on
the off chance it helps your reputation, and you get more buyers in
general...it's an extra step of indirection that may lose the internal support
to redirect the resources to fix the problem.

~~~
SquareWheel
And yet, it makes me lose immense trust in their company. Why should I buy the
current version if I'll just have to update from a security exploit in one or
two years?

~~~
chii
If the software is making you profit, it makes sense to buy.

If the software isn't then why are you paying money for it in the first place?

A software company survives on selling licenses, and although I understand the
moral implications of selling a security update like this, I think they are
justified if the fix costs a lot of resources.

------
r3demon
Photoshop cost so much it should be supported for centuries

------
xutopia
I could not install some version of Photoshop on my machine because some old
Adobe software was still installed on my machine.

The Adobe person I chatted with told me I had to reinstall my entire OS to
install their software.

~~~
unreal37
There are "adobe cleanup" programs on site like The Pirate Bay. I hear.

~~~
Michiel
Actually, the Adobe Creative Suite Cleaner Tool can be downloaded from
adobe.com:

<http://www.adobe.com/support/contact/cscleanertool.html>

From the page:

"The Adobe Creative Suite Cleaner Tool helps resolve installation problems for
Adobe Creative Suite 6, Adobe Creative Cloud, Adobe Creative Suite 5 - 5.5,
Adobe Creative Suite 4, and Adobe Creative Suite 3 software. The tool can
clean up install records for any pre-release (beta) installations of these
Creative Suite products. The Adobe Creative Suite Cleaner Tool is designed to
not interfere with existing installations of previous versions of Adobe
Creative Suite products; it does, however, allow you to remove them as well,
if you so choose to."

~~~
jeltz
Yeah, that tool worked just fine when I had to use it. So the Adobe person you
asked did not know his stuff.

------
Gabler
If this attitude from Adobe continues maybe there will be a larger drive
toward open-source alternatives to Photoshop _crosses poor student fingers_

~~~
jackolas
hahaha. Next you'll be saying the programmers that did this will unionize.

------
vinayan3
They have been lazy in essence. They decided not to backport the fix because
it is too hard or it didn't fit in the schedule to ship CS6 out of the door.

------
wtdominey
The copy writing in that tech note is so disingenuous it makes my head spin.

------
Karunamon
Wow. And people wonder why software is pirated.

------
tar
Just one more reason to use and contribute to Inkscape and the Gimp.

------
pasbesoin
Having paid for 5.5 just a year ago (and having gone through the hell of Adobe
Support to get things working), I now fully and sincerely say FUCK YOU to
Adobe and related parties. Anything and everything I can do to (legally)
promote your downfall, I will. You FULLY deserve your AWFUL reputation. Die
and burn in hell.

I know HN is not the place for outbursts. But I have seldom had a worse
customer experience. I'm sure some good people work there. My advice would be:
Get out!

------
GR8K
They also announced the same thing with Illustrator CS5.5 & Flash CS5.5 same
day. Critical vulnerabilities. No free patches. Gotta buy CS6 versions.

Illustrator CS5.5
[http://www.adobe.com/support/security/bulletins/apsb12-10.ht...](http://www.adobe.com/support/security/bulletins/apsb12-10.html)

Flash Pro CS5.5
[http://www.adobe.com/support/security/bulletins/apsb12-12.ht...](http://www.adobe.com/support/security/bulletins/apsb12-12.html)

------
trotsky
I'd be surprised if this ends up being exploited - from a practical
perspective it'd be extremely high effort for comparatively little reward.
Both platforms are ASLR now + no bundled scripting ability in tiff + manual
work flow (ie you can't feed it to an automated process 10,000 times in a row)
+ low install rate (compared to say, flash or qt).

Hell, at least Adobe doesn't charge you for a support contract just to let you
read the CVE with WONTFIX :D

~~~
unreal37
This vulnerability hasn't been seen in the wild they say. And yes, the
likelihood of someone opening a TIFF file they received by email in Photoshop
is low. A lot of work to create this virus for very little payoff. The people
who open email attachments are not the same people that have Photoshop
installed. And in this case, you'd probably need to save it to disk and
specifically open in Photoshop since most people won't have TIFF associated
with PS automatically.

It's a tough call to fix for every possible version of Photoshop affected when
the likelihood of it even happening is very very low.

------
ddfall
It would appear that Adobe think that Photoshop is a target for attackers as
the company says that it does not believe that "the real-world risk to
customers warranted an out-of-band release to resolve these issues" - see
here: [http://www.h-online.com/security/news/item/Adobe-
Photoshop-i...](http://www.h-online.com/security/news/item/Adobe-Photoshop-is-
not-a-target-for-attackers-1572717.html)

------
farslan
Another reason to support and use opensource software whenever it is possible.
Thus even if the software doesn't provide any update you can easily fix and
close the security hole. Adobe did the same for 64bit flash player in the
past. They did update the 32bit flash player on Linux, but the 64bit one just
waited ~1-1.5 year for an update.

------
mahmud
Can't someone make a binary patch for it? Any enterprising reversers wanna
take this up? Charge 5-15% of the cost of CS6 even.

~~~
quadhome
That sounds like a TOS violation.

~~~
pbhjpbhj
You'd have to be a customer for that to apply though wouldnt you?

Would US fair use cover creating a fix? Or you could just a friend's copy.

------
pepijndevos
Anyone knows what happens when you open the POC[1]? I read most of them try to
open calculator(on Windows). What is the equivalent on Mac, or is it a
windows-only POC? :P

[1]: <http://www.protekresearchlab.com/exploits/PRL-2012-07.tif>

~~~
trotsky
Only took a quick look at it, but I can't see any NOP sleds - and you'd
probably need more room to reliably spray the heap anyway. My guess is that it
isn't weaponized at all - it'd just cause memory corruption (but I don't have
PS).

------
splatcollision
Definitely a good reason to switch to a web application, especially if all you
need to do is create and design HTML documents.

Edit Room is coming soon (my product), and we won't have to suffer from our
tools much longer.

------
btown
Wow. I don't even. Not that I advocate hacking, but it would be righteously
ironic if some of Adobe's employees hadn't upgraded to CS6 yet, and someone
broke into their systems using this vulnerability.

------
justindocanto
They should be releasing an update for CS5 since it's still the products most
popular version, especially since it's 'So Critical'.

If they seriously stick with this gameplan of making people upgrade... Just,
wow.

------
justindocanto
I'm confused by this line: "Adobe is not aware of any attacks exploiting these
vulnerabilities against Adobe Photoshop."

Did they mean to say against Adobe Photoshop CS6?

~~~
sirn
It means Adobe is not aware of any attack exploiting these _in the wild_.
They're declaring this security bulletin a priority 3 which reads[1]:

> This update resolves vulnerabilities in a product that has historically not
> been a target for attackers. Adobe recommends administrators install the
> update at their discretion.

[1]: <http://www.adobe.com/support/security/severity_ratings.html>

~~~
justindocanto
Oh, as in they realize in theory it's vulnerable but they don't see
anybody/anything actually exploiting it. Got it. Thanks =)

------
12uu45dd
Shut down Adobe and place all the code in a public respository. That would be
the way to fix ALL vulnerabilties, once and for all.

------
PezCuckow
I can't believe they are allowed to do this...

~~~
pbhjpbhj
Are they allowed? Consumer protection laws in the UK suggest that up to a year
after purchase one may be able to get a full refund or a fixed product at the
customers choosing ... not sure why/if that differs for some reason with
digital products.

I'd guess most copies are bought by businesses whom such laws don't aid.

~~~
twomills
It probably isn't difficult to get around such laws in light of the fact that
you're actually purchasing a license to use the software and not in fact
buying the software. The license-purchase paradigm usually means the vendor
can do whatever they please, up to and including pulling the software right
off your machine should they feel like it. Examples of the aforementioned
include the kindle book scandal and sony pulling games out of their online
marketplace that people had already paid for.

------
brainless
Looking at this and past news from Adobe (Flash stuff for example), makes me
realize how good companies go bad and die.

------
VeryVito
I sincerely believe this violates current RICO laws. Adobe is truly engaging
in extortion and criminal enterprise now.

------
its_so_on
I don't know about customers, but I think this is a pretty fair relationship
Adobe has with pirates of its products.

Pirate. I'll just wait till someone breaks your CS5 copy protection. Then I'll
download and install your suite without paying you a dime.

Adobe. If CS5 lets anyone h4x0r you through a TIFF file we won't even fix it
with an update.

I'd say that's a pretty fair relationship.

Of course normally a company cares more about establishing a fair relationship
with its paying customers, but hey, up to them I guess. /s

~~~
mistermann
Sure, it may be a fair relationship with pirates, but should paying customers
have to suffer as a result?

~~~
its_so_on
I edited in an /s at the end :)

