I just sent out my weekly e-mail newsletter. In the Editor's Note I urge readers to follow <a href="http://www.desktoppipeline.com/news/169400582">Adobe's request</a> and patch their Adobe Reader because of a potential security problem. Things are getting pretty bad when the bad guys pervert familiar, trusted applications like the Reader to be delivery systems for malware. Poor Adobe, I thought, at least it's m

David DeJean, Contributor

August 23, 2005

3 Min Read

I try to practice what I preach and do a good deed, and what do I get for it? Abuse.

I just sent out my weekly e-mail newsletter. In the Editor's Note I urge readers to follow Adobe's request and patch their Adobe Reader because of a potential security problem. Things are getting pretty bad when the bad guys pervert familiar, trusted applications like the Reader to be delivery systems for malware. Poor Adobe, I thought, at least it's made a good effort, done the right thing by putting out the warning and making the patch available quickly.So then I tried to practice what I had preached. I went to the Adobe Web site and perused the options for fixing the problem. One was to upgrade to Version 7 of the Reader. Good, I thought, kill two birds with one stone. Get a version of the Reader that's both safer and more up-to-date.

I clicked on Install and almost immediately wished I hadn't as the dialog box announced it was preparing install some Photo Album Starter application on my PC. I don't want Photo Album Starter, thank you very much. I did not ask for Photo Album Starter. After a moment of hesitation -- would clicking Cancel mean I'd have to go through the whole 28-megabyte download again? -- I clicked. Fortunately, it merely killed the installation of the app I didn't want. After a brief pause while I closed all the open windows so the installation could update my browser, Adobe Reader was installed.

But when I reopened my browser, I found out why Adobe had wanted me to close it, and the reason wasn't good. The installation had added the Yahoo Toolbar to my browser, with the Adobe logo in a position of prominence at the extreme left.

Now, the Yahoo! toolbar is not evil malware. It doesn't hijack my identity or spew spam e-mail, at least as far as I know. It is merely adware, visual pollution, a little bit of useless ugliness, some virtual doggie doo on the virtual sidewalk of my computer screen.

Fortunately, Yahoo! plays by the rules. A short visit to Settings/Control Panel/Add-Remove Programs and the toolbar was history, scraped from my screen.

But the odor lingers on. Bad Adobe. Bad. What's the difference between an evil hacker who uses a weakness in your Reader application to install programs I don't want on my PC, and you using your Reader setup program to install programs I don't want on my PC?

Far less than you'd apparently like to think. You used your own misfortune, the vulnerability in the Reader, as an opportunity to abuse me, to sneak adware onto my PC. You didn't ask me if I wanted your Photo Album Starter whatever-it's-called. You didn't ask me if I wanted your branded version of the Yahoo! Toolbar. You should have. I've always thought very highly of Adobe. I think less highly of you today.

About the Author(s)

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights