Adobe Spying On Its Customers

from the now-that's-just-not-very-nice dept

It's not all that surprising these days to hear about software companies having their software "phone home" in some manner or another, though it's often quite annoying. However, it looks like Adobe has taken this to a new level. As highlighted by Valleywag, Adobe's CS3 design software includes a system to provide your usage data quietly to a "behavioral analytics" firm named Omniture. Of course, it does this without ever asking you if you want some random company knowing every time you use this piece of software. While it may not be doing anything nefarious, this certainly has all the hallmarks of spyware, including the fact that it tries to (weakly) disguise the connection to Omniture by making it look like it's simply pinging your local network. It's really amazing that companies keep doing this type of thing thinking that people won't catch on. There may be plenty of legitimate reasons for tracking the usage of a piece of software -- but if so, why not be upfront about it and let the user of the software opt-in to sharing his or her data? Yet another reason to use a firewall that catches these sorts of sneaky outbound connections. Update: John Dowdell, an Adobe employee (and long time Techdirt reader) has replied in the comments, noting that he's talking to folks at Adobe to find out the whole story, but he thinks it's the "live update" function. I'm not sure I understand why a live update function would call an analytics firm -- or why the ping to that analytics firm should be disguised as a local network ping, but that's the story coming out of Adobe right now. Will update again if any more details become clear. Update 2: Further response from Adobe here. It explains what the connection does and also admits that the company should have done a better job making it clear.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Alfred E. Neuman, Dec 28th, 2007 @ 9:49am

    Air Gap

    Incorporate an air gap between anything you do not want (or there is no need for) connecting to the internet.
    This is easily done when you have two separate computers.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Dorotea, Dec 28th, 2007 @ 10:13am

    Air Gap - agreed

    Yes, disconnect the computer from internet if its not needed. Then software can't "Phone Home".

    I believe that US military regards a connected computer as "unsecure". No possibility that a computer is totally secure if connected to other computers.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Dorotea, Dec 28th, 2007 @ 10:13am

    Air Gap - agreed

    Yes, disconnect the computer from internet if its not needed. Then software can't "Phone Home".

    I believe that US military regards a connected computer as "unsecure". No possibility that a computer is totally secure if connected to other computers.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Exsosus, Dec 28th, 2007 @ 10:15am

    Some companies do this with their software. This is the reality. Either accept it, or don't use an always-on net connection. It's up to you to keep your connection off-line or not. If you're interested in what I think, then its not to worry about this sort of thing. Use an anti-spyware and anti-virus program, and a fire wall, and you'll be more safe.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Captain Nemo, Dec 28th, 2007 @ 10:22am

    Use the Gimp- I've seen its code. It doesn't phone home.
    But you're right- to be completely secure, unplug all the networks. And if you need a network, turn off the bits you don't use. Exsosus is right- A firewall would be lovely. This doesn't even only apply to computers! I've seen a good number of PSP's, Nintendo DS's, and cellphones bricked because people didn't turn off the WiFi or Bluetooth or whatever, and a virus got in. Those things aren't secure at all.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Damien, Dec 28th, 2007 @ 10:37am

    Re: Comments #1, #2, & #4

    That's all well and good, but we're not talking about some high-security computer network here. Most people don't have a second computer lying around just waiting to be used for high-end video processing. Most people expect mainstream companies to not act like criminals with something to hide. The problem here isn't the internet connection, it's that Adobe is masking it's net access*.

    Quit blaming the wrong side of the problem.

    *And if you bring up the old argument, "Well, it's in page 231 Sec. Whatever of the end-user agreement. You should have read more closely."... that's not good enough. It may work in a court of law to hide critical details like this in licensing jargon, but that doesn't make it any better.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    John Dowdell, Dec 28th, 2007 @ 10:41am

    Blocked conversation

    Hi, I've been trying to give an early reply on this issue, without success:
    http://weblogs.macromedia.com/jd/archives/2007/12/republishing_co.cfm

    I've managed to talk with some Adobe staff over the holidays, and the early consensus seems to be that dan@uneasysilence.com was indeed referring to live updates available through the start screen pinging adobe.com (which uses Omniture). It's easy to turn off. But I'd like to get a fuller consensus from my colleagues as well.

    jd/adobe

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Matt, Dec 28th, 2007 @ 10:41am

    I'm sorry...

    It's well known that Adobe's software is easy to steal and to make phoning home sound like a bad idea, is just ignorant.

    Collecting data on the other hand, with out the users permission, is a big can of worms.

    -Matt

    ps. There's software out there that is specifically built to stop applications from phoning home. Search on Macupdate.com or other places.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Alfred E. Neuman, Dec 28th, 2007 @ 10:42am

    Re: Re: Comments #1, #2, & #4

    " Most people expect mainstream companies to not act like criminals with something to hide."

    I do expect it.

    In addition, when you exit the Adobe process (and others) there is a FNPLicensingService that is probably still running. I recommend setting this to service to manual.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Dec 28th, 2007 @ 10:50am

    That's a great solution, that. Keep your computer unconnected.


    Tomorrow, I'm going to go and sell my car, so no one can steal it. That'll show 'em.


    The issue here isn't about viruses and hackers and whatever, which will always be a problem. It's about supposedly legit software doing stuff without telling you. You should be able to trust this stuff.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    R3d Jack, Dec 28th, 2007 @ 10:53am

    I have a simple solution

    Zone Alarm, or something like it. Software firewalls can work both ways. I stop certain programs from "phoning home" unless I specifically want them to; others, I just block. The sad thing is that firewalls were meant to contain malware, not something you paid for.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Search* Engines WEB, Dec 28th, 2007 @ 11:14am

    live updates and tips

    It is possibly to offer live updates and push tips info - not so much for spying purposes.

    Anyone could use just one computer and have different IP addresses depending on the type of Internet service they have.

    Also a laptop users can be at numerous places during the course of freelancing.

    The info given to adobe would have to include MAC addresses and other vital systems info to be of any use for catching pirate software users.

    But do the right thing and get a comment from Adobe - this is a high profile blog, surely they will cooperate.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Thom, Dec 28th, 2007 @ 11:19am

    What I really don't like about all this is

    The more software that connects to the net and phones home for little or no reason the less software we, as users, can identify and trust as secure.

    If Adobe software didn't phone home I'd suddenly be shocked and suspect a problem if one day my firewall alerted me to Adobe connecting to the net. I'd suspect a virus, a trojan, or some other compromise of the Adobe software on my system.

    With Adobe connecting for reasons like this the typical user might say "ok, let it connect from now on," when the firewall notifies them the first time. Now that user's security and privacy is at risk. If an attacker exploits a security hole in the Adobe software itself to drop malware then the user will never see, or not be suspect, when the compromised Adobe product connects to the net and does the dirty.

    Likewise, what happens when Adobe decides they need more extensive information to aid them. What apps are your running? How many users on your system? What's your directory structure? What are your hardware serial numbers? What are the names of the last 10 documents you edited? What data was contained in the document or image that crashed as you were editing? The average user will never know and likely the change will have been pushed by Adobe update.

    What if someone redirects the Adobe connection to their site via an edit of the hosts file? How many would catch that?

    Even worse, what if Adobe itself is compromised by an internal or external black hat who pushes out some altered software? No one will suspect a problem because at worst "Adobe always connects to the net when I run it."

    Trust Adobe do you? Well, multiply this by the number of vendors who think this behavior is ok. Then multiply again by the number of vendors who jump on the bandwagon in coming months. The security hole grows a lot doesn't it. Do you still trust Adobe? The behavior?

    Now multiply again to account for all the application vendors you don't know and can't trust who'll include this in their software but will go farther and deliberately send personal, identifying, worrysome data back because they can and because you've come to expect all apps to connect.

    Connections like this should be presented to the user, with reasons explicitly spelled out, transmitted data presented, sent only periodically, and require permisson each and every time.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Dec 28th, 2007 @ 11:35am

    Re: Re: Comments #1, #2, & #4

    Damien, you are somewhat stupid aren't you?

    In this case, the software is CS3. That stuff runs several hundred dollars. A few thousand for all of them. If the person has that software, they have the money to get a second computer.

    Also, the second computer needs only be around 200 USD including EVERYTHING.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Dec 28th, 2007 @ 11:40am

    Re:

    Um, your dumb.

    Your car analogy is totally wrong because if you don't own a car, you don't have one to steal.

    With computers, if you want a SECURE computer you have to limit access to it. If you plug your computer into the internet, ANYONE with an internet connection can potentially enter your system. Hell, some SOFTWARE can do it automatically (read: worms).

    People need to stop trying to troll when they don't have the knowledge to do so.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Dec 28th, 2007 @ 11:52am

    What possible reason . . .

    There is no reason to have software do this unless it was part of a corporate wide customer service program. Even then, it wouldn't be disguised and would have to have *some* security to it.

    Not only did it take more money to create and implement this aspect of the software, it looks like its going to cost them more customers. This is part of whats wrong with DRM too. People need to think ideas through all the way before they do something this stupid.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Rose M. Welch, Dec 28th, 2007 @ 12:02pm

    Re: Re: Re: Comments #1, #2, & #4

    Well, that comment is even stupider. I own that software, and quite a bit of other expensive software for use in web and graphic design. I use this expensive software on my expensive computer for work. I *DO NOT* have the money for a second computer. I don't think so, asshole, I am still paying off this computer. I buy a $200 junker computer and that means one month I don't buy groceries. Explain that to my kids, please.

    And why should I have the bother of using two alternate computers for anything? I agreed to pay money in return for for software. I *might* have agreed to give up some market research, but I read my EULAs pretty carefully, and I sure don't remember seeing anything like that. I don't even set my programs to update w/o me. (Except my antivirus...)

    If they want statistical iformation from me, they are welcome to it - if they ask me up front and want to offer me a damn discount. After all, the kids in the mall and paid for market research. E-rewards and every other market research company pays for market reseach. It is a marketable commodity and it is mine. Taking it without permission is stealing. And don't give me crap about it not being tangible. Everyone on a website like this should damn well know that information can, in fact, equate money.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    John Dowdell, Dec 28th, 2007 @ 12:29pm

    Update, from Adobe sources

    Thanks for the highlight, Mike... greatly appreciated.

    Adobe Photoshop Product Manager John Nack has been pursuing this too, and he has some info from Doug Miller, who I believe handles all Omniture analytics at adobe.com.
    http://blogs.adobe.com/jnack/2007/12/adobe_ate_me_ba.html

    Summary: The Welcome screen (example) in Creative Suite 3 applications does definitely get live updated material from adobe.com, and these go through site analytics just as any other web material does. Clicking the "Don't show again" checkbox will stop this vector of updated material. Doug describes at least two other scenarios where CS3 apps contact adobe.com for resources.

    jd/adobe

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Jesse, Dec 28th, 2007 @ 12:32pm

    Re: Air Gap

    This is easily done when you have two separate computers.

    Two separate computers? To be safe you really need a separate computer for each proprietary application program you run. Either that or use open source software.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Gary, Dec 28th, 2007 @ 12:49pm

    How high up is John?

    Update: John Dowdell, an Adobe employee (and long time Techdirt reader) has replied in the comments, noting that he's talking to folks at Adobe to find out the whole story, but he thinks it's the "live update" function.

    How high up is John? Unless he's very high up (corporate officer level or close to it) he may never get a straight answer. I company I used to work for purposely put time bombs disguised to look like "bugs" into their software in order to keep customers on expensive "support and update" plans. This activity was a very closely kept secret known by only a few within the company (so as to keep word from leaking out and angering the customers). The company then lied to it's own employees about the source of these mysteriously appearing bugs. The moral of the story is, unless John is very high up in the company, he may not get the truth even if he asks.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Alfred E. Neuman, Dec 28th, 2007 @ 12:49pm

    Re: Update, from Adobe sources

    John,

    Thanks for the update. Does Adobe give any reason for the obfuscation of the connection and why they do not inform the user of the connection in an obvious fashion?

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    John Dowdell, Dec 28th, 2007 @ 1:42pm

    re: How high up is John?

    Hey Alfred, I've admired you since I was a kid.... ;-)

    I don't think that Adobe offers an overall guide to Omniture analytics. Most websites are in the same situation, although few also offer desktop applications as Adobe does.

    But like John Nack, I think Adobe would benefit from doing better, in clearly advising of all issues which might be perceived as privacy or security issues. We'll be able to get better and more inclusive info after the holidays.

    (I don't speak for all Adobe, or even know all Adobe. I come out of Macromedia Tech Support, and a lot of what I do today is in helping customers get heard inside the company.)

    jd/adobe

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Steve, Dec 28th, 2007 @ 3:03pm

    spyware?

    The person who wrote this article is an utter retard. First, understand what Omniture and other web analytics firms do, then write your article. The lack of research put forth before this public opinion was released displays a major lack of education. Web analytics firms track web usage so to help companies make better websites. Need online help from within Photoshop?....oh, but you don't like the usability of the online help function, huh? ....well how do you expect Adobe to learn how to make their online help and update wizards more user friendly? How many of you actually fill out surveys, and when you do, how many of you actually tell the truth? ....exactly.

    Omniture does not track how people use Adobe's software, contrary to the uneducated 'guess' above. It tracks anonymous activity as it pertains to the online functionality that may be utilized from the software. How many bad web sites are out there today? TOO MANY!! I see so many well known brand names put up utter garbage for web sites. Kudos to Omniture and other like firms for help the internet become a more user-friendly place.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Alfred E. Neuman, Dec 28th, 2007 @ 3:53pm

    Re: spyware?

    Steve,

    You may have a point there, however I think the issue here is whether this activity was adequately communicated to the user.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Ernest T. Wolf, Dec 28th, 2007 @ 4:00pm

    Re: spyware?

    Steve is absolutely right. How can we expect companies to help us if they don't have enough information about us? For example, I'm sure that I have some great investment opportunities that would help Steve grow his personal fortune. But first, I'll need some information before I can help him with that. So Steve, if you'll kindly post your complete name, address, social security number, mother's maiden name (if different from your own), bank account and credit card numbers (don't forget the little numbers on the backs of the cards too), I'll get right on with helping you.

     

    reply to this | link to this | view in thread ]

  26.  
    icon
    Mike (profile), Dec 28th, 2007 @ 4:14pm

    Re: spyware?

    The person who wrote this article is an utter retard

    It's always nice when people who disagree with you start out by insulting you. It makes the conversation that much more productive.

    First, understand what Omniture and other web analytics firms do, then write your article.

    I understand what Omniture does and I wrote the article. Your point?

    The lack of research put forth before this public opinion was released displays a major lack of education

    And what do your insults display?

    Web analytics firms track web usage so to help companies make better websites.

    Indeed. They do. Why should that matter for a desktop application?

    Need online help from within Photoshop?....oh, but you don't like the usability of the online help function, huh? ....well how do you expect Adobe to learn how to make their online help and update wizards more user friendly?

    Perhaps the same way desktop software companies have for ages: user testing.

    It tracks anonymous activity as it pertains to the online functionality that may be utilized from the software.

    You left out "without telling the person" and "while hiding it by pretending it looks like a local network ping".

    How many bad web sites are out there today? TOO MANY!!

    Again, I'm unclear on how that matters for desktop software.

    Kudos to Omniture and other like firms for help the internet become a more user-friendly place.

    By tracking usage of a DESKTOP app surreptitiously and hiding that tracking? Sorry... I don't see how you can conclude one from the other... but, unlike you, I'll refrain from questioning your mental abilities.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Open Eyes, Dec 28th, 2007 @ 5:31pm

    Re: I'm sorry...

    re: ps. There's software out there that is specifically built to stop applications from phoning home. Search on Macupdate.com or other places.

    Yes, and it's called the ISS 'BlackIce' firewall with Application protection. It will block or terminate any application from accesing the network/internet.

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    SleazyTactics, Dec 28th, 2007 @ 9:10pm

    The MAIN question is: If Omniture is some harmless analytics company out to HELP users, then why are they obscuring their URL with some bullshit spammer technique? Does anyone think that 168..2O7.net thing is anything but total asshole corporate behavior? Hard to believe a company like Adobe would deal with something so sleazy, regardless of how "helpful" it is to their paying customers.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    jeff leong, Dec 29th, 2007 @ 12:30am

    truth is, this kind of method is frequently used and provides no threat to the customer. in fact, this is a benefit to the customer, as business can now better optimize as they do with the web the customer experience with applications. having a simple ping to a server doesn't provide information on what was drawn, coded or published but simply what was clicked, for how long and how many times, "user interaction" - that's all. working with web analytics, i myself have deployed an array of solutions like this and given omniture offers the manipulation of process of the data for free, its a lot cheaper for a company to utilize this option versus building it themselves. its essential data needed 'bottom line' to help provide better products for the customer and poses no threat.

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    Ernest T. Wolf, Dec 29th, 2007 @ 1:39am

    Re:

    Hey jeff,
    Seeing as how we both understand how important it is to have "essential data" in order to help people, I'll make you the same offer I made to Steve. I can start "helping" you just as soon as you post the "essential data" I need.

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Mr reality check, Dec 29th, 2007 @ 3:59am

    Leave the conspiracy thoeries to the pros

    IP's that begin with 192.160 are YOUR LAN DUMBASS!
    http://en.wikipedia.org/wiki/IP_address#IPv4_private_addresses

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    Anonymous of Course, Dec 29th, 2007 @ 11:40am

    Adobe used to be good.

    I've purchased several Adobie products and many
    subsequent updates, starting back with PS 2.0.

    For me the release of CS was the beginning of the
    end. I will not purchase it. Also consider how
    horribly bloated Acrobat has become.

    One of the down sides of success is it leads to
    corporate rot. So you get knuckle head managers
    that while away their time thinking up clever
    ways of increasing revenue rather than improving
    products.

    Here's some essential data for you...
    I used to be a loyal paying customer, now I'm not.

     

    reply to this | link to this | view in thread ]

  33.  
    identicon
    Anonymous Coward, Dec 29th, 2007 @ 1:16pm

    A few years ago when I used ATT DSL, one of their boiler room call reps sold me an enhancement to my service.

    Now this part is strange: The enhancement was to be uploaded to my DSL modem. I could turn the modem off. I could unplug it from my computer. I could could unplug the power. All I needed to do was make sure the modem was still connected to the wall phone jack. I guess all they needed to upload the "firmware" was the power in the phone line.

    When you unplug - physically disconnect.

    Ever since then, I unplug my modems from the wall jack every time I power down.

    Also note, if you use XP, you have a QoS (Quality of Service) channel that reserves a percentage of bandwidth for so called "Background network traffic (or maintenance)". Zero that guy out. Turn off your update and error reporting and remote help features. And, never allow (for you IE users) your browser to install an ActiveX Object.

    Google for tweaks. And remember, just because your network icon in the task bar is NOT BLINKING - it does not that NOTHING is going on. Don't put anything past our owners!

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    uvu, Dec 29th, 2007 @ 1:25pm

    Re: Air Gap - disagree

    Surely Adobe uses a spy ware that can wait until you are connected to the internet to "Phone Home," it is not as simple as disconnecting when you're not online. I always disconnect from the internet when I am not using it, however, there are those few occasional times when I forget, those area the times when all of the invaders have ample time to get in, get what they want and get out.

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Henry Trenton II, Dec 29th, 2007 @ 2:17pm

    Our Constitution has been sold out, vote Ron Paul

    Adobe is another tool for the gov't. After all, corporations and gov't are merely quid-pro-quo whorehouses sold to the highest bidder. When the gov't needs illegal wire-taps, Verizon and Sprint allow them secret rooms to listen in on calls. When Haliburton (and KBR) need more revenue, the gov't hands out no-bid contracts. When the gov't dislikes literature, Amazon and Wikipedia ban the book "America Deceived". We The People had our gov't sold out from beneath us.
    Final link (before Google Books caves to pressure and drops the title):
    America Deceived (book)

     

    reply to this | link to this | view in thread ]

  36.  
    identicon
    SleazyTactics, Dec 29th, 2007 @ 3:05pm

    Re: Leave the conspiracy thoeries to the pros

    Are you even fucking paying attention?
    We all know what our LAN addresses are.
    Omniture is obscuring their probes by using 192...and ending it with 2O7.net, which ISN"T OUR LAN, DUMBASS.

     

    reply to this | link to this | view in thread ]

  37.  
    identicon
    mwales, Dec 29th, 2007 @ 3:33pm

    Mac users: get Little Snitch.

    Zone Alarm is now owned by a bunch of Israelis. Why do they need our info?

     

    reply to this | link to this | view in thread ]

  38.  
    identicon
    mwales, Dec 29th, 2007 @ 3:35pm

    BEWARE:
    "America Deceived (book)" in #27 is a load of crap. Promises one thing. Reads like a high-school scam. Unreadable. Meandering. Makes no point.

    And Amazon is not banning it. Urban Legend

     

    reply to this | link to this | view in thread ]

  39.  
    identicon
    mwales, Dec 29th, 2007 @ 3:36pm

    TYPO: Sorry, meant ""America Deceived (book)" in #37"

     

    reply to this | link to this | view in thread ]

  40.  
    identicon
    JV, Dec 29th, 2007 @ 4:45pm

    same shit another day

    Tried Little Snitch? (http://www.obdev.at/products/littlesnitch/index.html)
    It's Mac only but that is Adobe's core market... still.
    I use both Mac+Adobe everyday at work, FWIW.

    And, yes, Adobe is a tool. Not as pervasiveley back-doored as Microshit or those online "secure" services, but still a tool.

    Open source, when possible, is superior!

     

    reply to this | link to this | view in thread ]

  41.  
    identicon
    little snitch software, Dec 29th, 2007 @ 5:34pm

    little snitch works for me

     

    reply to this | link to this | view in thread ]

  42.  
    identicon
    jeannie lindsay, Dec 29th, 2007 @ 7:12pm

    Omniture? Are you positive the behavior analytics firm isn't called Aperture? I think Adobe should at least give me cake...

     

    reply to this | link to this | view in thread ]

  43.  
    identicon
    Pete, Dec 29th, 2007 @ 8:04pm

    Re: Leave the conspiracy thoeries to the pros

    Well DOUBLE-DUMB ASS!, you think that a thief would announce himself before stealing stuff.. The IP is 216.52.17.0/24 which gets obfuscated to 192.x.x.x.net

     

    reply to this | link to this | view in thread ]

  44.  
    identicon
    how now?, Dec 29th, 2007 @ 10:45pm

    Re: spyware?

    How many times can you utter the word utter?
    A "major lack" of education?
    BTW, perhaps they should "utter" that they're doing this in the first place.

     

    reply to this | link to this | view in thread ]

  45.  
    identicon
    Jeffrey, Dec 30th, 2007 @ 12:12am

    Osama Bin Laden was right about this one.

    OH NO! We are living in a terror under the surveillance world! Today, we are in Orwellian 1984! War is Peace! I will have to dump my computer with a load of spy ware to the sea! Tonight I will escape to a remote island no one ever knew where I will be there.

    The world spied everyone with their own privacy thru Internet nowadays. Al Qaeda leader Osama Bin Laden was right about that because he always believes that old medieval way is much better off than today’s corrupted and wicked modern technology! He is so clever to avoid using today's technology (with hidden surveillance tools) in order to evade from overworking US troops and frustrated bounty hunters who are still searching for him in several years without any luck!

     

    reply to this | link to this | view in thread ]

  46.  
    identicon
    steve, Dec 30th, 2007 @ 1:20am

    Re: Re: spyware?

    legally, it is not required to be articulated to the user. there is no personally identifiable info being passed, so there is not legally binding requirement to inform people that their anonymous behavior as it relates to the activity taking place on the web pages is being aggregated.

    do you have to inform someone that when they enter your brick n mortar store, a manager will be watching what items they browse vs those they buy? this same logic applies to web analytics and use of anonymous data.

     

    reply to this | link to this | view in thread ]

  47.  
    identicon
    steve, Dec 30th, 2007 @ 1:24am

    Re: Re: spyware?

    haha....very clever, but insanely inaccurate. web analytics technology doesn't capture any personally identifiable information. see my response above to Alfred E. Neuman's response to my original post. again, educate yourself on the technology being discussed before you make a comment....err...fool of yourself.

     

    reply to this | link to this | view in thread ]

  48.  
    identicon
    steve, Dec 30th, 2007 @ 1:36am

    Re: Re: spyware?

    Mike, the only time Omniture's tracking takes place is when a web resource is accessed, so the desktop app IS NOT being tracked. please make note.

    Second, see my above response to Alfred E. Neuman, i.e. anonymous web data collection is able to be conducted, legally, without notification to the users. If Adobe were to collect any PII, or personally identifiable information, then they would need to disclose it within their privacy policy.

    Thirdly, User Testing is the most inaccurate form of testing in the world. 2% of the total population is representative of the whole? Why not track the whole?....i.e. what web analytics can do....which provides the most accurate representation of what YOUR total web audience is interested in. There's too many flaws in user testing, Comscore, and NetRatings. Very soon, you will see NetRatings head towards extinction due to audience sampling becoming a thing of the past. For the first time ever, set-top boxes will be tracked in much the same fashion of web sites so that an advertiser will know exactly how many people viewed a tv show, how many times their commercial was actually viewed, etc. no personally identifiable data passed...just aggregated usability data.

    so in summary, i think there is confusion in responding to this topic largely due to the question posed in the original blog being off the mark. Adobe does not track the desktop app, but when someone within the desktop app accesses a web page/resource, then that web behavior IS being tracked. in understanding this basic principle, most people here should be able to formulate intelligent opinions.

     

    reply to this | link to this | view in thread ]

  49.  
    identicon
    howlingmadhowie, Dec 30th, 2007 @ 4:31am

    free software the only answer

    if you want security, you have to have access to the code, then security problems can be fixed quickly. that's why linux and *bsd, despite building the backbone of the internet, have never had a virus or a worm or anything else. the same goes for desktop software. anybody who uses proprietary software can expect to be betrayed by the product they bought.

     

    reply to this | link to this | view in thread ]

  50.  
    identicon
    Anonymous of course, Dec 30th, 2007 @ 9:26am

    free software / activity tracking

    The first worm ever loose in the wild
    ran under BSD and SUN OS. Try Googling
    Morris and Worm.

    All software has security problems. Just
    as all licensing managers can be broken.


    Also I don't buy the user testing argument.
    Through pre-release QC testing, then beta
    testing with knowlegable users, followed by
    feedback from USER GROUPS is how things are
    properly tested.

    Tracking web page resource use sounds more
    like a marketing activity to me... unless
    you're testing the web pages but then you
    won't need to doctor up the application
    to do that.

    In any case- feedback is given openly,
    tracking implies covert data collection.
    I think the inital blog is spot on.

     

    reply to this | link to this | view in thread ]

  51.  
    identicon
    JustMatt, Dec 30th, 2007 @ 10:09am

    Making it look like a 192.168 addy is dishonest an

    I'll be blocking this bad boy when I get back to the office, and also see if I can lay some smack-fu on the Adobe rep.

     

    reply to this | link to this | view in thread ]

  52.  
    identicon
    John Smith, Dec 30th, 2007 @ 10:59am

    Adobe Spying

    Not only Photoshop CS is spying, I have recently uninstalled Adobe Reader, because of its spying behaviour!
    There's other reason, I hate Adobe: When they bought Macromedia, they paid Google to get rid of all links to DVD Decrypter.

    By By Adobe, Viva The Gimp!

     

    reply to this | link to this | view in thread ]

  53.  
    identicon
    Rose M. Welch, Dec 30th, 2007 @ 10:56pm

    Re: Re: Re: spyware?

    Steve is absoluteley NOT right. I might expect that when I walk into a store, but I do not expect the manager of the store to follow me home and watch what I do with the merchandise that I purchase. Not do I expect them to use my computer and system resources, without permission, to tell his bosses what he finds out. WTF, people?

    And I have to say that, as a web designer, I do place surveys on my sites, and they are very helpful. People don't generally lie about that crap. In fact, they are very blunt about exactly what they do and don't like. People aren't stupid, shy idiots, ya know. Well, not in America, at least.

     

    reply to this | link to this | view in thread ]

  54.  
    icon
    Mike (profile), Dec 31st, 2007 @ 12:01am

    Re: Re: Re: spyware?

    Steve, thanks for responding and thanks for NOT choosing to continue your uncalled for insults. It would have been nice to apologize for them, but alas...

    Mike, the only time Omniture's tracking takes place is when a web resource is accessed, so the desktop app IS NOT being tracked. please make note.

    But this includes the splash screen... so while it may be going out and accessing a web resource, it's the equivalent of happening while just opening the desktop app.

    Second, see my above response to Alfred E. Neuman, i.e. anonymous web data collection is able to be conducted, legally, without notification to the users. If Adobe were to collect any PII, or personally identifiable information, then they would need to disclose it within their privacy policy.

    No one suggested what Adobe was doing was illegal. The question was simply about how ethical (or not) it was.

    Thirdly, User Testing is the most inaccurate form of testing in the world. 2% of the total population is representative of the whole?

    A representative sample can tell you quite a bit. Don't brush off 2%. If it's a representative sample it can be quite useful. And the reason you might track 2% rather than the whole is because that 98% didn't sign up to be tracked and would prefer not to be tracked.

     

    reply to this | link to this | view in thread ]

  55.  
    identicon
    Rekrul, Dec 31st, 2007 @ 3:35am

    Block it!

    My firewall is configured to alert me to any new outgoing connections and ask whether the action should be allowed or blocked.

    Any program that tries to make an outgoing connection without my explicitly having told it to do so, or requiring one as part of its normal functioning, gets blocked. If it requires an outgoing connection to function, but tries to phone home, I will specifically block outgoing connections to its parent company. I don't even let my software check for new version automatically. I'll check for new versions when *I* want to.

     

    reply to this | link to this | view in thread ]

  56.  
    identicon
    Anonymous Coward, Dec 31st, 2007 @ 2:26pm

    Re: Osama Bin Laden was right about this one.

    Hey, looky! Another military "communications officer" (i.e. troll) at work.

     

    reply to this | link to this | view in thread ]

  57.  

    Adobe Spying On Its Customers

    I am not shocked to hear about Adobe spying on its customers. It is to be expected. That is why having a firewall is wise.

     

    reply to this | link to this | view in thread ]

  58.  
    identicon
    PO, Jan 3rd, 2008 @ 7:04pm

    Use a HOST file

     

    reply to this | link to this | view in thread ]

  59.  
    identicon
    Warez Boy, Jul 7th, 2008 @ 1:35pm

    Adobe can lick the dick cheese out from between my glans and shaft!

    I get my Adobe ware for free off of P2P. Sure beats the hell out of paying the thousands Adobe wants for it. ZoneAlarm is free too. Once Adobe asks for net access, ZoneAlarm asks you to allow or deny it. Click on the "remember" box and then click Deny. Enjoy your free Adobe programs now! Woo hoo!

     

    reply to this | link to this | view in thread ]

  60.  
    identicon
    Warez Boy, Jul 7th, 2008 @ 1:35pm

    Adobe can lick the dick cheese out from between my glans and shaft!

    I get my Adobe ware for free off of P2P. Sure beats the hell out of paying the thousands Adobe wants for it. ZoneAlarm is free too. Once Adobe asks for net access, ZoneAlarm asks you to allow or deny it. Click on the "remember" box and then click Deny. Enjoy your free Adobe programs now! Woo hoo!

     

    reply to this | link to this | view in thread ]

  61.  
    identicon
    Bobby, Mar 10th, 2010 @ 9:32am

    For some reason I find this very easy to believe. Adobe is constantly installing things on my computer that I neither ask for nor want. My antivirus program is always warning me about them, but I tend to trust them for the most part. However, this seems to be proof positive that my worst suspicions were correct.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This