Fascinating thread -- and a sad example of Autodesk not hearing what its customers -- the people who actually pay the salaries of the 'Deskers, really say.
Let's clear up some counterfactuals here.
>>The DWF file format is open source
That statement is so incorrect that it's not even wrong. It's as counterfactual as claiming that Autodesk 'owns' the .dwg format, or the txt format. No computer file format is open source. No license is required by ayone, at any time or place, to create a file using any format, whether DWF, DWG, DOC, RTF, TXT, or what have you. DWF may be publicly documented, but that is a far cry from being open source.
The software used by Adesk to create and read DWF files is NOT open source. Neither DWF ePlot plotter driver, ADR nor the DWF Toolkit is available under a FOSS license. While the DWF Toolkit is licensed at no charge, Item four in the license for that software reserves the right of Autodesk to revoke that license. Basically, Autodesk says its' their bat and ball, and they can take it away whenever they want.
Now, there's nothing stopping Autodesk from releasing the DWF toolkit, the DWF plotter driver, and ADR under a FOSS license. Certainly would be a good move on their part to build trust in the stability and reliability of their offering, and trust is something Adesk desperately needs to build if they have any desire for their cloud services to gain any traction. Maybe hand it over to the Mozilla or Apache Foundations, or the OpenDocument people behind Libre Office. Good for the community, good for Autodesk customers, and good for ADR.
Certainly there has been little reason to trust Autodesk to date -- from Generic CAD to WorkCenter, Actrix to Impression, there's a long litany of dropped products, abandoning customers and leaving them with no forward path. One could be forgiven for thinking that the ability create DWF files will be deprecated, just as was done with .3ds, even though that format had become a de facto standard for data transfer. Releasing all the source code related to dwf under a FOSS license would go a long ways towards repairing that reputation for short term thinking.
>>The last few releases of AutoCAD put PDF on a par in terms of publishing and underlay capabilities.
Well, somewhat accurate. While a PDF from an AtuoCAD line drawing may work reasonably well as an underlay, the vast variety of sources for PDF files means that a usable PDF is an unexpected occurence. Experience has shown that the usability of a PDF attachment is not equivalent to that of a DWF, and completely lacking in integration with markups. It's also worth noting that PDF files are well known vectors for malware infections - something that DWF and ADR have been spared so far. There are some distinct benefits to bing a minority player. At least for users.
Aditionally, since Adobe has dropped 3D PDF, the future of that is uncertain, and it's probable that a recipient will not be able to deal with that format as a review document.
PDF has a valuable place - but primarily with non-technical users, realtors, managers, etc. With technically savvy people dealing with CAD design, DWF and Design Review are vastly better.
>> For those who have security aversions, as a large global company, it is possible that Autodesk spends more money on securing our servers than you do on securing yours.
Wow. just, Wow. A statement like that simply beggars belief.
There's little correlation between spending large quantities of money, and having effective security. The list of 'large global companies' that have been hacked and owned by criminals is possibly shorter than the list of _all_ large global companies, but maybe not. The companies are not exactly forthcoming about their security failures, and successful criminals don't brag. We've even had at least one incident where a 'large global company' directly sold confidential consumer information to a criminal organization.
Using Adobe as only the most recent example, their security was violated months ago, and the intruders spent months at large in their systems, taking not only all customer information, including password and account data, but copied all the source code for Adobe's products. And, although Adobe probably spends more money on security than Autodesk does, they were not aware of the intrusion untill an independent security researcher discovered the source code and password cache in the wild, and told Adobe they'd been pwned. Add Sony, Roku, etc, etc, etc to the list of large global companies who have failed to protect customer information, and skated with minimal or non-existent repuercussions. That's something on the order of 100 million passwords and user names out there, and available to criminals for exploits.
And let's remember the initial 'password protected' dwg files that in fact were not encrypted. The DWG file simply had a flag set that told Acad to pretend the file was secured. Every other DWG viewer and editor on the planet had the technical capability to ignore that flag and open the drawing. Politely, the ODA toolkit enforced the flag and would not open the non-encrypted files.
My employer's IT group takes the security of our customer's data much more seriously -- and why not? We face real damages if confidentialy is violated, and we are not hiding behind a 'hold harmless' EUALA. We would face lawsuits, pay damages, possible criminal charges, and the people directly responsible would certainly be out of work. Unlike software vendors or cloud providers, who refuse any liability.
Again, much of this comes down to trust. And there's little to no reason to trust Autodesk because frankly, they haven't earned it. On repeated occasions, Autodesk has publicly exposed my personal information without my consent or agreement. I have no idea how many (un)'trusted partners' Adesk has handed off, traded, or sold my data to. Evidently, that includes a company named Otoy -- with which I have no business relationship with, yet for some reason Autodesk decided that they should be a gateway to the 'Autodesk Remote' application, and gave them the ability to validate my subscription logins.
There are people working in Autodesk that I know, respect, and trust. But until something changes, that does not include trusting the corporation. Trust is not transitive, and security does not come from a checkbook.
