Showing posts with label Internet. Show all posts
Showing posts with label Internet. Show all posts

MikroTik

Posted by Unknown On Sunday, April 28, 2013 0 comments
Type Limited company
Industry Networking hardware
Founded 1995
Headquarters Riga, Latvia
Key people John Tully, CEO
Arnis Riekstins, CTO
Products Routers, Firewalls
Revenue 62.5 million Euros (2011)
Net income 20.6 million Euros (2011)
Employees 80
Website www.mikrotik.com
RB1100 1U rackmount high performance core router
RBSXT wireless CPE device, also used for Point to Point links
Mikrotīkls Ltd., known internationally as MikroTik, is a Latvian manufacturer of computer networking equipment. It sells wireless products and routers. The company was founded in 1995, with the intent to sell in the emerging wireless technology market. As of 2007, the company had more than 70 employees. The company's products are known as low-priced alternatives for expensive routers and Ethernet radio relay lines.

Contents

RouterOS

The main product of MikroTik is a Linux-based operating system known as MikroTik RouterOS. Installed on the company's proprietary hardware (RouterBOARD), or on standard x86-based computers, it turns the computer into a network router and implements various additional features, such as firewalling, virtual private network (VPN) service and client, bandwidth shaping and quality of service, wireless access point functions and other commonly used features when interconnecting networks. The system is also able to serve as a captive-portal-based hotspot system. The operating system is licensed in increasing service levels, each releasing more of the available RouterOS features. A MS Windows application called Winbox provides a graphical user interface for the RouterOS configuration and monitoring, but RouterOS also allows access via FTP, telnet, and secure shell (SSH). An application programming interface is available for direct access from applications for management and monitoring.

Features

RouterOS supports many applications used by Internet service providers, for example OSPF, BGP, Multiprotocol Label Switching (VPLS/MPLS), OpenFlow. The product is supported by Mikrotik through a forum and a wiki, providing assorted and thematic examples of configurations. RouterOS supports Internet Protocol Version 4 (IPv4) as well as Internet Protocol Version 6 (IPv6).
The software provides support for virtually all network interfaces that the Linux kernel 2.6.16 supports, except wireless, where the Atheros and Prism chipsets are the only supported hardware, as of 3.x version.

Release dates of RouterOS

  • v6 - April 2013 (to be released at MUM 2013)[citation needed]
  • v5 - Mar 2010
  • v4 - Oct 2009
  • v3 - Jan 2008

RouterBOARD

The company manufactures a series of integrated circuit boards, marketed under the name RouterBOARD, as well as accessory components which implement a complete hardware operating platform for RouterOS.
The RouterBOARD line, combined with RouterOS, is marketed at small- to medium-sized wireless Internet service providers, typically providing broadband wireless access in remote areas. Products include pre-assembled SOHO routers, wireless 802.11n MIMO and TDMA devices for indoor and outdoor use, and also bare PCB routers for integration into custom solutions.

Cloud Core Router

In November 2012 MikroTik released the Cloud Core Router integrated unit which is based on the Tilera CPU supporting 16 - 36 CPU cores, 12 × 1000Base-T ethernets and up to 4 SFP (MiniGBIC) interfaces, as well as "fast-path" packet forwarding between interfaces (with claimed 24 million packets per second forwarding rate). This unit targets the medium-sized network providers as well as try to be a well priced alternative to the other more well known brands.[1]

Use in developing IT markets

See also: Information and communication technologies for development
In 2004 a project begun to build low-cost Internet infrastructure in rural Mali. MikroTik routers and operating systems were chosen because of their low cost, flexibility, the fact that the system already had "a substantial user base in Mali", and had a user interface deemed "superior to other products".[2] MikroTik routers were also preferred for a WLAN project in Burkina Faso,[3] and MikroTik's proprietary Nstreme protocol performed better than IEEE 802.11 under the project's conditions.[4]
In 2008, the Municipality of Piripiri, Piauí State, Brazil, decided to use MikroTik routers exclusively to build the infrastructure for providing free Internet access.[5] MikroTik routers are also popular in the Czech Republic and Hungary, where they enjoy a good reputation.[6]
Under OLPC program, Uruguay deployed a nation-wide wireless network in schools. Probably the largest Mikrotik deployment in a country with a total population of 3 million.[citation needed] Approximately 200,000 students received a small laptop which connected to Mikrotik access points.

READ MORE

Antivirus software

Posted by Unknown On Monday, April 22, 2013 0 comments
Antivirus or anti-virus software is software used to prevent, detect and remove malware (of all descriptions), such as: computer viruses, malicious BHOs, hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, fraudtools, adware and spyware. Computer security, including protection from social engineering techniques, is commonly offered in products and services of antivirus software companies. This page discusses the software used for the prevention and removal of malware threats, rather than computer security implemented by software methods.
A variety of strategies are typically employed. Signature-based detection involves searching for known patterns of data within executable code. However, it is possible for a computer to be infected with new malware for which no signature is yet known. To counter such so-called zero-day threats, heuristics can be used. One type of heuristic approach, generic signatures, can identify new viruses or variants of existing viruses by looking for known malicious code, or slight variations of such code, in files. Some antivirus software can also predict what a file will do by running it in a sandbox and analyzing what it does to see if it performs any malicious actions.
No matter how useful antivirus software can be, it can sometimes have drawbacks. Antivirus software can impair a computer's performance. Inexperienced users may also have problems understanding the prompts and decisions that antivirus software presents them with. An incorrect decision may lead to a security breach. If the antivirus software employs heuristic detection, success depends on achieving the right balance between false positives and false negatives. False positives can be as destructive as false negatives.[1] Finally, antivirus software generally runs at the highly trusted kernel level of the operating system, creating a potential avenue of attack.[2]

Most of the computer viruses written in the early and mid-1980s were limited to self-reproduction and had no specific damage routine built into the code.[3] That changed when more and more programmers became acquainted with virus programming and created viruses that manipulated or even destroyed data on infected computers.
There are competing claims for the innovator of the first antivirus product. Possibly the first publicly documented removal of a computer virus in the wild was performed by Bernd Fix in 1987.[4][5] There were also two antivirus applications for the Atari ST platform developed in 1987. The first one was G Data [6] and second was UVK 2000.[7]
Fred Cohen, who published one of the first academic papers on computer viruses in 1984,[8] began to develop strategies for antivirus software in 1988[9] that were picked up and continued by later antivirus software developers. In 1987, he published a demonstration that there is no algorithm that can perfectly detect all possible viruses.[10]
In 1987 the first two heuristic antivirus utilities were released: Flushot Plus by Ross Greenberg and Anti4us by Erwin Lanting.[citation needed]
Also in 1988 a mailing list named VIRUS-L[11] was started on the BITNET/EARN network where new viruses and the possibilities of detecting and eliminating viruses were discussed. Some members of this mailing list like John McAfee or Eugene Kaspersky later founded software companies that developed and sold commercial antivirus software.
Before internet connectivity was widespread, viruses were typically spread by infected floppy disks. Antivirus software came into use, but was updated relatively infrequently. During this time, virus checkers essentially had to check executable files and the boot sectors of floppy disks and hard disks. However, as internet usage became common, viruses began to spread online.[12]
Over the years it has become necessary for antivirus software to check an increasing variety of files, rather than just executables, for several reasons:
  • Powerful macros used in word processor applications, such as Microsoft Word, presented a risk. Virus writers could use the macros to write viruses embedded within documents. This meant that computers could now also be at risk from infection by opening documents with hidden attached macros.[13]
  • The possibility of embedding executable objects inside otherwise non-executable file formats can make opening those files a risk.[14]
  • Later email programs, in particular Microsoft's Outlook Express and Outlook, were vulnerable to viruses embedded in the email body itself. A user's computer could be infected by just opening or previewing a message.[15]
As always-on broadband connections became the norm, and more and more viruses were released, it became essential to update virus checkers more and more frequently. Even then, a new zero-day virus could become widespread before antivirus companies released an update to protect against it.

Identification methods


Malwarebytes' Anti-Malware version 1.46 - a proprietary freeware antimalware product
One of the few solid theoretical results in the study of computer viruses is Frederick B. Cohen's 1987 demonstration that there is no algorithm that can perfectly detect all possible viruses.[10]
There are several methods which antivirus software can use to identify malware.
Signature based detection is the most common method. To identify viruses and other malware, antivirus software compares the contents of a file to a dictionary of virus signatures. Because viruses can embed themselves in existing files, the entire file is searched, not just as a whole, but also in pieces.[16]
Heuristic-based detection, like malicious activity detection, can be used to identify unknown viruses.
File emulation is another heuristic approach. File emulation involves executing a program in a virtual environment and logging what actions the program performs. Depending on the actions logged, the antivirus software can determine if the program is malicious or not and then carry out the appropriate disinfection actions.[17]

Signature-based detection

Traditionally, antivirus software heavily relied upon signatures to identify malware. This can be very effective, but cannot defend against malware unless samples have already been obtained and signatures created. Because of this, signature-based approaches are not effective against new, unknown viruses.
As new viruses are being created each day, the signature-based detection approach requires frequent updates of the virus signature dictionary. To assist the antivirus software companies, the software may allow the user to upload new viruses or variants to the company, allowing the virus to be analyzed and the signature added to the dictionary.[16]
Although the signature-based approach can effectively contain virus outbreaks, virus authors have tried to stay a step ahead of such software by writing "oligomorphic", "polymorphic" and, more recently, "metamorphic" viruses, which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match virus signatures in the dictionary.[18]

Heuristics

Some more sophisticated antivirus software uses heuristic analysis to identify new malware or variants of known malware.
Many viruses start as a single infection and through either mutation or refinements by other attackers, can grow into dozens of slightly different strains, called variants. Generic detection refers to the detection and removal of multiple threats using a single virus definition.[19]
For example, the Vundo trojan has several family members, depending on the antivirus vendor's classification. Symantec classifies members of the Vundo family into two distinct categories, Trojan.Vundo and Trojan.Vundo.B.[20][21]
While it may be advantageous to identify a specific virus, it can be quicker to detect a virus family through a generic signature or through an inexact match to an existing signature. Virus researchers find common areas that all viruses in a family share uniquely and can thus create a single generic signature. These signatures often contain non-contiguous code, using wildcard characters where differences lie. These wildcards allow the scanner to detect viruses even if they are padded with extra, meaningless code.[22] A detection that uses this method is said to be "heuristic detection."

Rootkit detection

Main article: Rootkit
Anti-virus software can attempt to scan for rootkits; a rootkit is a type of malware that is designed to gain administrative-level control over a computer system without being detected. Rootkits can change how the operating system functions and in some cases can tamper with the anti-virus program and render it ineffective. Rootkits are also difficult to remove, in some cases requiring a complete re-installation of the operating system. [23]

Real-time protection

Real-time protection, on-access scanning, background guard, resident shield, autoprotect, and other synonyms refer to the automatic protection provided by most antivirus, anti-spyware, and other anti-malware programs. This monitors computer systems for suspicious activity such as computer viruses, spyware, adware, and other malicious objects in 'real-time', in other words while data loaded into the computer's active memory: when inserting a CD, opening an email, or browsing the web, or when a file already on the computer is opened or executed.[24]

Issues of concern

Unexpected renewal costs

Some commercial antivirus software end-user license agreements include a clause that the subscription will be automatically renewed, and the purchaser's credit card automatically billed, at the renewal time without explicit approval. For example, McAfee requires users to unsubscribe at least 60 days before the expiration of the present subscription[25] while BitDefender sends notifications to unsubscribe 30 days before the renewal.[26] Norton AntiVirus also renews subscriptions automatically by default.[27]

Rogue security applications

Main article: Rogue security software
Some apparent antivirus programs are actually malware masquerading as legitimate software, such as WinFixer, MS Antivirus, and Mac Defender.[28]

Problems caused by false positives

A "false positive" is when antivirus software identifies a non-malicious file as a virus. When this happens, it can cause serious problems. For example, if an antivirus program is configured to immediately delete or quarantine infected files, a false positive in an essential file can render the operating system or some applications unusable.[29] In May 2007, a faulty virus signature issued by Symantec mistakenly removed essential operating system files, leaving thousands of PCs unable to boot.[30] Also in May 2007, the executable file required by Pegasus Mail was falsely detected by Norton AntiVirus as being a Trojan and it was automatically removed, preventing Pegasus Mail from running. Norton AntiVirus had falsely identified three releases of Pegasus Mail as malware, and would delete the Pegasus Mail installer file when that happened.[31] In response to this Pegasus Mail stated:
On the basis that Norton/Symantec has done this for every one of the last three releases of Pegasus Mail, we can only condemn this product as too flawed to use, and recommend in the strongest terms that our users cease using it in favour of alternative, less buggy anti-virus packages.[31]
In April 2010, McAfee VirusScan detected svchost.exe, a normal Windows binary, as a virus on machines running Windows XP with Service Pack 3, causing a reboot loop and loss of all network access.[32][33]
In December 2010, a faulty update on the AVG anti-virus suite damaged 64-bit versions of Windows 7, rendering it unable to boot, due to an endless boot loop created.[34]
In October 2011, Microsoft Security Essentials (MSE) removed the Google Chrome web browser, rival to Microsoft's own Internet Explorer. MSE flagged Chrome as a Zbot banking trojan.[35]
When Microsoft Windows becomes damaged by faulty anti-virus products, fixing the damage to Microsoft Windows incurs technical support costs and businesses can be forced to close whilst remedial action is undertaken.[36][37]

System and interoperability related issues

Running multiple antivirus programs concurrently can degrade performance and create conflicts.[38] However, using a concept called multiscanning, several companies (including G Data[39] and Microsoft[40]) have created applications which can run multiple engines concurrently.
It is sometimes necessary to temporarily disable virus protection when installing major updates such as Windows Service Packs or updating graphics card drivers.[41] Active antivirus protection may partially or completely prevent the installation of a major update. Anti-virus software can cause problems during the installation of an operating system upgrade, e.g. when upgrading to a newer version of Windows "in place" — without erasing the previous version of Windows. Microsoft recommends that anti-virus software be disabled to avoid conflicts with the upgrade installation process.[42][43][44]
The functionality of a few computer programs can be hampered by active anti-virus software. For example TrueCrypt, a disk encryption program, states on its troubleshooting page that anti-virus programs can conflict with TrueCrypt and cause it to malfunction or operate very slowly.[45] Anti-virus software can impair the performance and stability of games running in the Steam platform.[46]
Support issues also exist around antivirus application interoperability with common solutions like SSL VPN remote access and network access control products.[47] These technology solutions often have policy assessment applications which require that an up to date antivirus is installed and running. If the antivirus application is not recognized by the policy assessment, whether because the antivirus application has been updated or because it is not part of the policy assessment library, the user will be unable to connect.

Effectiveness

Studies in December 2007 showed that the effectiveness of antivirus software had decreased in the previous year, particularly against unknown or zero day attacks. The computer magazine c't found that detection rates for these threats had dropped from 40-50% in 2006 to 20-30% in 2007. At that time, the only exception was the NOD32 antivirus, which managed a detection rate of 68 percent.[48]
The problem is magnified by the changing intent of virus authors. Some years ago it was obvious when a virus infection was present. The viruses of the day, written by amateurs, exhibited destructive behavior or pop-ups. Modern viruses are often written by professionals, financed by criminal organizations.[49]
Independent testing on all the major virus scanners consistently shows that none provide 100% virus detection. The best ones provided as high as 99.6% detection, while the lowest provided only 81.8% in tests conducted in February 2010. All virus scanners produce false positive results as well, identifying benign files as malware.[50]
Although methodologies may differ, some notable independent quality testing agencies include AV-Comparatives, ICSA Labs, West Coast Labs, VB100 and other members of the Anti-Malware Testing Standards Organization.[51]

New viruses

Anti-virus programs are not always effective against new viruses, even those that use non-signature-based methods that should detect new viruses. The reason for this is that the virus designers test their new viruses on the major anti-virus applications to make sure that they are not detected before releasing them into the wild.[52]
Some new viruses, particularly ransomware, use polymorphic code to avoid detection by virus scanners. Jerome Segura, a security analyst with ParetoLogic, explained:[53]
It's something that they miss a lot of the time because this type of [ransomware virus] comes from sites that use a polymorphism, which means they basically randomize the file they send you and it gets by well-known antivirus products very easily. I've seen people firsthand getting infected, having all the pop-ups and yet they have antivirus software running and it's not detecting anything. It actually can be pretty hard to get rid of, as well, and you're never really sure if it's really gone. When we see something like that usually we advise to reinstall the operating system or reinstall backups.[53]
A proof of concept virus has used the Graphics Processing Unit (GPU) to avoid detection from anti-virus software. The potential success of this involves bypassing the CPU in order to make it much harder for security researchers to analyse the inner workings of such malware.[54]

Rootkits

Detecting rootkits is a major challenge for anti-virus programs. Rootkits have full administrative access to the computer and are invisible to users and hidden from the list of running processes in the task manager. Rootkits can modify the inner workings of the operating system[55] and tamper with antivirus programs.

Damaged files

Files which have been damaged by computer viruses are normally damaged beyond recovery. Anti-virus software removes the virus code from the file during disinfection, but this does not always restore the file to its undamaged state. In such circumstances, damaged files can only be restored from existing backups; installed software that is damaged requires re-installation[56] (however, see System File Checker).

Firmware issues

Active anti-virus software can interfere with a firmware update process.[57] Any writeable firmware in the computer can be infected by malicious code.[58] This is a major concern, as an infected BIOS could require the actual BIOS chip to be replaced to ensure the malicious code is completely removed.[59] Anti-virus software is not effective at protecting firmware and the motherboard BIOS from infection.[60]

Other methods


A command-line virus scanner, Clam AV 0.95.2, running a virus signature definition update, scanning a file and identifying a Trojan
Installed antivirus software running on an individual computer is only one method of guarding against viruses. Other methods are also used, including cloud-based antivirus, firewalls and on-line scanners.

Cloud antivirus

Cloud antivirus is a technology that uses lightweight agent software on the protected computer, while offloading the majority of data analysis to the provider's infrastructure.[61]
One approach to implementing cloud antivirus involves scanning suspicious files using multiple antivirus engines. This approach was proposed by an early implementation of the cloud antivirus concept called CloudAV. CloudAV was designed to send programs or documents to a network cloud where multiple antivirus and behavioral detection programs are used simultaneously in order to improve detection rates. Parallel scanning of files using potentially incompatible antivirus scanners is achieved by spawning a virtual machine per detection engine and therefore eliminating any possible issues. CloudAV can also perform "retrospective detection," whereby the cloud detection engine rescans all files in its file access history when a new threat is identified thus improving new threat detection speed. Finally, CloudAV is a solution for effective virus scanning on devices that lack the computing power to perform the scans themselves.[62]
Some examples of cloud anti-virus products are Panda Cloud Antivirus and Immunet.

Network firewall

Network firewalls prevent unknown programs and processes from accessing the system. However, they are not antivirus systems and make no attempt to identify or remove anything. They may protect against infection from outside the protected computer or network, and limit the activity of any malicious software which is present by blocking incoming or outgoing requests on certain TCP/IP ports. A firewall is designed to deal with broader system threats that come from network connections into the system and is not an alternative to a virus protection system.

Online scanning

Some antivirus vendors maintain websites with free online scanning capability of the entire computer, critical areas only, local disks, folders or files. Periodic online scanning is a good idea for those that run antivirus applications on their computers because those applications are frequently slow to catch threats. One of the first things that malicious software does in an attack is disable any existing antivirus software and sometimes the only way to know of an attack is by turning to an online resource that is not installed on the infected computer.[63]

Specialist tools


Using rkhunter to scan for rootkits on an Ubuntu Linux computer.
Virus removal tools are available to help remove stubborn infections or certain types of infection. Examples include Trend Micro's Rootkit Buster,[64] and rkhunter for the detection of rootkits, Avira's AntiVir Removal Tool,[65] PCTools Threat Removal Tool,[66] and AVG's Anti-Virus Free 2011.[67]
A rescue disk that is bootable, such as a CD or USB storage device, can be used to run antivirus software outside of the installed operating system, in order to remove infections while they are dormant. A bootable antivirus disk can be useful when, for example, the installed operating system is no longer bootable or has malware that is resisting all attempts to be removed by the installed antivirus software. Examples of some of these bootable disks include the Avira AntiVir Rescue System,[65] PCTools Alternate Operating System Scanner,[68] and AVG Rescue CD.[69] The AVG Rescue CD software can also be installed onto a USB storage device, that is bootable on newer computers.[69]

Usage and risks

According to an FBI survey, major businesses lose $12 million annually dealing with virus incidents.[70] A survey by Symantec in 2009 found that a third of small to medium sized business did not use antivirus protection at that time, whereas more than 80% of home users had some kind of antivirus installed.[71] According to a sociological survey conducted by G Data Software in 2010 49% of women did not use any antivirus program at all.[72]
READ MORE

Portable Document Format

Posted by Unknown On Wednesday, April 17, 2013 0 comments
Portable Document Format (PDF) is a file format used to represent documents in a manner independent of application software, hardware, and operating systems.[1] Each PDF file encapsulates a complete description of a fixed-layout flat document, including the text, fonts, graphics, and other information needed to display it. In 1991, Adobe Systems co-founder John Warnock outlined a system called "Camelot"[2] that evolved into PDF.
While Adobe Systems made the PDF specification available free of charge in 1993, PDF remained a proprietary format, controlled by Adobe, until it was officially released as an open standard on July 1, 2008, and published by the International Organization for Standardization as ISO 32000-1:2008.[3][4] In 2008, Adobe published a Public Patent License to ISO 32000-1 granting royalty-free rights for all patents owned by Adobe that are necessary to make, use, sell and distribute PDF compliant implementations.[5]

History

PDF was developed in the early 1990s as a way to share documents, including text formatting and inline images, among computer users of disparate platforms who may not have access to mutually-compatible application software.[6] It was among a number of competing formats such as DjVu (still developing), Envoy, Common Ground Digital Paper, Farallon Replica and even Adobe's own PostScript format (.ps). In those early years before the rise of the World Wide Web and HTML documents, PDF was popular mainly in desktop publishing workflows.
PDF's adoption in the early days of the format's history was slow.[7] Adobe Acrobat, Adobe's suite for reading and creating PDF files, was not freely available; early versions of PDF had no support for external hyperlinks, reducing its usefulness on the Internet; the larger size of a PDF document compared to plain text required longer download times over the slower modems common at the time; and rendering PDF files was slow on the less powerful machines of the day.
From version 2.0 onwards Adobe distributed its Acrobat Reader (now Adobe Reader) program free of charge,[8] and continued supporting the original PDF, which eventually became the de facto standard for printable documents on the web (a standard web document).
In 2008 Adobe Systems' PDF Reference 1.7 became ISO 32000:1:2008. Thereafter, further development of PDF (including PDF 2.0) is conducted by ISO's TC 171 SC 2 WG 8 with the participation of Adobe Systems' and other subject matter experts.

Adobe's PDF specifications

Adobe changed the PDF specification a few times and continues to develop new specifications with new versions of Adobe Acrobat. There have been nine versions of PDF with corresponding Acrobat releases:[9]
  • 1993 – PDF 1.0 / Acrobat 1.0
  • 1994 – PDF 1.1 / Acrobat 2.0
  • 1996 – PDF 1.2 / Acrobat 3.0
  • 2000 – PDF 1.3 / Acrobat 4.0
  • 2001 – PDF 1.4 / Acrobat 5.0
  • 2003 – PDF 1.5 / Acrobat 6.0
  • 2005 – PDF 1.6 / Acrobat 7.0
  • 2006 – PDF 1.7 / Acrobat 8.0
  • 2006 – PDF 1.7 / Acrobat 8.2
  • 2008 – PDF 1.7, Adobe Extension Level 3 / Acrobat 9.0
  • 2009 – PDF 1.7, Adobe Extension Level 5 / Acrobat 9.1
The ISO standard ISO 32000-1:2008 and Adobe PDF 1.7 are technically consistent.[10] Adobe declared that it is not producing a PDF 1.8 Reference. Future versions of the PDF Specification will be produced by ISO technical committees. However, Adobe published documents specifying what extended features for PDF, beyond ISO 32000-1 (PDF 1.7), are supported in its newly released products. This makes use of the extensibility features of PDF as documented in ISO 32000-1 in Annex E.
The specifications for PDF are backward inclusive. The PDF 1.7 specification includes all of the functionality previously documented in the Adobe PDF Specifications for versions 1.0 through 1.6. Where Adobe removed certain features of PDF from their standard, they are not contained in ISO 32000-1[3] either.
PDF documents conforming to ISO 32000-1 carry the PDF version number 1.7. Documents containing Adobe extended features still carry the PDF base version number 1.7 but also contain an indication of which extension was followed during document creation.[11]

Adobe's versions

Version Edition[3] Year of publication New features Acrobat Reader version support
1.0 First 1993
Carousel
1.1 First, revised 1996 Passwords, encryption (MD5, RC4 40bit), device-independent color, threads and links[12] 2.0
1.2 First, revised 1996 Interactive page elements (radio buttons, checkboxes &c); interactive, fill-in forms (AcroForm); Forms Data Format (FDF) for interactive form data that can be imported, exported, transmitted and received from the Web; mouse events; external movie reproduction; external or embedded sound reproduction; zlib/deflate compression of text or binary data; Unicode; advanced color features and image proxying[12] 3.0
1.3 Second 2000 Digital signatures; ICC and DeviceN color spaces; JavaScript actions; embedded file streams of any type (e.g. used for attachments); new annotation types; new features of the Adobe PostScript Language Level 3 imaging model; masked images; alternate representations for images; smooth shading; enhanced page numbering; Web capture — a facility for capturing information from World Wide Web and converting it to PDF; representation of logical structure independently of graphical structure; additional support for CIDFonts; data structures for mapping strings and numbers to PDF objects; information for prepress production workflows support; new functions for several function object types that represent parameterized classes of functions[13][14] 4.0
1.4 Third 2001 JBIG2; transparency; RC4 encryption key lengths greater than 40 bits (40–128 bits); enhancements to interactive forms and Forms Data Format (FDF), XML form submissions, embedded FDF files, Unicode specification of field export values, remote collaboration and digital signatures in FDF files; accessibility to disabled users; metadata streams using XML — Extensible Metadata Platform (XMP); tagged PDF; inclusion of printer’s marks; display and preview of production-related page boundaries; new predefined CMaps; alternate presentations; importing content from one PDF document into another; EmbeddedFiles entry in the PDF document’s name dictionary — a standard location for the embedded data;[14][15] OCR text layer[citation needed] 5.0
1.5 Fourth 2003 JPEG 2000; enhanced support for embedding and playback of multimedia; object streams; cross reference streams; XML Forms Data Format (XFDF) for interactive form submission (replaced the XML format in PDF 1.4); support for forms, rich text elements and attributes based on Adobe’s XML Forms Architecture (XFA) 2.02; public-key security handlers using PKCS#7 (introduced in PDF 1.3 but not documented in the Reference until 1.5), public-key encryption, permissions — usage rights (UR) signatures (does not require document encryption), PKCS#7 with SHA-1, RSA up to 4096-bits; security handler can use its own encryption and decryption algorithms; document sections selectively viewed or hidden by authors or readers — for items such as CAD drawings, layered artwork, maps, and multi-language documents; Alternate Presentations — the only type is slideshow — invoked by means of JavaScript actions (Adobe Reader supports only SVG 1.0);[14][16][17] support for MS Windows 98 dropped. 6.0
1.6 Fifth 2004 3D artwork, e.g. support for Universal 3D file format; OpenType font embedding; support for XFA 2.2 rich text elements and attributes; AES encryption; PKCS#7 with SHA256, DSA up to 4096-bits; NChannel color spaces; additional support for embedded file attachments, including cross-document linking to and from embedded files; enhancements and clarifications to digital signatures related to usage rights and modification detection and prevention signatures[14] 7.0
1.7
(ISO 32000-1:2008
[3][11])		 Sixth (ISO first) 2006 Increased presentation of 3D artwork; XFA 2.4 rich text elements and attributes; multiple file attachments (portable collections); document requirements for a PDF consumer application; new string types: PDFDocEncoded string, ASCII string, byte string; PKCS#7 with SHA384, SHA512 and RIPEMD160 8
1.7 Extension Level 3
2008 256-bit AES encryption; incorporation of XFA Datasets into a file conforming PDF/A-2; improved attachment of Flash applications, video (including Flash video with H.264), audio, and other multimedia, two-way scripting bridge between Flash and conforming applications; XFA 2.5 and 2.6 rich text conventions 9
1.7 Extension Level 5
2009 XFA 3.0 9.1
1.7 Extension Level 8[18]
2011 Specification not published as of May 2011.[11] AES-256 different password handling than in Extension Level 3.[19][20] X (10)

Standardization

Specialized subsets of PDF

The following specialized subsets of PDF specification has been standardized as ISO standards (or are in standardization process):[3][21][22][23]
  • PDF/X (since 2001 - series of ISO 15929 and ISO 15930 standards) - a.k.a. "PDF for Exchange" - for the Graphic technology - Prepress digital data exchange - (working in ISO Technical committee 130), based on PDF 1.3, PDF 1.4 and later also PDF 1.6
  • PDF/A (since 2005 - series of ISO 19005 standards) - a.k.a. "PDF for Archive" - Document management - Electronic document file format for long-term preservation (working in ISO Technical committee 171), based on PDF 1.4 and later also ISO 32000-1 - PDF 1.7
  • PDF/E (since 2008 - ISO 24517) - a.k.a. "PDF for Engineering" - Document management - Engineering document format using PDF (working in ISO Technical committee 171), based on PDF 1.6
  • PDF/VT (since 2010 - ISO 16612-2) - a.k.a. "PDF for exchange of variable data and transactional (VT) printing" - Graphic technology - Variable data exchange (working in ISO Technical committee 130), based on PDF 1.6 as restricted by PDF/X-4 and PDF/X-5[24]
  • PDF/UA (since 2012 - ISO 14289-1) - a.k.a. "PDF for Universal Access" - Document management applications - Electronic document file format enhancement for accessibility (working in ISO Technical committee 171), based on ISO 32000-1 - PDF 1.7
There is also the PDF/H, a.k.a. PDF Healthcare, a best practices guide (BPG), supplemented by an Implementation Guide (IG), published in 2008. PDF Healthcare is not a standard or proposed standard, but only a guide for use with existing standards and other technologies. It is supported by the standards development organizations ASTM and AIIM. PDF/H BPG is based on PDF 1.6.[25][26][27]

Full function PDF

PDF 1.7
The final revised documentation for PDF 1.7 was approved by ISO Technical Committee 171 in January 2008 and published as ISO 32000-1:2008 on July 1, 2008 and titled Document management—Portable document format—Part 1: PDF 1.7.
ISO 32000-1:2008 is the first ISO standard for full function PDF. The previous ISO PDF standards (PDF/A, PDF/X, etc.) are intended for more specialized uses. ISO 32000-1 includes all of the functionality previously documented in the Adobe PDF Specifications for versions 1.0 through 1.6. Adobe removed certain features of PDF from previous versions; these features are not contained in PDF 1.7 either.[3]
The ISO 32000-1 document was prepared by Adobe Systems Incorporated based upon PDF Reference, sixth edition, Adobe Portable Document Format version 1.7, November 2006. It was reviewed, edited and adopted under a special fast-track procedure, by ISO Technical Committee 171 (ISO/TC 171), Document management application, Subcommittee SC 2, Application issues, in parallel with its approval by the ISO member bodies.
According to the ISO PDF standard abstract:[28]
ISO 32000-1:2008 specifies a digital form for representing electronic documents to enable users to exchange and view electronic documents independent of the environment they were created in or the environment they are viewed or printed in. It is intended for the developer of software that creates PDF files (conforming writers), software that reads existing PDF files and interprets their contents for display and interaction (conforming readers) and PDF products that read and/or write PDF files for a variety of other purposes (conforming products).
PDF 2.0
A new version of PDF standard is under development under the name ISO/DIS 32000-2 - Document management—Portable document format—Part 2: PDF 2.0 (as of September 2012).[29] PDF 2.0 was accepted by ISO as a new proposal in 2009 (ISO/NP 32000-2). The TC 171 SC 2 WG 8 Committee working on ISO 32000-2 (PDF 2.0) is continuing to actively develop the document; processing hundreds of technical and editorial comments and operating eight ad hoc committees comprising numerous interested parties, including Adobe Systems. To provide more time to develop the document the original ISO project was cancelled in 2012 and a New Project item was started.[citation needed]
Adobe has submitted the Adobe Extension Level 5 and Adobe Extension Level 3 specifications to ISO for inclusion into the ISO 32000-2 specification, but only some of their features have been accepted.
PDF 2.0 will reference Adobe's XML Forms Architecture 3.1. In 2011 the ISO Committee urged Adobe Systems to submit the XFA Specification, XML Forms Architecture (XFA), to ISO for standardization and requested Adobe Systems to stabilize the XFA specification. The ISO Committee expressed its concerns about the stability of the XFA specification.[30]

ISO TC 171 SC 2 WG 8

Formed in 2008 to curate the PDF Reference as an ISO Standard, Working Group 8 typically meets twice a year, with members from ten or more countries attending in each instance. Meetings of the ISO Committee for ISO 32000 are open to accredited Subject Matter Experts. Interested parties should contact their respective ISO Member Body for information about joining ISO 32000.
Current Project Leadership: Cherie Ekholm, Microsoft & Duff Johnson, Independent Consultant, Project Co-Leaders
Past Project Leadership: 2008-2011: James King, PhD, Adobe Systems
Secretary: Betsy Fanning, AIIM

Technical foundations

Anyone may create applications that can read and write PDF files without having to pay royalties to Adobe Systems; Adobe holds patents to PDF, but licenses them for royalty-free use in developing software complying with its PDF specification.[31]
The PDF combines three technologies:
  • A subset of the PostScript page description programming language, for generating the layout and graphics.
  • A font-embedding/replacement system to allow fonts to travel with the documents.
  • A structured storage system to bundle these elements and any associated content into a single file, with data compression where appropriate.

PostScript

PostScript is a page description language run in an interpreter to generate an image, a process requiring many resources. It can handle not just graphics, but standard features of programming languages such as if and loop commands. PDF is largely based on PostScript but simplified to remove flow control features like these, while graphics commands such as lineto remain.
Often, the PostScript-like PDF code is generated from a source PostScript file. The graphics commands that are output by the PostScript code are collected and tokenized; any files, graphics, or fonts to which the document refers also are collected; then, everything is compressed to a single file. Therefore, the entire PostScript world (fonts, layout, measurements) remains intact.
As a document format, PDF has several advantages over PostScript:
  • PDF contains tokenized and interpreted results of the PostScript source code, for direct correspondence between changes to items in the PDF page description and changes to the resulting page appearance.
  • PDF (from version 1.4) supports true graphic transparency; PostScript does not.
  • PostScript is an interpreted programming language with an implicit global state, so instructions accompanying the description of one page can affect the appearance of any following page. Therefore, all preceding pages in a PostScript document must be processed to determine the correct appearance of a given page, whereas each page in a PDF document is unaffected by the others. As a result, PDF viewers allow the user to quickly jump to the final pages of a long document, whereas a Postscript viewer needs to process all pages sequentially before being able to display the destination page (unless the optional PostScript Document Structuring Conventions have been carefully complied with).

Technical overview

File structure

A PDF file consists primarily of objects, of which there are eight types:[32]
  • Boolean values, representing true or false
  • Numbers
  • Strings
  • Names
  • Arrays, ordered collections of objects
  • Dictionaries, collections of objects indexed by Names
  • Streams, usually containing large amounts of data
  • The null object
Objects may be either direct (embedded in another object) or indirect. Indirect objects are numbered with an object number and a generation number. An index table called the xref table gives the byte offset of each indirect object from the start of the file.[33] This design allows for efficient random access to the objects in the file, and also allows for small changes to be made without rewriting the entire file (incremental update). Beginning with PDF version 1.5, indirect objects may also be located in special streams known as object streams. This technique reduces the size of files that have large numbers of small indirect objects and is especially useful for Tagged PDF.
There are two layouts to the PDF files—non-linear (not "optimized") and linear ("optimized"). Non-linear PDF files consume less disk space than their linear counterparts, though they are slower to access because portions of the data required to assemble pages of the document are scattered throughout the PDF file. Linear PDF files (also called "optimized" or "web optimized" PDF files) are constructed in a manner that enables them to be read in a Web browser plugin without waiting for the entire file to download, since they are written to disk in a linear (as in page order) fashion.[11] PDF files may be optimized using Adobe Acrobat software or QPDF.

Imaging model

The basic design of how graphics are represented in PDF is very similar to that of PostScript, except for the use of transparency, which was added in PDF 1.4.
PDF graphics use a device independent Cartesian coordinate system to describe the surface of a page. A PDF page description can use a matrix to scale, rotate, or skew graphical elements. A key concept in PDF is that of the graphics state, which is a collection of graphical parameters that may be changed, saved, and restored by a page description. PDF has (as of version 1.6) 24 graphics state properties, of which some of the most important are:

Vector graphics

Vector graphics in PDF, as in PostScript, are constructed with paths. Paths are usually composed of lines and cubic Bézier curves, but can also be constructed from the outlines of text. Unlike PostScript, PDF does not allow a single path to mix text outlines with lines and curves. Paths can be stroked, filled, or used for clipping. Strokes and fills can use any color set in the graphics state, including patterns.
PDF supports several types of patterns. The simplest is the tiling pattern in which a piece of artwork is specified to be drawn repeatedly. This may be a colored tiling pattern, with the colors specified in the pattern object, or an uncolored tiling pattern, which defers color specification to the time the pattern is drawn. Beginning with PDF 1.3 there is also a shading pattern, which draws continuously varying colors. There are seven types of shading pattern of which the simplest are the axial shade (Type 2) and radial shade (Type 3).

Raster images

Raster images in PDF (called Image XObjects) are represented by dictionaries with an associated stream. The dictionary describes properties of the image, and the stream contains the image data. (Less commonly, a raster image may be embedded directly in a page description as an inline image.) Images are typically filtered for compression purposes. Image filters supported in PDF include the general purpose filters
  • ASCII85Decode a filter used to put the stream into 7-bit ASCII
  • ASCIIHexDecode similar to ASCII85Decode but less compact
  • FlateDecode a commonly used filter based on the zlib/deflate algorithm (a.k.a. gzip, but not zip) defined in RFC 1950 and RFC 1951; introduced in PDF 1.2; it can use one of two groups of predictor functions for more compact zlib/deflate compression: Predictor 2 from the TIFF 6.0 specification and predictors (filters) from the PNG specification (RFC 2083)
  • LZWDecode a filter based on LZW Compression; it can use one of two groups of predictor functions for more compact LZW compression: Predictor 2 from the TIFF 6.0 specification and predictors (filters) from the PNG specification
  • RunLengthDecode a simple compression method for streams with repetitive data using the Run-length encoding algorithm and the image-specific filters
  • DCTDecode a lossy filter based on the JPEG standard
  • CCITTFaxDecode a lossless bi-level (black/white) filter based on the Group 3 or Group 4 CCITT (ITU-T) fax compression standard defined in ITU-T T.4 and T.6
  • JBIG2Decode a lossy or lossless bi-level (black/white) filter based on the JBIG2 standard, introduced in PDF 1.4
  • JPXDecode a lossy or lossless filter based on the JPEG 2000 standard, introduced in PDF 1.5
Normally all image content in a PDF is embedded in the file. But PDF allows image data to be stored in external files by the use of external streams or Alternate Images. Standardized subsets of PDF, including PDF/A and PDF/X, prohibit these features.

Text

Text in PDF is represented by text elements in page content streams. A text element specifies that characters should be drawn at certain positions. The characters are specified using the encoding of a selected font resource.
Fonts
A font object in PDF is a description of a digital typeface. It may either describe the characteristics of a typeface, or it may include an embedded font file. The latter case is called an embedded font while the former is called an unembedded font. The font files that may be embedded are based on widely used standard digital font formats: Type 1 (and its compressed variant CFF), TrueType, and (beginning with PDF 1.6) OpenType. Additionally PDF supports the Type 3 variant in which the components of the font are described by PDF graphic operators.
Standard Type 1 Fonts (Standard 14 Fonts)
Fourteen typefaces—known as the standard 14 fonts—have a special significance in PDF documents:
These fonts are sometimes called the base fourteen fonts.[34] These fonts, or suitable substitute fonts with the same metrics, must always be available in all PDF readers and so need not be embedded in a PDF.[35] PDF viewers must know about the metrics of these fonts. Other fonts may be substituted if they are not embedded in a PDF.
Encodings
Within text strings, characters are shown using character codes (integers) that map to glyphs in the current font using an encoding. There are a number of predefined encodings, including WinAnsi, MacRoman, and a large number of encodings for East Asian languages, and a font can have its own built-in encoding. (Although the WinAnsi and MacRoman encodings are derived from the historical properties of the Windows and Macintosh operating systems, fonts using these encodings work equally well on any platform.) PDF can specify a predefined encoding to use, the font's built-in encoding or provide a lookup table of differences to a predefined or built-in encoding (not recommended with TrueType fonts).[36] The encoding mechanisms in PDF were designed for Type 1 fonts, and the rules for applying them to TrueType fonts are complex.
For large fonts or fonts with non-standard glyphs, the special encodings Identity-H (for horizontal writing) and Identity-V (for vertical) are used. With such fonts it is necessary to provide a ToUnicode table if semantic information about the characters is to be preserved.

Transparency

The original imaging model of PDF was, like PostScript's, opaque: each object drawn on the page completely replaced anything previously marked in the same location. In PDF 1.4 the imaging model was extended to allow transparency. When transparency is used, new objects interact with previously marked objects to produce blending effects. The addition of transparency to PDF was done by means of new extensions that were designed to be ignored in products written to the PDF 1.3 and earlier specifications. As a result, files that use a small amount of transparency might view acceptably in older viewers, but files making extensive use of transparency could be viewed incorrectly in an older viewer without warning.
The transparency extensions are based on the key concepts of transparency groups, blending modes, shape, and alpha. The model is closely aligned with the features of Adobe Illustrator version 9. The blend modes were based on those used by Adobe Photoshop at the time. When the PDF 1.4 specification was published, the formulas for calculating blend modes were kept secret by Adobe. They have since been published.[37]
The concept of a transparency group in PDF specification is independent of existing notions of "group" or "layer" in applications such as Adobe Illustrator. Those groupings reflect logical relationships among objects that are meaningful when editing those objects, but they are not part of the imaging model.

Interactive elements

[icon] This section requires expansion. (May 2008)
PDF files may contain interactive elements such as annotations and form fields.
Interactive Forms is a mechanism to add forms to the PDF file format.
PDF currently supports two different methods for integrating data and PDF forms. Both formats today coexist in PDF specification:[38][39][40][41]
  • AcroForms (also known as Acrobat forms), introduced in the PDF 1.2 format specification and included in all later PDF specifications.
  • Adobe XML Forms Architecture (XFA) forms, introduced in the PDF 1.5 format specification. The XFA specification is not included in the PDF specification, it is only referenced as an optional feature. Adobe XFA Forms are not compatible with AcroForms.[42]

AcroForms

AcroForms were introduced in the PDF 1.2 format. AcroForms permit using objects (e.g. text boxes, Radio buttons, etc.) and some code (e.g.JavaScript).
Alongside the standard PDF action types, interactive forms (AcroForms) support submitting, resetting, and importing data. The "submit" action transmits the names and values of selected interactive form fields to a specified uniform resource locator (URL). Interactive form field names and values may be submitted in any of the following formats, (depending on the settings of the action’s ExportFormat, SubmitPDF, and XFDF flags):[38]
  • HTML Form format (HTML 4.01 Specification since PDF 1.5; HTML 2.0 since 1.2)
  • Forms Data Format (FDF)
  • XML Forms Data Format (XFDF) (external XML Forms Data Format Specification, Version 2.0; supported since PDF 1.5; it replaced the "XML" form submission format defined in PDF 1.4.)
  • PDF (the entire document can be submitted rather than individual fields and values). (defined in PDF 1.4)
AcroForms can keep form field values in external stand-alone files containing key:value pairs. The external files may use Forms Data Format (FDF) and XML Forms Data Format (XFDF) files.[43][44][45] The usage rights (UR) signatures define rights for import form data files in FDF, XFDF and text (CSV/TSV) formats, and export form data files in FDF and XFDF formats.[38]
Forms Data Format (FDF)
Forms Data Format (FDF)
Filename extension .fdf
Internet media type application/vnd.fdf[46]
Type code 'FDF '
Developed by Adobe Systems
Initial release 1996 (PDF 1.2)
Extended from PDF
Extended to XFDF
Standard(s) ISO 32000-1:2008
The Forms Data Format (FDF) is based on PDF, it uses the same syntax and has essentially the same file structure, but is much simpler than PDF, since the body of an FDF document consists of only one required object. Forms Data Format is defined in the PDF specification (since PDF 1.2). The Forms Data Format can be used when submitting form data to a server, receiving the response, and incorporating into the interactive form. It can also be used to export form data to stand-alone files that can be imported back into the corresponding PDF interactive form. Beginning in PDF 1.3, FDF can be used to define a container for annotations that are separate from the PDF document they apply to. FDF typically encapsulates information such as X.509 certificates, requests for certificates, directory settings, timestamp server settings, and embedded PDF files for network transmission.[45] The FDF uses the MIME content type application/vnd.fdf, filename extension .fdf and on Mac OS it uses file type 'FDF '.[38] Support for importing and exporting FDF stand-alone files is not widely implemented in free or freeware PDF software. For example, there is no support in Evince, Okular, KPDF or Sumatra PDF. Import support for stand-alone FDF files is implemented in Adobe Reader; export and import support (including saving of FDF data in PDF) is for example implemented in Foxit Reader and PDF-XChange Viewer Free; saving of FDF data in a PDF file is also supported in pdftk.
XML Forms Data Format (XFDF)
XML Forms Data Format (XFDF)
Filename extension .xfdf
Internet media type application/vnd.adobe.xfdf[47]
Type code 'XFDF'
Developed by Adobe Systems
Latest release 2.0
Extended from PDF, FDF, XML
Website XFDF 2.0 specification
XML Forms Data Format (XFDF) is the XML version of Forms Data Format, but the XFDF implements only a subset of FDF containing forms and annotations. There are not XFDF equivalents for some entries in the FDF dictionary - such as the Status, Encoding, JavaScript, Pages keys, EmbeddedFDFs, Differences and Target. In addition, XFDF does not allow the spawning, or addition, of new pages based on the given data; as can be done when using an FDF file. The XFDF specification is referenced (but not included) in PDF 1.5 specification (and in later versions). It is described separately in XML Forms Data Format Specification.[44] The PDF 1.4 specification allowed form submissions in XML format, but this was replaced by submissions in XFDF format in the PDF 1.5 specification. XFDF conforms to the XML standard. XFDF can be used the same way as FDF—e.g., form data is submitted to a server, modifications are made, then sent back and the new form data is imported in an interactive form. It can also be used to export form data to stand-alone files that can be imported back into the corresponding PDF interactive form. A support for importing and exporting FDF stand-alone files is not widely implemented in free or freeware PDF software. Import of XFDF is implemented in Adobe Reader 5 and later versions; import and export is implemented in PDF-XChange Viewer Free; embedding of XFDF data in PDF form is implemented in pdftk (pdf toolkit).

Adobe XML Forms Architecture (XFA)

Main article: XML Forms Architecture
In the PDF 1.5 format, Adobe Systems introduced a new, proprietary format for forms, namely Adobe XML Forms Architecture (XFA) forms. The XFA 2.02 is referenced in the PDF 1.5 specification (and also in later versions) but is described separately in Adobe XML Forms Architecture (XFA) Specification, which has several versions.[48] XFA specification is not included in ISO 32000-1 PDF 1.7 and is only referenced as an external proprietary specification created by Adobe. XFA was not standardized as an ISO standard. In 2011 the ISO Committee (TC 171/SC 2/WG 8) urged Adobe Systems to submit the XFA Specification for standardization.[30]
Adobe XFA Forms are not compatible with AcroForms. Adobe Reader contains "disabled features" for use of XFA Forms, that activate only when opening a PDF document that was created using enabling technology available only from Adobe.[49][50] The XFA Forms are not compatible with Adobe Reader prior to version 6.
XFA forms can be created and used as PDF files or as XDP (XML Data Package) files. The format of an XFA resource in PDF is described by the XML Data Package Specification.[38] The XDP may be a standalone document or it may in turn be carried inside a PDF document. XDP provides a mechanism for packaging form components within a surrounding XML container. An XDP can also package a PDF file, along with XML form and template data.[48] PDF may contain XFA (in XDP format), but also XFA may contain PDF.[48] When the XFA (XML Forms Architecture) grammars used for an XFA form are moved from one application to another, they must be packaged as an XML Data Package.[51]
When the PDF and XFA are combined, the result is a form in which each page of the XFA form overlays a PDF background. This architecture is sometimes referred to as XFAF (XFA Foreground). The alternative is to express all of the form, including boilerplate, directly in XFA. It is sometimes called full XFA.[51]
Starting with PDF 1.5, the text contents of variable text form fields, as well as markup annotations may include formatting information (style information). These rich text strings are XML documents that conform to the rich text conventions specified for the XML Forms Architecture specification 2.02, which is itself a subset of the XHTML 1.0 specification, augmented with a restricted set of CSS2 style attributes.[38] In PDF 1.6, PDF supports the rich text elements and attributes specified in the XML Forms Architecture (XFA) Specification, 2.2. In PDF 1.7, PDF supports the rich text elements and attributes specified in the XML Forms Architecture (XFA) Specification, 2.4[38]

Logical structure and accessibility

[icon] This section requires expansion. (May 2008)
A PDF may contain document structure and semantics information to enable better text extraction and accessibility. PDF/UA provides normative text detailing the syntax, features and attributes of PDF files tagged with complete and accurate information required for accessibility.

Security and signatures

[icon] This section requires expansion. (May 2008)
A PDF file may be encrypted for security, or digitally signed for authentication.
The standard security provided by Acrobat PDF consists of two different methods and two different passwords, user password, which encrypts the file and prevents opening, and owner password, which specifies operations that should be restricted even when the document is decrypted, which can include: printing, copying text and graphics out of the document, modifying the document, or adding or modifying text notes and AcroForm fields. The user password (controls opening) encrypts the file and requires password cracking to defeat, with difficulty depending on password strength and encryption method – it is potentially very secure (assuming good password and encryption method without known attacks). The owner password (controls operations) does not encrypt the file, and instead relies on client software to respect these restrictions, and is not secure. An "owner password" can be removed by many commonly available "PDF cracking" software, including some free online services.[52] Thus, the use restrictions that a document author places on a PDF document are not secure, and cannot be assured once the file is distributed; this warning is displayed when applying such restrictions using Adobe Acrobat software to create or edit PDF files.
Even without removing the password, most freeware or open source PDF readers ignore the permission "protections" and allow the user to print or make copy of excerpts of the text as if the document were not limited by password protection.
Some solutions, like Adobe's LiveCycle Rights Management, are more robust means of information rights management, which can both restrict who can open documents, but also reliably enforce permissions in ways that the standard security handler does not.

Usage rights

Beginning with PDF 1.5, Usage rights (UR) signatures are used to enable additional interactive features that are not available by default in a particular PDF viewer application. The signature is used to validate that the permissions have been granted by a bonafide granting authority. For example, it can be used to allow a user:[38]
  • to save the PDF document along with modified form and/or annotation data
  • import form data files in FDF, XFDF and text (CSV/TSV) formats
  • export form data files in FDF and XFDF formats
  • submit form data
  • instantiate new pages from named page templates
  • apply a digital signature to existing digital signature form field
  • create, delete, modify, copy, import, export annotations
For example, Adobe Systems grants permissions to enable additional features in Adobe Reader, using public-key cryptography. Adobe Reader verifies that the signature uses a certificate from an Adobe-authorized certificate authority. The PDF 1.5 specification declares that other PDF viewer applications are free to use this same mechanism for their own purposes.[38]

File attachments

[icon] This section requires expansion. (August 2008)
PDF files can have document-level and page-level file attachments, which the reader can access and open or save to their local filesystem. PDF attachments can be added to existing PDF files for example using pdftk. Adobe Reader provides support for attachments, and poppler based readers like Evince or Okular also have some support for document-level attachments.

Metadata

PDF files can contain two types of metadata.[53] The first is the Document Information Dictionary, a set of key/value fields such as author, title, subject, creation and update dates. This is stored in the optional Info trailer of the file. A small set of fields is defined, and can be extended with additional text values if required.
Later, in PDF 1.4, support was added for the Metadata Streams, using the Extensible Metadata Platform (XMP) to add XML standards-based extensible metadata as used in other file formats. This allows metadata to be attached to any stream in the document, such as information about embedded illustrations, as well as the whole document (attaching to the document catalog), using an extensible schema.

Subsets

Proper subsets of PDF have been, or are being, standardized under ISO for several constituencies:
  • PDF/X for the printing and graphic arts as ISO 15930 (working in ISO TC130)
  • PDF/A for archiving in corporate/government/library/etc environments as ISO 19005 (work done in ISO TC171)
  • PDF/E for exchange of engineering drawings (work done in ISO TC171)
  • PDF/VT for exchange of variable data and transactional (ISO TC130)
  • PDF/UA for universally accessible PDF technology (work done in ISO TC171)

Future

The "future generation of PDF" and of "electronic paged media" (PDF competing formats).

Mars

See also: Page description markup language
Adobe was exploring an XML-based next-generation PDF code-named Mars.[54]
The format of graphic elements of Mars was sometimes described simply as SVG,[citation needed] but according to the version 0.8 draft specification of November 2007 (§3 Mars SVG Support) the format was actually merely similar to SVG: it contained both additions to and subtractions from SVG, so it was in general neither viewable by nor creatable with standard SVG tools: some things looked noticeably different between SVG viewers and Mars viewers.
The Mars format was effectively dropped in 2008.[55]

CSS3 and EPUB

The W3C open standard CSS3 offers a lot of PDF functionality, see paged media.
As of 2012, many ebook readers now support the EPUB format (that is a "XHTML+CSS2") in addition to or in place of the PDF format.

Technical issues

Accessibility

PDF files can be created specifically to be accessible for disabled people.[56][57][58][59][60] Current PDF file formats can include tags (XML), text equivalents, captions, audio descriptions, et cetera. Tagged PDF is required in the PDF/A-1a specification.[61][62] Some software can automatically produce tagged PDFs, however this feature is not always enabled by default.[63][64] Leading screen readers, including JAWS, Window-Eyes, Hal, and Kurzweil 1000 and 3000 can read tagged PDFs; current versions of the Acrobat and Acrobat Reader programs can also read PDFs aloud.[65][66][67] Moreover, tagged PDFs can be re-flowed and magnified for readers with visual impairments. Problems remain with adding tags to older PDFs and those that are generated from scanned documents. In these cases, accessibility tags and re-flowing are unavailable, and must be created either manually or with OCR techniques. These processes are inaccessible to some disabled people.
One of the significant challenges with PDF accessibility is that PDF documents have three distinct views, which, depending on the document's creation, can be inconsistent with each other. The three views are (i) the physical view, (ii) the tags view, and (iii) the content view. The physical view is displayed and printed (what most people consider a PDF document). The tags view is what screen readers and other assistive technologies use to deliver a high-quality navigation and reading experience to users with disabilities. The content view is based on the physical order of objects within the PDFs content stream and may be displayed by software that does not fully support the tags view, such as the Reflow feature in Adobe's Reader.
PDF/UA, the International Standard for accessible PDF based on ISO 32000-1 was published as ISO 14289-1 in 2012, and establishes normative language for accessible PDF technology.

Viruses and exploits

See also: Adobe Acrobat Security
PDF attachments carrying viruses were first discovered in 2001. The virus, named OUTLOOK.PDFWorm or Peachy, uses Microsoft Outlook to send itself as an attachment to an Adobe PDF file. It was activated with Adobe Acrobat, but not with Acrobat Reader.[68]
From time to time, new vulnerabilities are discovered[69] in various versions of Adobe Reader, prompting the company to issue security fixes. Other PDF readers are also susceptible. One aggravating factor is that a PDF reader can be configured to start automatically if a web page has an embedded PDF file, providing a vector for attack. If a malicious web page contains an infected PDF file that takes advantage of a vulnerability in the PDF reader, the system may be compromised even if the browser is secure. Some of these vulnerabilities are a result of the PDF standard allowing PDF documents to be scripted with JavaScript. Disabling JavaScript execution in the PDF reader can help mitigate such future exploits, although it does not protect against exploits in other parts of the PDF viewing software. Security experts say that JavaScript is not essential for a PDF reader, and that the security benefit that comes from disabling JavaScript outweighs any compatibility issues caused.[70] One way of avoiding PDF file exploits is to have a local or web service convert files to another format before viewing.[71]
On March 30, 2010 security researcher Didier Stevens reported an Adobe Reader and Foxit Reader exploit that runs a malicious executable if the user allows it to launch when asked.[72]

Usage restrictions and monitoring

PDFs may be encrypted so that a password is needed to view or edit the contents. The PDF Reference defines both 40-bit and 128-bit encryption, both making use of a complex system of RC4 and MD5. The PDF Reference also defines ways that third parties can define their own encryption systems for PDF.
PDF files may also contain embedded DRM restrictions that provide further controls that limit copying, editing or printing. The restrictions on copying, editing, or printing depend on the reader software to obey them, so the security they provide is limited.
The PDF Reference has technical details or see [73] for an end-user overview. Like HTML files, PDF files may submit information to a web server. This could be used to track the IP address of the client PC, a process known as phoning home. After update 7.0.5 to Acrobat Reader, the user is notified "...via a dialogue box that the author of the file is auditing usage of the file, and be offered the option of continuing."[74]
Through its LiveCycle Policy Server product, Adobe provides a method to set security policies on specific documents. This can include requiring a user to authenticate and limiting the timeframe a document can be accessed or amount of time a document can be opened while offline. Once a PDF document is tied to a policy server and a specific policy, that policy can be changed or revoked by the owner. This controls documents that are otherwise "in the wild." Each document open and close event can also be tracked by the policy server. Policy servers can be set up privately or Adobe offers a public service through Adobe Online Services. As with other forms of DRM, adherence to these policies and restrictions may or may not be enforced by the reader software being used.

Default display settings

PDF documents can contain display settings, including the page display layout and zoom level. Adobe Reader uses these settings to override the user's default settings when opening the document.[75] The free Adobe Reader cannot remove these settings.

Content

A PDF file is often a combination of vector graphics, text, and bitmap graphics. The basic types of content in a PDF are:
  • text stored as content streams (i.e., not text)
  • vector graphics for illustrations and designs that consist of shapes and lines
  • raster graphics for photographs and other types of image
In later PDF revisions, a PDF document can also support links (inside document or web page), forms, JavaScript (initially available as plugin for Acrobat 3.0), or any other types of embedded contents that can be handled using plug-ins.
PDF 1.6 supports interactive 3D documents embedded in the PDF - 3D drawings can be embedded using U3D or PRC and various other data formats.[76][77]
Two PDF files that look similar on a computer screen may be of very different sizes. For example, a high resolution raster image takes more space than a low resolution one. Typically higher resolution is needed for printing documents than for displaying them on screen. Other things that may increase the size of a file is embedding full fonts, especially for Asiatic scripts, and storing text as graphics.

Implementations

PDF-viewing software is generally provided free of charge, and many versions are available from a variety of sources (List of PDF software).
There are many software options for creating PDFs, including the PDF printing capabilities built in to Mac OS X and most Linux distributions, OpenOffice.org, Microsoft Office 2007 (if updated to SP2),[78] WordPerfect 9, Scribus, numerous PDF print drivers for Microsoft Windows, the pdfTeX typesetting system, the DocBook PDF tools, applications developed around Ghostscript and Adobe Acrobat itself as well as Adobe FrameMaker. Google's online office suite Google Docs also allows for uploading, and saving to PDF.
Raster image processors (RIPs) are used to convert PDF files into a raster format suitable for imaging onto paper and other media in printers, digital production presses and prepress in a process known as rasterisation. RIPs capable of processing PDF directly include the Adobe PDF Print Engine[79] from Adobe Systems and Jaws[80] and the Harlequin RIP from Global Graphics.

Editing

[icon] This section requires expansion. (July 2010)
There is specialized software for editing PDF files, though the choices are much more limited and often more expensive than creating and editing standard editable document formats. Version 0.46 and later of Inkscape allows PDF editing through an intermediate translation step involving Poppler.
Enfocus PitStop Pro, a plugin for Acrobat, allows manual and automatic editing of PDF files,[81] while the free Enfocus Browser makes it possible to edit the low-level structure of a PDF.[82]
See List of PDF software for a more complete list of PDF editors.

Annotation

See also: Comparison of notetaking software and Category:Web annotation
Adobe Acrobat is one example of proprietary software that allows the user to annotate, highlight, and add notes to already created PDF files. One UNIX application available as free software (under the GNU General Public License) is PDFedit. Another GPL-licensed application native to the unix environment is Xournal. Xournal allows for annotating in different fonts and colours, as well as a rule for quickly underlining and highlighting lines of text or paragraphs. Xournal also has a shape recognition tool for squares, rectangles and circles. In Xournal annotations may be moved, copied and pasted. The freeware Foxit Reader, available for Microsoft Windows, allows annotating documents. Tracker Software's PDF-XChange Viewer allows annotations and markups without restrictions in its freeware alternative. Apple's Mac OS X's integrated PDF viewer, Preview, does also enable annotations as does the freeware Skim, with the latter supporting interaction with LaTeX, SyncTeX, and PDFSync and integration with BibDesk reference management software. Freeware Qiqqa can create an annotation report that summarizes all the annotations and notes you have made across your library of PDFs.
For mobile annotation, iAnnotate PDF (from Aji) and PDF Forms (from Dar-Soft) for the iPad allow annotation of PDFs as well as exporting summaries of the annotations.
There are also web annotation systems that support annotation in pdf and other documents formats, e.g., A.nnotate, crocodoc, WebNotes.
In cases where PDFs are expected to have all of the functionality of paper documents, ink annotation is required. Some programs that accept ink input from the mouse may not be responsive enough for handwriting input on a tablet. Existing solutions on the PC include PDF Annotator and Qiqqa.

Other applications and functionalities

Several applications embracing the PDF standard are now available as an online service including Scribd for viewing and storing, Pdfvue for online editing, and Zamzar for PDF Conversion.
In 1993 the Jaws RIP from Global Graphics became the first shipping prepress RIP that interpreted PDF natively without conversion to another format. The company released an upgrade to their Harlequin RIP with the same capability in 1997.[citation needed]
Agfa-Gevaert introduced and shipped Apogee, the first prepress workflow system based on PDF, in 1997.
Many commercial offset printers have accepted the submission of press-ready PDF files as a print source, specifically the PDF/X-1a subset and variations of the same.[83] The submission of press-ready PDF files are a replacement for the problematic need for receiving collected native working files.
PDF was selected as the "native" metafile format for Mac OS X, replacing the PICT format of the earlier Mac OS. The imaging model of the Quartz graphics layer is based on the model common to Display PostScript and PDF, leading to the nickname Display PDF. The Preview application can display PDF files, as can version 2.0 and later of the Safari web browser. System-level support for PDF allows Mac OS X applications to create PDF documents automatically, provided they support the OS-standard printing architecture. The files are then exported in PDF 1.3 format according to the file header. When taking a screenshot under Mac OS X versions 10.0 through 10.3, the image was also captured as a PDF; later versions save screen captures as a PNG file, though this behaviour can be set back to PDF if desired.
Some desktop printers also support direct PDF printing, which can interpret PDF data without external help. Currently, all PDF capable printers also support PostScript, but most PostScript printers do not support direct PDF printing.
The Free Software Foundation considers one of their high priority projects to be "developing a free, high-quality and fully functional set of libraries and programs that implement the PDF file format and associated technologies to the ISO 32000 standard."[84][85] The GNUpdf library has, however, not been released yet, while Poppler has enjoyed wider use in applications such as Evince, which comes with the GNOME desktop environment, which is based on Xpdf[86][87] code base. There are also commercial development libraries available as listed in List of PDF software.
The Apache PDFBox project of the Apache Software Foundation is an open source Java library for working with PDF documents. PDFBox is licensed under the Apache License.[88]
READ MORE