I liked Mozilla's idea of pdf.js since it is intrinsically sandboxed by using javascript, and makes use of all the architecture that it is already providing rather than shipping an entirely separate rendering pipeline.
Adobe's products have been a source of endless security vulnerabilities, and no matter how much sandboxing you do it is intrinsically unsafe.
The first best thing would be for PDF to die, but the second best thing would be pdf.js
If you care about security, turn off this feature and use the pdf.js extension. If you absolutely need form-filling, then run the standalone adobe reader and uninstall it at the earliest possible time.
They do touch on the security aspect but there is a whole lotta attack surface to worry about.
Fta:
Microsoft made a particular point of outlining its efforts to ensure the new Adobe PDF tool is secure. Miscreants will use malware-infused PDFs to muscle their way into enterprise networks, so Microsoft's Edge Vulnerability Research team was involved in the process of bringing the Adobe engine to Edge.
That includes adding security features to the PDF stack such as PartitionAlloc a secure heap implementation developed on Chromium and already used in Edge, according to Gareth Evans, principal security research lead at Microsoft.
"PartitionAlloc is designed in such a way as to keep objects of different types separate from each other with minimal intervention from the developer," Evans wrote.
The package also includes mitigations such as Intel's Control Flow Enforcement Technology to protect against the hijacking of control-flow transfer instructions, a technology that complements Microsoft's Control Flow Guard. Fuzzing – automatic testing for vulnerabilities – is another security feature included with the new Edge PDF stack.
In addition, Edge's Acrobat engine will be included in the software vendor's bug bounty program to incentivize developers to find and report flaws. And there have been quite a few flaws in Adobe's PDF code.
Current Firefox supports filling regular PDF forms properly, they can be read by Acrobat and Apple's Preview without problems. It also allows creating annotation, in which case it's actually like drawing on top of the PDF.
imagine you ran it within a one off VM that edge just provided a remote display that edge displayed within the right location. the isolation will be provided by a full hardware vm that will be thrown away when not needed anymore. I'd argue that's higher isolation than even pdf.js
The one thing I've had against pdf.js is speed - IME it's noticeably slower to render than native code, which is kinda expected, a decent trade, and still annoying.
To me, cloud documents are better for most cases. They allow exporting to multiple file types, and allow you to edit after sending it out. While also often preserving revision history, and enabling collaboration.
The next best options would be open source document formats.
EPUB, ODT, SVG, exported HTML like MHTML (MHT)... all good options.
Cloud documents allow sending out read-only links, and revision history can be preserved.
Even for such things as contracts, something like PandaDoc or DocuSign is way better than PDF.
I mainly see PDFs used for sending documentation, HR onboarding info, and contracts. None of those uses require immutable files, and they are easy to become obsolete.
Paid e-books could also be done through web readers. But EPUB exists.
For archival purposes, I recognize that there is a use for files, and I listed some options that are all better than PDF.
A PDF reader requires complexity on the order of a web browser. It has enormous amounts of legacy baggage. And it is proprietary and still adding more features regularly. Its existence is akin to that of Flash. It comes from an era where web standards were immature.
replacing PDFs with cloud documents is cutting your ears off to spite your nose. so now what, instead of a potentially insecure PDF file, you have a potentially insecure webpage probably hosted by a company you have no control over that requires wifi connection to access, that you likely can’t trust the continuous accuracy of?
Would argue that avoiding the cloud is cutting off your ears to spite your face, but you are free to make your own choices.
If you are distributing code, will you share it via tarballs and zip files, or will you share it via a hosted service like GitLab or GitHub? Most people undestand that the latter is superior in every way, and you can still have the offline archives via having a full clone of the repo locally.
I would argue that the same logic applies generally. If you share your resume, it would be smarter to use a static github page tied to a git repo, than it would be to simply email a file. That file may have a typo or become obsolete. And in reality you are likely trusting email service providers anyways... ie the cloud.
Having a full archive of it locally with a local git repo means you actually aren't locked into them. My use of the term cloud was meant to be a fully general concept, and I wasn't advocating any particular locked-in concept. I'm simply advocating leveraging specialization of labor.
If you sew all your own clothing, build you own house, build your own car, etc... then by all means, run your own email servers, send zip files, and write your own operating system. Definitely keeps your trust surface low.
I haven't used Edge in a while and opened it the other day. I'm absolutely shocked at the amount of garbage that's in there.
Open up the hamburger menu, you'll see games, shopping comparisons, etc. It feels like 90s adware. I'm not surprised they're turning PDF reading into a paid advertisement for Acrobat.
>I haven't used Edge in a while and opened it the other day. I'm absolutely shocked at the amount of garbage that's in there.
I switched to Edge on Mac from Chrome this week for one reason and one reason only: In full screen, Edge properly displays the addressbar when the cursor is moved to the top of the screen, while Chrome still cannot do this. (No, I do not want to enable "Always Show Toolar in Full Screen".) My understanding is that this is a very, very, very longstanding entry in Chrome's bugzilla.
The transition was easy; Edge even handled extensions correctly, pulling extensions from the Edge store when possible (except when versions differ, which I noticed in two cases) and from the Chrome store for the rest. Even extension settings came over. The only flaw I saw was that Edge only imported tabs from one Chrome window; I had to bookmark all tabs in each window, reimport bookmarks into Edge, then reopen each set of bookmarks into its own window.
They also try extremely hard to make you (accidentally) set your default browser to Edge. I occasionally test my web sites/extensions on Edge and I don’t remember how many times I’ve told it no. While other browsers ask you whether you want to set them as default, Edge asks you whether you want to use “Microsoft-recommended settings” (paraphrased), stating their true intention only in small print.
Also saw something new recently: got some “tips” in some sort of in-browser notification drawer, again asking to be set as default. Apparently denying synchronous dialogs as you open the browser aren’t enough, you should get nagged asynchronously as well.
Of course, when you check out their recent Bing Chat, you’ll be asked to set the entire Microsoft suite as default, plus installing their mobile apps, so that you can be bumped up in a completely opaque waiting list.
As someone that uses Edge by default, I see Google doing the same thing with Chrome. Various Google properties complain I'm not using Chrome. When I open chrome, it asks about being default... I never see Edge interfering.
I switched to Edge and Bing a few years ago and don't at all regret it. Switching was painless, the browser uses much less CPU on windows, it syncs across all devices including mac, all the chrome extensions still work, and search results on bing are better than google in my testing.
Yeah I hadn’t used a Windows machine for a year or so, and fired up Edge Dev just recently. The amount of adbloatware is truly baffling, it’s almost incredible.
Afaik Windows doesn’t ship with a default PDF viewer other than Edge’s, so they probably made a pretty sweet deal with Adobe to let them in to upsell their subscription.
The first (and last) time I tried it, I got a mile long GDPR consent form for the New Tab page. The entirety of the product is an ad delivery platform.
my laptop has an extremely condescending “help” button that opens up Edge when you inevitably accidentally click it. usually I delete the Edge executable to prevent this, but every few updates they put it back and I have to delete it again. it’s horrendous
Remember when you downloaded Java and Yahoo paid to have their toolbar installed along side it? This is Microsoft testing that same business model but in a world where the browser has replaced the desktop.
I dont think so. Microsoft has a more sophisticated view now, and understands that users are more savvy these days.
Rather, they already were shipping a PDF reader, as most browsers already do. But were likely inundated with bug reports about how it was broken for advanced workflows like form filling.
This solves that problem and likely Adobe consented without much cajoling to cement the relevance of a premier product of theirs.
Good point, although that is a click-to-install thing rather than actually installed. And Windows 11 is currently more subtle with click to install options than Windows 10. I don't remember any game recommendations except maybe solitaire.
Also, Microsoft is currently acquiring Activision, so Candy Crush is very nearly a Microsoft product.
In my experience with PDFs, no other PDF program can really open all the weird PDFs, except for Acrobat Reader. Especially with regards to PDF Forms.
The funny thing is, only Acrobat Reader on PC and Mac is like that. If you open some of the weird PDFs on their phone Acrobat Reader or web Acrobat Reader, they are about as broken as they are in Pdfium (Chrome’s open source PDF reader, based on licensed FoxIt) or Preview, let alone pdf.js.
Not even Adobe can really port their format readers on phone and javascript.
I am afraid, some day, the "Portable"DF ecosystem will be fragmented and guarded by wannabe monopolies like all those CAD formats. Does adobe try to monopolise the PDF ecosystem and pulls dirty tricks?
If anyone is suspicious of Acrobat, check out Foxit PDF Reader as an alternative. Used at it a former workplace and it works just as good as Acrobat Reader.
Isn't FoxIt a Chinese company? Doubt that would fly as a replacement in many Western based businesses for something as key as PDFs, which often contain business critical secrets.
This would be comical considering Acrobat's infamous swiss cheese security record and long, very publically documented history of serving as entry point into all kinds of breakins from mundane to espionage headlines. (Not necessarily untrue of course, lots of things in the area have this kind of tragicomic air to them)
Every time I see a psirt (seems common still after 30 years) for adobe, I laugh a little and think "who actually still uses adobe?". Then I realize it's the old boy network with microsoft still. I occasionally still need to produce a pdf or sign one, but I haven't used anything adobe in 30 years and my life is better for it.
I use SumatraPDF as my default reader. (I can recommend it - lightweight "gets the job done 99% of the time" tool.) Edge already makes it really hard to not use their default reader - you can make a PDF _download_ and then you have to click the downloads menu to open it, but apparently you can't just click a link [to something that serves a HTTP response with content type application/pdf] and have the program open by default.
Where this gets really weird is Office 365 integration, if you export as PDF in word and have the "Open after exporting" checkbox ticked, it'll try and force it into Edge even if you have Sumatra as the default reader in Explorer, resulting in Edge _downloading_ a copy of the file to the downloads folder even though the original is in the same folder as the word doc on your local drive.
I imagine the Adobe integration will only make opting out even harder. Maybe it's time to switch back to chrome or one of the million lookalikes.
Shameless plug: If you are looking for a minimal, customizable PDF viewer with vim-like keybindings and some special features for reading research papers and textbooks, check out sioyek:
Adobe's products have been a source of endless security vulnerabilities, and no matter how much sandboxing you do it is intrinsically unsafe.
The first best thing would be for PDF to die, but the second best thing would be pdf.js
If you care about security, turn off this feature and use the pdf.js extension. If you absolutely need form-filling, then run the standalone adobe reader and uninstall it at the earliest possible time.