Duff Johnson’s PDF Perspective

Taking a break from the trials and travails of PDF, I’m blogging from Antarctica today.  On board the Lindblad Endeavour, we are cruising around the Antarctica peninsula, stopping for icebergs, penguins (Emperor, Chinstrap, Gentoo, and Adele) and seals (Elephant, Fur, Weddell, Crabeater and Leopard).  As you can tell, getting out of the office is proving good for my knowledge of the natural world!

Even though I’m getting away from PDF, I can’t get away from email. Amazingly enough, the Endeavour possesses a satellite dish and for a modest (actually, not that modest) fee, my clients, partners, PDF buddies and friends can still chase me down here with a steady diet of email.  Hopefully, noone is offended if I’m less responsive as usual.  I’m busy taking photos, shooting video, tasting krill and generally having far too good a time to think about PDF, Acrobat, Adobe Systems or work in general.  Long overdue, my wife tells me. (She gets the photo credit here).

Some have asked why I wanted  to go someplace so cold during the winter.  Well, first, it’s far warmer in the Antarctica Peninsula today (around 30 F) than it is in Boston (-25 F).  Secondly, this is the only time of year when it is possible to visit Antarctica (at least as a tourist), since the period from November to February is about the only time when tourist vessels may approach the shore and islands of this part of the world.  For the rest of the year, the ice prevents any access to the penguin colonies and other points of interest.

I’ll be back next week, at which point I hope it’s a lot warmer in Boston than it is down here in the Antarctic Penninsula!

Few people pay much attention to help files. Like the proverbial (and now nearly extinct) Printed Software Manual, most users only crack open the Help menu when in extremis. The preferred method is to blunder though dialogs and settings on a hunt for magic buttons. It takes a serious stumbling block to convince today’s user to sit down for a document that often reads like it was written by Orac.

I’m something of a connoisseur of help systems (readers of this blog may recall an earlier post on the topic), so I thought I’d take a moment to highlight some changes in the way Help content is presented in Acrobat 8.

The Changes

First, Adobe has seemingly abandoned the practice of deploying Acrobat help in PDF form. Acrobat 8 does NOT install ACROHELP.PDF, the traditional conveyance for Acrobat’s Help, at all.

This is, frankly, a welcome development. ACROHELP had become a bit ridiculous, itself a bloated demonstration of why a PDF is NOT always the right format for all content and all contexts, even when the content in question is the official Acrobat documentation itself.
In Acrobat 7, Adobe had resorted to dressing up the ACROHELP file with a specialized (and fairly unappetizing) PDF viewer. With Acrobat 8, Adobe went with functionality over sentiment, delivering an Acrobat help system rather than a “make do” PDF file.

In the new “Complete Adobe Acrobat 8 Professional Help” powered by the Adobe Help Viewer version 1.0, help contents are presented in a crisp, clear navigation system. Breadcrumbs at the top of the page tell you where you are. Pages often include related subjects as expansions of the page, far superior to endless, droning content. This all encourages exploration, and thus, learning.

I find the copy improved overall compared with Acrobat 7’s help - perhaps by association with the slicked-up interface.

The Help system has facilitated several entry-points since Acrobat 6. In Acrobat 8, the “How to” method has been cleaned up, and now appears in the Navigation Panel to the left of the page, as it should. The stand-out new feature of Help, however, has to be the all-new “Getting Started” interface, which does a good job of introducing a variety of higher-end functions to office-workers.

Still a PDF around here somewhere

A PDF version of the Help file remains, but it’s located on the installation disc, and is not installed by default. This file is now properly paginated, to better serve those users who prefer their documentation printed. Thus, it is now possible to say, with feeling; “Oh, go look it up on page 323 in the Acrobat Help file, sonny-boy”.

Summary

With the new Getting Started interface, the new Help offers something new to bridge the gap between user understanding and application terminology. Acrobat needs a lot more help along these lines, but the direction is encouraging. There’s more to do - especially when it comes to recognizing and facilitating user intent - but the changes to Help in Acrobat 8 are praiseworthy.

Last week, loud noises began emanating from a variety of online security experts regarding a vulnerability in Adobe’s Reader browser plugin that can allow malicious code to execute on a user’s system via cross-site-scripting (XSS).

The headlines were choice: ‘Adobe bug may be worst flaw of 2007“, and “Adobe Flaw Means Trusted PDFs May Be Treacherous” are just two examples.

I’m not a security expert, but I know a thing or two about Adobe Acrobat and Reader, and thanks to an earlier career in politics, I know something about the media as well.

My general recommendation for anyone who consumes newspapers, websites or blogs for subjects of any complexity is this: Check in on stories weekly. That way, you’ll get a far more sensible read on the so-called “news” than you will garner from the rankings-adrenaline junkies who dominate the 24 hour news cycle. For me, The Economist is the world’s single finest source of news; in no small part because it is published weekly.

This newest PDF scare is a case in point - the result of parallel mentalities in the computer security and news-gathering worlds: jumping the gun.

Today, we learn that some people were actually bothering themselves to test the original claims over the weekend. The latest headline? iDefence backtracks on PDF scare“.

Here’s Adobe’s statement, on the subject. They are planning a fix for older versions of Reader. Since the “dangerous” combination of Reader and browser is so inherently unusual anyhow (how many installations of FireFox aren’t automatically updating themselves?), in my view, this “flaw” is close to a nothing-burger, the result of a headline-hungry and woefully incautious computer-security hype-machine.

One other point worth noting. In describing this security problem, Symantec’s Hon Lau makes the following claim:

“What this means, in a nutshell, is that anybody hosting a .pdf file, including well-trusted brands and names on the Web, could have their trust abused and become unwilling partners in crime.”

This is, frankly, nothing more than a cheap grab for headlines, and of course, it worked. Yes, Reader’s XSS flaw requires a link to a real PDF file that exists on the web. It could be any file - which one doesn’t matter. Just because a bad guy may use any PDF on any website as his link-target does not in ANY way implicate the owner of that PDF as an “unwilling partner in crime”! We are discussing fraud, no more, no less - certainly no different than any other fraud committed online. Suggestions to the contrary are unwarranted, inflammatory and unworthy of a respected computer security organization.