Adobe Reader X Quick Review

Background
Last week Adobe released a new version of Adobe Acrobat, version X.  This is a new version of the program that many of us use every day.  In the past people shied away from new versions of Acrobat reader because over the years the program had become bloated and slow.  However this new version offers important security benefits and speed improvements that make the upgrade worth it.

As many people know Adobe Reader has become one of the favorite attack vectors for hackers and malware over the past few years for a number of reasons including.

  1. The install base is huge! Most new PC’s come with it preinstalled, if not almost everyone needs a PDF viewer and Adobe’s is the most popular.
  2. Quarterly updates that Adobe releases are too slow and infrequent, Only if an exploit is really bad does Adobe decided to do an out of cycle update.  Even with these updates few people know that the program needs updated.  The automatic updates in version 9 have been better but still seem to fail most of the time.  Manual updating seems to be required.
  3. The ability to run things such as Javascript in a PDF exist and are on by default.  Just about everyone does not need this feature and it represents a large place to exploit.

The Good
Security
The biggest feature of version X is the introduction of a Sandbox.  A sandbox provides isolation  of the program from the operating system, to lessen the chance of security exploits.  Adobe does a great job in explaining all about the sandbox features in these two blog posts, Sandbox Post 1,  Sandbox Post 2, Sandbox Post 3, Sandbox Post 4.  This is such a big thing from a security angle that the SANS institute has recommended that everyone install Adobe Reader X to get this feature.  https://isc.sans.edu/diary.html?storyid=9976

Speed
Surprisingly this new version is faster than the old version 9.  It appears to be less bloated and quicker responding.

Other changes
I noticed the voice that will read text to you if you want seems to be more like a human.  The flow is greatly improved. The interface has been tweaked slightly to have more of a beveled edge, silver stainless steel look.  I like it.  Its nothing revolutionary but a nice, clean change.  The updater also now allows for you to set it to automatically download and install updates.  Hopefully this works well and allows the program to stay up to date without much user intervention.   I do hope Adobe changes their company policy and moves to a monthly update policy on the second Tuesday of the month, like Microsoft.  This will make the task of corporate administration much easier on the administrator.

The Bad
By default two security settings are on, when they should be disabled for increased security.  They pertain to features that a very, very small percentage of users actually use.  If for some reason you needed these someday you can easily turn them on, but for maximum security they should be off.  Adobe has even recommended doing this when the program has had problems in the past.  So to disable these settings go under EDIT—> Preferences —-> Then on the Left hand side choose JavaScript and then at the top of the page, uncheck the box that says “Enable Acrobat JavaScript”
The second option that needs changed is under this same menu.  Choose Trust Manager on the left hand side of the page, then at the top of the page uncheck the box that says “Allow Opening of non-PDF file attachments with external applications”

The other bad thing is that despite these new security features the very people you are trying to keep out are trying to take advantage of this new release to push their spamware most of it dubbed “Adobe Acrobat 2010” THIS IS FAKE and Malware, DO NOT INSTALL.  The SANS institute has a nice post about this as well, even with photos! https://isc.sans.edu/diary.html?storyid=9982

In conclusion when combined with the new security features and increased performance this seems like a great thing to have if you like the official client.  Here is a direct download for Windows ftp://ftp.adobe.com/pub/adobe/reader/win/10.x/10.0.0/en_US/AdbeRdr1000_en_US.exe

Tweak Windows 7

For those of you who used Tweak UI for the earlier version of Windows, here’s an application you’ll love that allows you to tweak most aspects of Windows Vista and 7.  It’s called Ultimate Windows Tweaker, and I found it to be very useful today while setting up a couple of Win 7 machines.

The 345KB application has a small footprint, and is contained entirely in the executable so no installation is necessary.  It also only displays options that pertain to the OS version your running it on.  Just fire it up, and over 150 customizable aspects of Windows are at your finger tips, no digging through countless steps to access them.

If you’re like me, and you want Windows to operate exactly as you want, not how Microsoft thinks you want it, you owe it to your self to download a copy and give it a try.

DOS Tips: Part 1

Back in May I started a series of posts about how to better take advantage of the Terminal in OS X, now months later without my MacBook Pro, I’ve resorted to DOS. I suppose it is only fair that DOS gets a series of its own.

[1] net user administrator /random
Who knew Windows XP had a random password generator built in? Just make sure and write it down, or else you’ll be in big trouble next time you try and login.

[2] label C: new drive name here
Sure you could just rename the volume from My Computer, but this is more fun. Swap out C: for whatever drive letter is attached to the volume you’d like to rename and you’re good to go.

[3] cls
Clears the screen. Simple, yet handy.

[4] dir
Displays a list of files in the current directory.

[5] rd directoryname
The RD command lets you remove entire directories, just replace the directoryname variable with the name of the directory you’d like to nuke and fire away.

RPC Server Unavailable

Recently my Uncle tried to update his new(ish) computer from Windows XP SP2 to Windows XP SP3, but he kept receiving the following error:

RPC Server Unavailable
Service Pack 3 installation did not complete

If you happen to run into this error, the most likely cause is that you don’t have the EnableRSS subkey in your registry. Naturally the first step is verifying this.

Click Start, click Run, type regedit, press Enter.

Locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

If the EnableRSS registry entry does not exist, create it.
– Click the Edit menu, point to New, and then click DWORD Value.
In the New Value #1 box, type EnableRSS, and then press ENTER.
Right-click EnableRSS, and then click Modify.
In the Value data box, type 0 (zero), and then click OK.

Exit Registry Editor.

Now retry the Service Pack 3 installtation.