It can be difficult at times to convince people not to pirate expensive software, but charging for security updates certainly isn’t going to help. After bad press and user backlash, Adobe has since backed of their plans to charge its customers extra for critical security fixes.
We first heard about the story on CNet where Adobe said that it’ll be charging users money for security upgrades. If the idea isn’t insane enough, just check out the reported prices Adobe planned on charging for users:
According to Adobe’s site, it will cost at least $199 U.S. to upgrade to Photoshop CS6, $249 to upgrade to Illustrator CS6, and $99 to upgrade to Flash Professional CS6.
When I read that, the first question that came across my mind was, “Has Adobe totally lost their minds?” Legitimate users are paying a huge amount of money for their products and not security updates are going to cost up to a couple hundred dollars? Users paid for the product, they expect it to be secure and fully functional. Otherwise, they didn’t get what they paid for. I would go so far as to say that this is less ethical than just pirating this stuff. I mean, if software vendors are upset that their products are getting pirated like crazy, what do they think the reaction will be if they pull a stunt like this?
Apparently, user back lash and bad press was enough to cause Adobe to rethink their position. According to SecurityWeek, Adobe has decided to create free security patches instead (hat tip). From the report:
“In looking at all aspects, including the vulnerabilities themselves and the threat landscape, the team did not believe the real-world risk to customers warranted an out-of-band release for the CS5 version to resolve these issues,” an Adobe spokesperson originally told SecurityWeek.
But since then, and after complaints, bad press, and user backlash, Adobe has changed its tune. The company now says that it is in the process of developing a patch that won’t essentially force users to upgrade in order to fix the security vulnerability.
“We are in the process of resolving the vulnerabilities addressed in these Security Bulletins in Adobe Illustrator CS5.x, Adobe Photoshop CS5.x (12.x) and Adobe Flash Professional CS5.x, and will update the respective Security Bulletins once the patches are available,” Adobe’s David Lenoe wrote in a blog post late Friday.
Developing a patch, especially for three different applications, can be costly and time consuming. Developing these patches consumes development resources, then must run through a QA process, and the patch needs to be communicated and distributed to users. And for a company like Adobe with a massive customer base using its Photoshop, Illustrator, and Flash Professional, the bandwidth cost alone can be substantial.
I, for one, have a hard time thinking of a situation where a software developer is charging for security updates. Sure, I can see upgrades to new and improved software which has bigger and better features and an upgraded user interface, but simply for security updates is a completely different story. Especially when we’re talking about Adobe products where to buy a single license costs hundreds of dollars which means that big user base Adobe complained about also paid Adobe an incredible amount of money – more than enough to pay a couple programmers to patch each version they have to offer. How this attempted move made any sort of logical business sense for Adobe is beyond me.