Slashdot Log In
Adobe Quietly Monitoring Software Use?
Posted by
Zonk
on Saturday December 29, @04:39PM
from the probably-not-that-big-a-deal dept.
from the probably-not-that-big-a-deal dept.
henrypijames writes "For months, users of Adobe Creative Suite 3 have been wondering why some of the applications regularly connect to what looks like a private IP address but is actually a public domain address belonging to the web analytics company Omniture. Now allegations of user spying are getting louder, prompting Adobe Photoshop product manager John Nack to respond, though many remain unsatisfied with his explanation."
Related Stories
Adobe Quietly Monitoring Software Use?
|
Log In/Create an Account
| Top
| 304 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Not about spying (Score:5, Interesting)
To clarify the summary, the biggest issue is not the spying on users; the biggest issue is the deceptive server name, 192.168.112.2O7.net. It's at least meant to confuse unwary users, and possibly meant to confuse misconfigured firewalls.
As someone said on a blog I can't find right now, this is not a story about privacy; it's a story about lies.
Re:Not about spying (Score:5, Interesting)
What I found as a cause for concern is that it is tracking an embedded Opera browser.
If SONY wasn't innocent for what First4Internet... (Score:5, Insightful)
Um, no, we can't (Score:5, Insightful)
As for responsibility.
Analogy: If Ford used a third party airbag in their cars that regularly deployed when you hit 70mph, who would be held responsible? Ford, the third party or both?
Don't yet have the full story (Score:5, Insightful)
As Trombone says the misleading server name is the issue. As I perceive it, this smells bad. Microsoft-style bad to be blunt.
Re:Don't yet have the full story (Score:5, Interesting)
This then leads to the question of why Adobe is using them for applications, which leads to think what has been aquired in the past year or so. I know. Macromedia. You know, that company that produces complicated resources hogging web content that unlike other resource hogging content cannot be filtered by most web browsers. I had hoped that Adobe might soften the rules and ship a flash player that was less user hostile, but no such new player exists. So, can we presume that instead of the user friendly Adbobe culture positively affecting the old macromedia products, that the end user hostile macromedia culture is infecting the adobe products.
OTOH, this product is a web design product, and most web designers get their money from ad revenue, so I would hardly think that the users of the product would have much problem with working with 2o7, kind of a necessary evil sort of thing. I can't imagine why adobe would use them at the design level, but overall I agree that it will be of no big deal to users of the product. To me, it is another step in the downfall of Adobe.
Re:Not about spying (Score:5, Insightful)
It's almost guaranteed that Adobe was trying to hide something here (to state the obvious). I suppose there's always the possibility that somebody thought they were being playfully clever, but if so, it was done with the same poor judgment one uses if one jokingly tells the TSA guy, "Don't worry, I won't blow the plane up, I promise!"
Re:Not about spying (Score:5, Informative)
Re:Not about spying (Score:5, Insightful)
No. The "biggest issue" here comes from the fact that a software vendor has the arrogance to think they have some "right" to use my network connection in an app having no business connecting to the internet in the first place.
The actual address just raises a few red flags, but I'd consider it just as unkosher if they connected directly to "www.adobe.com".
If they want to download some form of legitimate update or additional content, their bloatware can damned well ask for my permission. Otherwise, I consider this no less than theft of service on Adobe's (or whatever company you want to pick, since we tolerate far too many of them doing this crap) part.
Okay, now cue the trolls and apoligists who will quote part of a EULA that not even its own author ever read.
Re:Not about spying (Score:5, Insightful)
It's about beaing sneaky (Score:5, Insightful)
I absolutely agree that the software vendor thinking that they have some right to do this spying is very arrogant and serious. But think about this. The fact that the connection is structured to LOOK like something connecting internally only goes to show that not only are they doing this, but they are doing this with the intent to try to obscure it. It would be one thing if they were on the up and up about it. But they would not need to do this 2o7.net stuff if they were. They could connect to "reg7.adobe.com" or some such name. But no ... they tried to add a layer of obfuscation to it.
They know they are spying on you because they are doing it. But they also know you won't like it. And that is obvious from the effort to hide and obscure it. Doesn't that make it at least twice as bad, if not triple or worse?
Re:Not about spying (Score:4, Insightful)
As per "Rules of the Internet: Rule 34: There is Porn of it, no exceptions", and "Rule 35: If there is not porn of it, porn will be made of it".
I hereby propose two new rules for malware:
Rules of Malware: Rule 34: The presence of a zero in your domain name is a prima facie indicator of spyware/spamware/shitware/malware sponsored by a "reputable" vendor, aka "mainsleaze".
This heuristic has held true ever since mainsleaze spammers started flinging shit at me from "m0.net" back in the 90s. (Funny m0.net story - my bank ignored me, but my broker amazingly dropped m0.net after I pointed out that all their client communications were being preemptorily-treated as phishing attempts, and that if they didn't start sending client communications from machines under their own domain I'd transfer my own account. My own account means jack and shit to 'em, but I obviously wasn't the only one enraged by this, and kudos to the broker for realizing they had to dropping m0.net like the spamhaus it was.)
Rules of Malware: Rule 35: In the event of unknown software that violates Rule 34 via the replacement of a zero or one with a "l" (ell) or "o" (oh), it's still mainzleaze malware.
I further propose that 2o7.net be the canonical example of Rule 35 of Spyware.
Ever since Photoshop (6? 7?) phoned home on install, I haven't trusted them and crossed 'em off my vendor list. Giving PDFs the ability to be exploited by Javashit, and the attempt to ubiquitize something as exploit-prone as Flash's runtime, I've been gratified to see that my lack of trust was well-founded. Fuck Adobe.
Consequentialism? Puh-leaze! (Score:4, Insightful)
No explanation is a good explanation. (Score:5, Interesting)
Adobe's behavior of late (and it will only get worse) is why applications like Little Snitch [obdev.at] exist.
This kind of thing is why I wish The GIMP [gimp.org] or similar would get useable* for those of us with hundreds of gigs of Photoshop documents.
* Open, Save, full support for all blending modes, masking modes, layer groups, and fonts/text editing capability up to at least Photoshop CS. I don't need the thing to handle Exactly Like Photoshop, but if it's going to be the "photoshop competitor" every FOSS advocate claims it is (instead of, say, the Paintshop Pro competitor that it actually is), then it ought to at least be able to handle my existing documents as well as OpenOffice handles
Re:No explanation is a good explanation. (Score:4, Informative)
Gee, it's funny you mention that. A long time ago, maybe Photoshop 2.0 era, I had a client who liked to submit files in
So I emailed John Knoll to ask how I could read
I don't see any
Re:No explanation is a good explanation. (Score:5, Funny)
GIMP vs Paintshop PRO or Photoshop (Score:4, Insightful)
GIMP *is* competing primarily with Photoshop. This isn't a matter of which commercial application's feature set it most closely resembles. It's a matter of what users actually USE.
Photoshop is the default application for doing any kind of drawing or photo editing. It might be total overkill, it might not be the best choice or whatever, but that's irrelevant. Ask yourself this instead: How many people do you think PAY hundreds of dollars for Adobe Photoshop for their own personal at-home use?
Face it, Photoshop is the standard because it's pirated so much. This isn't a question of "lost sales", since 90% of Photoshop pirates (and I'm extrapolating from people I know of, so flame away) wouldn't DREAM of laying down that amount of cash. If they were forced to go legal, they would probably buy Paintshop Pro - an application that probably suits their needs much better anyway. (So if anyone is losing sales when Photoshop is pirated, it's probably Corel).
To summarize: GIMP competes primarily with *illegitimate* Photoshop users.
Bad assumption. (Score:5, Insightful)
I won't speak in the name of others, but clearly The Gimp is not a competitor to photoshop. If PS was to be competing against The Gimp, Adobe would have to release native file format information, plus access to the code. For those among FOSS supporters like me, failing on both counts is a total show stopper for even considering a switch, much like the burden of your previous work is to you.
The Gimp is like the plank cabin you build on your grounds : there might be holes, it might not be completely comfortable, and the roof might even leak, but nevertheless, you're the king in your own private kingdom, because you're considered to be the owner of the place. PS is more like a rented flat : nice view, good furnitures, central heating, but if your landlord happens to be a complete moron, and suddenly decides to lock all the doors at 9 pm, you're fscked, and either you're in by the curfew, or you're homeless for the night.
You decide what's acceptable to you.
Not firewall related (Score:2)
Web Proxy? Yeah, OK, maybe, but even then it is a reach...
2o7.net *Not* 207.net (Score:5, Informative)
The Opt-Out "Explanation" page is here: http://www.omniture.com/privacy/2o7 [omniture.com]
Still, the dubious address http://192.168.112.2o7.net/ [2o7.net] appears to be some variation of Social Engineering. http://en.wikipedia.org/wiki/Social_engineering_(computer_security) [wikipedia.org]
This might explain some of Adobe's seeming software bloating (like Acrobat Reader, etc...) http://www.google.com/search?hl=en&q=Acrobat+reader+bloat [google.com]
Re:2o7.net *Not* 207.net (Score:5, Informative)
GET
Referer: http://www.adobe.com/startpage/dw_content/dw_90_full_default.swf?prod=dw&ver=9.0&plat=win&lang=en&stat=full&tday=&spfx=&productName=dreamweaver [adobe.com]
x-flash-version: 9,0,45,0
User-Agent: Shockwave Flash
Host: 192.168.112.2O7.net
and returns a 2x2 pixel blank GIF.
Re:2o7.net *Not* 207.net (Score:5, Interesting)
So let me get this straight. In order to tell Omniture not to do anything on my machine, I have to give Omniture access to my machine. What sort of half-assed policy is this?
Phisher's Delight (Score:5, Informative)
http://blogs.adobe.com/jnack/2007/12/whats_with_adob.html [adobe.com]
the Adobe guy says:
the objections seem to center not so much on whether Adobe apps are contacting a server, but rather that the server is named "192.168.112.2O7.net,"
Note the letter O instead of a zero. 2o7.net is registered to Omniture.
WTF? If Little Snitch told me that some app was trying to connect to 192.168.112.2O7.net I would assume it was compromised, and would be debating a complete clean system reinstall of OSX.
192.168.112.2O7.net? Masquerading as an IP from my home DHCP server? Are they serious? From Nigeria? Romania?
Again, WTF?
P.S. for those of you who have not set up a LAN, 192.168.xxx.xxx is typically an IP address for an internal LAN, not something out on the Web.
Re:Phisher's Delight (Score:5, Interesting)
More to the point, the 192.168.x.x address range is one of several that are specifically intended to be non-routable on the Internet. Many people know this, even those who aren't otherwise that network-savvy. This is a blatant attempt to make the address appear safe ("well, I dunno what it's doing, but at least it's only sending to address on my LAN!") Not what one should expect from a major software house, but unfortunately, it is what we are all coming to expect from everyone in the business. Doesn't much matter what they're actually sending to Omni-whatever
You know, this reminds of something that Jack Valenti once said (about the only thing that sociopath ever said that I agree with): "Just because technology lets us do something, it doesn't mean we should." Now, he was referring to the copying and downloading of DVDs, but his point is still valid. We're seeing too many companies set up to serve larger organizations (Omniture, MediaSentry) using the Internet in unethical if not outright illegal ways. Presumably, this is so the corporation hiring them (in this case, Adobe) has some plausible deniability.
might not be Adobe misleading... (Score:2)
As to the address, it's certainly suspicious that Omniture chose such a misleading looking domain name for one of their servers. I'm not even sure what they were expecting to pull off. If someone is knowledgeable to recognize that as a private network, they are almost certainly knowledgeable enough to recognize there being no point to connect to such an address (chances are it wouldn't exist), even if they didn't notice the
Any firewalling rules wouldn't be fooled by such a stunt as well, so trying to trick it into one zone versus another seems a stretch..
This is very common (Score:2)
I have an old version of Kerio (very sorry that it vanished) which serves very well in putting every attempt of programs to go out on the network on display.
Recent discoveries: a PDF printer driver "calls home" every time I print a document through it.
Adobe (reader) is pretty bad in checking for updates or whatever it tries to do on the Internet and M$oft of cause always accesses some port 123 when starting XP.
In essence - unless you really are behind every program, you have no privacy!
And - with NTFS allowing stealth handles, who knows what is installed, not even talking about Vista.
FBI now openly talking about a kitchensink database on everyone with everything, I think the game is lost....
should take care of unemployment though - two people necessary to track every "normal" citizen
Re:This is very common (Score:5, Informative)
Port 123 (both UDP and TCP) is the NTP port.
Double-click on the time on the right end of your taskbar to open the Date and Time Properties dialog box, then click on the Internet Time tab.
I believe it defaults to time.windows.com. I change mine to us.pool.ntp.org.
How do I block it? (Score:1)
Opt-out site (Score:4, Informative)
Anti Piracy? (Score:1)
Firewall (Score:4, Informative)
# Block access to Omniture -- spyware vendors
block from any to 216.52.17.0/24
Adobe needs competition. (Score:3, Interesting)
It has almost no competition in most markets it trades in. Where it did have competition, it bought it out with the Macromedia purchase. That's a problem. It's not just this privacy/lying issue, it's price fixing, it's bloated features, it's the product delays (the universal binary versions), it's the (a la Microsoft) packaged versions that make it hard to get standalone versions.
I use Adobe Software every day (always firmly controlled by Little Snitch from install I may add). I don't like using it, it is not the best they can do, but it is the best available. I use it, but I will jump ship tomorrow.
I really, really, really want to use products from a better company. Surely there MUST be developers out there who can make better products than Adobe.
EULA (Score:3, Interesting)
That sounds like REALLY intuitive market research (Score:1)
1:00pm paintbrush selected
1:03pm eraser selected
1:07pm paintbrush selected
1:08pm save file hm_build_001.psd 9.3mb
1:10pm program idle
2:45pm paintbrush selected
As opposed to going out and saying to the customers
'What do you like about Photoshop? What tools work? What would you change? please limit your responses to 500 words. We appreciate your business and look forward to providing superior digital imaging software till the day god comes down from the heavens and smites you all for making sinful images'
What god damned mook of a market researcher thought a blow by blow report of what a customer clicks on while working on a project is superior to actually talking to the customer?
Local apps shouldn't secretly access the Internet (Score:5, Insightful)
If Adobe and other companies want to retain their paying customers' trust, their applications shouldn't be doing unexplained things behind the user's back.
If they want to pop up a window saying "To insure better product quality, we would like to have this application send information to internet address thus-and-such. To read a detailed description of the information we send and how we use it, press 'details.' To allow us to do this, press 'allow.' If you do not want us to do this, press 'no,'" then everything would be cool.
But if an application does stuff we don't expect it to do, and they don't even mention it in advance, it's not terribly paranoid to assume that the reason is that they're doing something they don't want us to know about.
Firewall, anybody? (Score:2, Interesting)
I guess that's the curse of the ever-growing number of always-on internet users
Who will be the first to register ad0b3.com? (Score:2)
Who will be the first to register ad0b3.com? Or maybe 4dobe.com or 4d0be3.com?
People run their machines with default HOSTS?! (Score:5, Informative)