Adobe Changes Its Tune On Forcing Paid Upgrade To Fix Security Flaws 90
wiredmikey writes with a followup to Thursday's news that Adobe was recommending paid software upgrades in lieu of fixing security holes in some of its applications. After receiving criticism for the security bulletin, Adobe changed its mind and announced that it's developing patches to fix the vulnerabilities.
"Developing a patch, especially for three different applications, can be costly and time consuming. Developing these patches consumes development resources, then must run through a QA process, and the patch needs to be communicated and distributed to users. And for a company like Adobe with a massive customer base using its Photoshop, Illustrator, and Flash Professional, the bandwidth cost alone can be substantial. For a popular product that was just over two years old, providing a fix to address a serious security flaw its what customers deserve. And while Adobe may have originally tried to sneak by without addressing the issue and pushing users to upgrade to its new product, the company made the right move in the end."
Re:massive sales (Score:5, Interesting)
Dude. It's Adobe. Judging from their outward appearance, I suspect that their management chain actively discourages fixing bugs because it gets in the way of adding new bloat... err... features.
For example, we've been complaining that the entire CS suite fails to work correctly on case-sensitive HFS+ since... well, since support was introduced back in 10.4. To this day, their shovelware still does not work on Macs so configured. This problem is entirely caused by Adobe being too damn lazy to fix their build scripts to use correct capitalization during the linking phase—a set of fixes that would take at most a couple of hours for a single competent engineer to fix using shell scripts and sed. And some folks have been complaining about this serious flaw in their products for seven years now.
Even more hilariously, Adobe blames Apple, claiming that there are dozens of compiler bugs that they've reported that haven't been fixed, which prevent them from fixing this problem. However, thousands of companies out there have no trouble working on case-sensitive volumes. Likewise, random users have gone through and created symbolic links to work around Adobe's typos and have been able to get it working, which completely invalidates Adobe's ludicrous claims.
Frankly, given how long it has taken them to fix something that simple, it'll be a ***king miracle if Adobe fixes this security bug in less than a decade. After all, if it takes them that long to fix something that would take me a few minutes, they either have to have the most complicated, snarled pile of source control ever seen in the history of the universe or they're all grossly incompetent beyond measure, neither of which inspires much confidence in this security fix for me.
Screw Adobe. The only thing that could make their software quality any worse would be if they got bought by Symantec.
Making Software is Hard (Score:5, Interesting)
Developing software, especially three different applications, can be costly and time consuming. Developing software consumes development resources, then must run through a QA process (which obviously failed here) ...
.. and creating a marketing campaign and distribution channels is a large and complex process. ...
ditto
Creating stable, secure products is what customers deserve.
Adobe may want to cut corners, but in the end, they don't have the lock-in to really piss their customers off. A lot of their larger consumers (corporations) who were planning to upgrade by choice who felt they were being made to by Adobe's decision now have reason to reconsider, even if they "made the right move in the end". Because who knows if they'll "[make] the right move in the end" the next time? The one good thing? Journalism and popular opinion made a difference.
PS - It's really hard to not be overly snarky, since Adobe's very business is software development. So, trying to spin it as some sort of extra cost to do patching seems even more absurd than all those businesses which could at least say that IT and software development is there for support to do their job and not as an end in itself. Given how much of Adobe's business is in high ticket software, it's especially hard to understand why they were so slow to be committed to support, since beyond the direct software itself, one presumes the high price is tied to a commitment. Certainly, it's the other way around--even corporations with middle management mostly shielded from their decisions don't seem likely to blow potentially millions on a product and a company who, in company terms, will disappear support-wise overnight. I mean, isn't it just standard process in most companies to, even if they're internally dead-set against doing work on an issue, to smile politely and say how they will/are looking into the issue? Otherwise, you may end up with a PR snafu.
Re:Boohoo (Score:4, Interesting)
None of course, and can even breed a corporate strategy of "who can hide the best security flaw so we force people to upgrade?".
I sometimes wonder if PR is dead (Score:5, Interesting)
Do these companies even hire a PR expert anymore? EA/Bioware recently made a big mistake as well. With their MMO SWTOR they have been having some small problems. The game is boring all around and end-game is non-existent. So... they came up with an idea. How about we give everyone, regardless of how long they played a free month... BUT only if they reached level 50...
Reaching level 50 since launch isn't that hard to be honest HOWEVER it is not how some PAYING customers play MMO's. Especially since one you are there, there is nothing to do. Some play lots of alts, some play very infrequent. BOTH these groups PAY. But customers with an account a month old who grinded to 50 got a free month, customer who subscribed since launch did not.
There was much outrage and Bioware/EA relented and made the condition level 10 legacy which is still forcing you to play for level but doesn't require you to play an account till level 50 but one to (25 or something when legacy points start counting) and then you can play as many alts (on a single server) as you want.
IT IS STILL A FUCKING STUPID bit of logic but far few people didn't qualify because of it.
And all this? A promotion campaign to keep paying customers from leaving a game that is considered unfinished (what is there works, there just isn't a lot there, it is one of the most bare-boned MMO's I ever seen. Blizzard refined Sony's Everquest and made it into WoW. Bioware put WoW through a filter and published it as SWTOR sadly all the taste was left behind in the filter. It is a very smooth drink, but then so is a glass of water. But I ordered Whiskey!) and so why the qualification of how many XP points of whatever kind a player accumilated. PAYED subscribers are the ones you hope to keep, so, let the qualifier be, payed subscribers.
No, I am not just going off topic, basic PR is like basic laywer advice. SHUT THE FUCK UP. In any case, your lawyer will tell you to keep your fucking mouth shut. Let your lawyer speak for you and even then, 9 times out of 10 the best thing to say is NOTHING.
Neither of these fuckup's should have gotten past PR, there is no way anyone with a brain could not see the shit storm these announcements would raise while accomplishing NOTHING. I do not use Photoshop and I wasn't unhappy with SWTOR... BOTH these PR goofballs made my blood boil with nerd rage and you can find me ranting my impotent rage on the net...
Someone somewhere could have done cost benefit analysis and reasoned out that simply fixing the bug and simply giving all accounts of say 2 months a free month would have cost far less and would have given them POSITIVE feedback rather then now it costing MORE and leaving a NEGATIVE impression.
PR isn't about spinning things, it is about effective communication with the public (as said, I am not a Adobe customer) so that what you do, benefits you. Some beancounter might do some sums but if the most economic sum ends up raising a storm of protest so you have to do the more expensive solution anyway, you not only wasted time on two approaches, you now have to pay extra for negative publicity.
If you EVER have to deal with the public, just keep this in mind. If there is a change the cheap plan is going to cause protest, go with the more expensive one. It will be cheaper in the long run.
Just run both examples here with the more expensive plan from the start.
Adobe announces patches for its popular Photoshop product free for all version still in use.
Bioware rewards long standing customers with a free month as thanks for their support.
Hoora's all around, what good chaps these megacorps really are.
PR, it is really simple once you stop listening to the beancounters.