The PDF is dead, long live the PDF

Adobe acrobat screen shot The software has constantly evolved to include more capabilities

Related Stories

Seven years ago PDFs were declared "unfit for human consumption" by usability expert Jakob Nielsen. it has also been criticised for several high-profile security flaws.

Yet, use of the document format has exploded. There are now more than 160 million PDF documents on the web according to Adobe, the company which invented the format.

And the firm has just released the tenth version of the official software for creating PDF documents, along with a new version of the reader software.

Its aim is to hit back a some of its critics and to root PDF more firmly into the web.

"We wanted to make the in-browser experience much like any other web content," said Adobe's Mark Grilli.

Criminal target

The format's popularity is, in part, down to publishers who like it because it keeps even complex page layouts unchanged, no matter what web browser or operating system is used to view them.

By contrast, a webpage may look different according to your computer setup.

What is PDF?

  • Stands for Portable Document Format and was introduced in 1993
  • Designed for exchanging electronic documents while preserving their layout
  • Based on PostScript, a computer language used by printers
  • PDF use accelerated when Adobe made the reader free
  • Print industry is a major user of PDFs because it makes it easier to receive print jobs from clients
  • In 2008 PDF became an international standard published by ISO

That could be a disaster for something like a repair manual with carefully positioned diagrams and instructions.

PDF solves the problem. It also prints reliably.

The problem is that a web browser cannot display a PDF document directly. The main language of the web is HTML, not PDF.

This meant that - until now - reading a PDF document triggers either a browser add-on that takes over the web page behind the scenes, or a downloaded file which opens in a separate window.

The latest version of the software - Adobe Acrobat X - attempts to solve those problems.

Now, when someone open a PDF page in a web browser, it will no longer show its own menu and toolbar: just the content, with a floating controller for navigating pages.

It is the latest change to a format that has constantly evolved.

Over the years, Adobe has added various capabilities to the documents such as the ability to embed multimedia content created using Flash software, as used in many web pages.

"The idea of a document has changed," says Grilli. "It's no longer just a piece of paper."

But the increased capabilities of PDF and its reader software has a downside

"It's not unusual at all for cybercriminals to plant malicious code inside PDF files, and use them as a distribution model for an attack," says Graham Cluley at anti-virus firm Sophos.

"The problem is compounded by the public's belief that PDFs and other documents are somehow safer to open than, say, program files.

"If there weren't quite so many bells-and-whistles in the PDF file format it would be targeted a lot less often."

'Child's play'

At a recent security conference, Sophos researcher Paul Baccas analysed PDF security and concluded that "PDF as a file format is no longer fit for purpose and that a new SDF [Secure Document Format] should take its place."

Adobe's Brad Arkin, senior director of product security, said these claims are unfounded.

Digital history

  • The PDF format has proved so popular that it forms part of our digital heritage
  • The British Library says its archives "contain a vast, and rapidly increasing, collection of PDF documents".
  • But the library is concerned that in the future computers may no longer be able to view PDFs
  • Emulation, which allows older computers to run in the software of a newer computer, may be the answer.
  • The library says emulation software "provides a more authentic experience than converting the file to newer formats".

"There is nothing inherently insecure in the PDF format", he told BBC News.

Mr Arkin says the same problems are faced by any software that accepts content from the internet and displays it to the user, whether it is a web browser, a multimedia player, or Adobe Reader, all of which have suffered from security vulnerabilities.

He also said that the latest Reader is more secure.

"Version X is night and day different and better," he said.

The main reason for his confidence is a new feature which places an invisible barrier between the document and the user's computer, preventing it from storing any permanent data there.

This is known as a "sandbox", so named because it is like letting a child play in a sandbox where he cannot do harm.

The sandbox is a feature of the new Windows Reader, not a change in PDF itself.

Uses will need to upgrade, and it will not help those using alternative computers or software to view PDF documents - though Arkin says Windows is the only operating system under attack.

"I doubt it will be the end of security issues," said Mr Cluley. "Even if the sandbox is perfect there will still be ways of kick-starting malware infections and malicious attacks via PDF files. Nevertheless, it's a development which should be welcomed."

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.