Adobe Quietly Monitoring Software Use? 304
henrypijames writes "For months, users of Adobe Creative Suite 3 have been wondering why some of the applications regularly connect to what looks like a private IP address but is actually a public domain address belonging to the web analytics company Omniture. Now allegations of user spying are getting louder, prompting Adobe Photoshop product manager John Nack to respond, though many remain unsatisfied with his explanation."
Not about spying (Score:5, Interesting)
To clarify the summary, the biggest issue is not the spying on users; the biggest issue is the deceptive server name, 192.168.112.2O7.net. It's at least meant to confuse unwary users, and possibly meant to confuse misconfigured firewalls.
As someone said on a blog I can't find right now, this is not a story about privacy; it's a story about lies.
Re:Not about spying (Score:5, Interesting)
What I found as a cause for concern is that it is tracking an embedded Opera browser.
No explanation is a good explanation. (Score:5, Interesting)
Adobe's behavior of late (and it will only get worse) is why applications like Little Snitch [obdev.at] exist.
This kind of thing is why I wish The GIMP [gimp.org] or similar would get useable* for those of us with hundreds of gigs of Photoshop documents.
* Open, Save, full support for all blending modes, masking modes, layer groups, and fonts/text editing capability up to at least Photoshop CS. I don't need the thing to handle Exactly Like Photoshop, but if it's going to be the "photoshop competitor" every FOSS advocate claims it is (instead of, say, the Paintshop Pro competitor that it actually is), then it ought to at least be able to handle my existing documents as well as OpenOffice handles
Re:2o7.net *Not* 207.net (Score:3, Interesting)
Re:Phisher's Delight (Score:5, Interesting)
More to the point, the 192.168.x.x address range is one of several that are specifically intended to be non-routable on the Internet. Many people know this, even those who aren't otherwise that network-savvy. This is a blatant attempt to make the address appear safe ("well, I dunno what it's doing, but at least it's only sending to address on my LAN!") Not what one should expect from a major software house, but unfortunately, it is what we are all coming to expect from everyone in the business. Doesn't much matter what they're actually sending to Omni-whatever
You know, this reminds of something that Jack Valenti once said (about the only thing that sociopath ever said that I agree with): "Just because technology lets us do something, it doesn't mean we should." Now, he was referring to the copying and downloading of DVDs, but his point is still valid. We're seeing too many companies set up to serve larger organizations (Omniture, MediaSentry) using the Internet in unethical if not outright illegal ways. Presumably, this is so the corporation hiring them (in this case, Adobe) has some plausible deniability.
Adobe needs competition. (Score:3, Interesting)
It has almost no competition in most markets it trades in. Where it did have competition, it bought it out with the Macromedia purchase. That's a problem. It's not just this privacy/lying issue, it's price fixing, it's bloated features, it's the product delays (the universal binary versions), it's the (a la Microsoft) packaged versions that make it hard to get standalone versions.
I use Adobe Software every day (always firmly controlled by Little Snitch from install I may add). I don't like using it, it is not the best they can do, but it is the best available. I use it, but I will jump ship tomorrow.
I really, really, really want to use products from a better company. Surely there MUST be developers out there who can make better products than Adobe.
EULA (Score:3, Interesting)
Re:2o7.net *Not* 207.net (Score:5, Interesting)
So let me get this straight. In order to tell Omniture not to do anything on my machine, I have to give Omniture access to my machine. What sort of half-assed policy is this?
Firewall, anybody? (Score:2, Interesting)
I guess that's the curse of the ever-growing number of always-on internet users
Re:Don't yet have the full story (Score:5, Interesting)
This then leads to the question of why Adobe is using them for applications, which leads to think what has been aquired in the past year or so. I know. Macromedia. You know, that company that produces complicated resources hogging web content that unlike other resource hogging content cannot be filtered by most web browsers. I had hoped that Adobe might soften the rules and ship a flash player that was less user hostile, but no such new player exists. So, can we presume that instead of the user friendly Adbobe culture positively affecting the old macromedia products, that the end user hostile macromedia culture is infecting the adobe products.
OTOH, this product is a web design product, and most web designers get their money from ad revenue, so I would hardly think that the users of the product would have much problem with working with 2o7, kind of a necessary evil sort of thing. I can't imagine why adobe would use them at the design level, but overall I agree that it will be of no big deal to users of the product. To me, it is another step in the downfall of Adobe.
Re:Not about spying (Score:1, Interesting)
Even if that isn't the case, I was pissed off when random windows components had to be blocked.
Media player LAN sharing/search service? OK, I have a single PC --blocked cause I don't want that used as a future net-access backdoor for DRM.
Windows sound recorder? Probably is just testing my local network or some local proxy port for scratchwork --hope it's not Bill G. trying to sample my microphone, like google talk does.
Windows magnifier? What the HELL? Why does THAT need to open a socket?
I caught so many OS programs and utilities doing this that it made me mad, in a single month of owning Vista. XP was never so vociferous. Back in the nineties, nothing ever wanted to open your connection upon launch to check for updates. MS and dobe do it to check if the LAN has many PC's running Word / Adobe under the same serial #, particularly on macs. The problem is, once you click on "trust this app" you never know when they'll use that setting to dial beyond your LAN, unless your routers already know to block traffic --and this power comes for $$$$ unless you have precompiled a list of former, though SUCCESSFULL, outside accesses.
metered connections (Score:3, Interesting)
Re:Consequentialism? Puh-leaze! (Score:3, Interesting)
Try gimpshop (Score:2, Interesting)
Re:Not about spying (Score:3, Interesting)
Re:Consequentialism? Puh-leaze! (Score:3, Interesting)
This is easily remedied by only considering the reasonably foreseeable consequences of your actions, which is what GP was suggesting.
Good justification for a crack (Score:3, Interesting)
I have never trusted any software company that attempts to make an outbound connection for ANY reason. Certain programs being an obvious exception like web browsers.
The fact that behavior like this is now coming from Adobe provably, is no surprise to me at all. Adobe has been almost militant in it's defense against piracy. If they had their way, all computers would be hooked up to a central database and run only authorized code decided by a "high council" of software developers.
I know some may say that the "jury is still out", but I don't believe that any of this was done without Adobe's knowledge or consent. After all, any software developer would be stupid and negligent if it subbed out development work or services to a 3rd party without verifying the functionality of the code or auditing the services.
In any case, for a company with Adobe's reputation, this is very damaging.