Adobe Spying On Its Customers

from the now-that's-just-not-very-nice dept

Fri, Dec 28th 2007 9:42am — Mike Masnick

It's not all that surprising these days to hear about software companies having their software "phone home" in some manner or another, though it's often quite annoying. However, it looks like Adobe has taken this to a new level. As highlighted by Valleywag, Adobe's CS3 design software includes a system to provide your usage data quietly to a "behavioral analytics" firm named Omniture. Of course, it does this without ever asking you if you want some random company knowing every time you use this piece of software. While it may not be doing anything nefarious, this certainly has all the hallmarks of spyware, including the fact that it tries to (weakly) disguise the connection to Omniture by making it look like it's simply pinging your local network. It's really amazing that companies keep doing this type of thing thinking that people won't catch on. There may be plenty of legitimate reasons for tracking the usage of a piece of software -- but if so, why not be upfront about it and let the user of the software opt-in to sharing his or her data? Yet another reason to use a firewall that catches these sorts of sneaky outbound connections. Update: John Dowdell, an Adobe employee (and long time Techdirt reader) has replied in the comments, noting that he's talking to folks at Adobe to find out the whole story, but he thinks it's the "live update" function. I'm not sure I understand why a live update function would call an analytics firm -- or why the ping to that analytics firm should be disguised as a local network ping, but that's the story coming out of Adobe right now. Will update again if any more details become clear. Update 2: Further response from Adobe here. It explains what the connection does and also admits that the company should have done a better job making it clear.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cs3, spyware
Companies: adobe, omniture

61 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Alfred E. Neuman, 28 Dec 2007 @ 9:49am

Air Gap
Incorporate an air gap between anything you do not want (or there is no need for) connecting to the internet.
This is easily done when you have two separate computers.
[ link to this | view in thread ]
Dorotea, 28 Dec 2007 @ 10:13am

Air Gap - agreed
Yes, disconnect the computer from internet if its not needed. Then software can't "Phone Home".

I believe that US military regards a connected computer as "unsecure". No possibility that a computer is totally secure if connected to other computers.
[ link to this | view in thread ]
Dorotea, 28 Dec 2007 @ 10:13am

Air Gap - agreed
Yes, disconnect the computer from internet if its not needed. Then software can't "Phone Home".

I believe that US military regards a connected computer as "unsecure". No possibility that a computer is totally secure if connected to other computers.
[ link to this | view in thread ]
Exsosus, 28 Dec 2007 @ 10:15am

Some companies do this with their software. This is the reality. Either accept it, or don't use an always-on net connection. It's up to you to keep your connection off-line or not. If you're interested in what I think, then its not to worry about this sort of thing. Use an anti-spyware and anti-virus program, and a fire wall, and you'll be more safe.
[ link to this | view in thread ]
Captain Nemo, 28 Dec 2007 @ 10:22am

Use the Gimp- I've seen its code. It doesn't phone home.
But you're right- to be completely secure, unplug all the networks. And if you need a network, turn off the bits you don't use. Exsosus is right- A firewall would be lovely. This doesn't even only apply to computers! I've seen a good number of PSP's, Nintendo DS's, and cellphones bricked because people didn't turn off the WiFi or Bluetooth or whatever, and a virus got in. Those things aren't secure at all.
[ link to this | view in thread ]
Damien, 28 Dec 2007 @ 10:37am

Re: Comments #1, #2, & #4
That's all well and good, but we're not talking about some high-security computer network here. Most people don't have a second computer lying around just waiting to be used for high-end video processing. Most people expect mainstream companies to not act like criminals with something to hide. The problem here isn't the internet connection, it's that Adobe is masking it's net access*.

Quit blaming the wrong side of the problem.

*And if you bring up the old argument, "Well, it's in page 231 Sec. Whatever of the end-user agreement. You should have read more closely."... that's not good enough. It may work in a court of law to hide critical details like this in licensing jargon, but that doesn't make it any better.
[ link to this | view in thread ]
John Dowdell, 28 Dec 2007 @ 10:41am

Blocked conversation
Hi, I've been trying to give an early reply on this issue, without success:
http://weblogs.macromedia.com/jd/archives/2007/12/republishing_co.cfm

I've managed to talk with some Adobe staff over the holidays, and the early consensus seems to be that dan@uneasysilence.com was indeed referring to live updates available through the start screen pinging adobe.com (which uses Omniture). It's easy to turn off. But I'd like to get a fuller consensus from my colleagues as well.

jd/adobe
[ link to this | view in thread ]
Matt, 28 Dec 2007 @ 10:41am

I'm sorry...
It's well known that Adobe's software is easy to steal and to make phoning home sound like a bad idea, is just ignorant.

Collecting data on the other hand, with out the users permission, is a big can of worms.

-Matt

ps. There's software out there that is specifically built to stop applications from phoning home. Search on Macupdate.com or other places.
[ link to this | view in thread ]
Alfred E. Neuman, 28 Dec 2007 @ 10:42am

Re: Re: Comments #1, #2, & #4
" Most people expect mainstream companies to not act like criminals with something to hide."

I do expect it.

In addition, when you exit the Adobe process (and others) there is a FNPLicensingService that is probably still running. I recommend setting this to service to manual.
[ link to this | view in thread ]
Anonymous Coward, 28 Dec 2007 @ 10:50am

That's a great solution, that. Keep your computer unconnected.

Tomorrow, I'm going to go and sell my car, so no one can steal it. That'll show 'em.

The issue here isn't about viruses and hackers and whatever, which will always be a problem. It's about supposedly legit software doing stuff without telling you. You should be able to trust this stuff.
[ link to this | view in thread ]
R3d Jack, 28 Dec 2007 @ 10:53am

I have a simple solution
Zone Alarm, or something like it. Software firewalls can work both ways. I stop certain programs from "phoning home" unless I specifically want them to; others, I just block. The sad thing is that firewalls were meant to contain malware, not something you paid for.
[ link to this | view in thread ]
Search* Engines WEB, 28 Dec 2007 @ 11:14am

live updates and tips
It is possibly to offer live updates and push tips info - not so much for spying purposes.

Anyone could use just one computer and have different IP addresses depending on the type of Internet service they have.

Also a laptop users can be at numerous places during the course of freelancing.

The info given to adobe would have to include MAC addresses and other vital systems info to be of any use for catching pirate software users.

But do the right thing and get a comment from Adobe - this is a high profile blog, surely they will cooperate.
[ link to this | view in thread ]
Thom, 28 Dec 2007 @ 11:19am

What I really don't like about all this is
The more software that connects to the net and phones home for little or no reason the less software we, as users, can identify and trust as secure.

If Adobe software didn't phone home I'd suddenly be shocked and suspect a problem if one day my firewall alerted me to Adobe connecting to the net. I'd suspect a virus, a trojan, or some other compromise of the Adobe software on my system.

With Adobe connecting for reasons like this the typical user might say "ok, let it connect from now on," when the firewall notifies them the first time. Now that user's security and privacy is at risk. If an attacker exploits a security hole in the Adobe software itself to drop malware then the user will never see, or not be suspect, when the compromised Adobe product connects to the net and does the dirty.

Likewise, what happens when Adobe decides they need more extensive information to aid them. What apps are your running? How many users on your system? What's your directory structure? What are your hardware serial numbers? What are the names of the last 10 documents you edited? What data was contained in the document or image that crashed as you were editing? The average user will never know and likely the change will have been pushed by Adobe update.

What if someone redirects the Adobe connection to their site via an edit of the hosts file? How many would catch that?

Even worse, what if Adobe itself is compromised by an internal or external black hat who pushes out some altered software? No one will suspect a problem because at worst "Adobe always connects to the net when I run it."

Trust Adobe do you? Well, multiply this by the number of vendors who think this behavior is ok. Then multiply again by the number of vendors who jump on the bandwagon in coming months. The security hole grows a lot doesn't it. Do you still trust Adobe? The behavior?

Now multiply again to account for all the application vendors you don't know and can't trust who'll include this in their software but will go farther and deliberately send personal, identifying, worrysome data back because they can and because you've come to expect all apps to connect.

Connections like this should be presented to the user, with reasons explicitly spelled out, transmitted data presented, sent only periodically, and require permisson each and every time.
[ link to this | view in thread ]
Anonymous Coward, 28 Dec 2007 @ 11:35am

Re: Re: Comments #1, #2, & #4
Damien, you are somewhat stupid aren't you?

In this case, the software is CS3. That stuff runs several hundred dollars. A few thousand for all of them. If the person has that software, they have the money to get a second computer.

Also, the second computer needs only be around 200 USD including EVERYTHING.
[ link to this | view in thread ]
Anonymous Coward, 28 Dec 2007 @ 11:40am

Re:
Um, your dumb.

Your car analogy is totally wrong because if you don't own a car, you don't have one to steal.

With computers, if you want a SECURE computer you have to limit access to it. If you plug your computer into the internet, ANYONE with an internet connection can potentially enter your system. Hell, some SOFTWARE can do it automatically (read: worms).

People need to stop trying to troll when they don't have the knowledge to do so.
[ link to this | view in thread ]
Anonymous Coward, 28 Dec 2007 @ 11:52am

What possible reason . . .
There is no reason to have software do this unless it was part of a corporate wide customer service program. Even then, it wouldn't be disguised and would have to have *some* security to it.

Not only did it take more money to create and implement this aspect of the software, it looks like its going to cost them more customers. This is part of whats wrong with DRM too. People need to think ideas through all the way before they do something this stupid.
[ link to this | view in thread ]
Rose M. Welch, 28 Dec 2007 @ 12:02pm

Re: Re: Re: Comments #1, #2, & #4
Well, that comment is even stupider. I own that software, and quite a bit of other expensive software for use in web and graphic design. I use this expensive software on my expensive computer for work. I *DO NOT* have the money for a second computer. I don't think so, asshole, I am still paying off this computer. I buy a $200 junker computer and that means one month I don't buy groceries. Explain that to my kids, please.

And why should I have the bother of using two alternate computers for anything? I agreed to pay money in return for for software. I *might* have agreed to give up some market research, but I read my EULAs pretty carefully, and I sure don't remember seeing anything like that. I don't even set my programs to update w/o me. (Except my antivirus...)

If they want statistical iformation from me, they are welcome to it - if they ask me up front and want to offer me a damn discount. After all, the kids in the mall and paid for market research. E-rewards and every other market research company pays for market reseach. It is a marketable commodity and it is mine. Taking it without permission is stealing. And don't give me crap about it not being tangible. Everyone on a website like this should damn well know that information can, in fact, equate money.
[ link to this | view in thread ]
John Dowdell, 28 Dec 2007 @ 12:29pm

Update, from Adobe sources
Thanks for the highlight, Mike... greatly appreciated.

Adobe Photoshop Product Manager John Nack has been pursuing this too, and he has some info from Doug Miller, who I believe handles all Omniture analytics at adobe.com.
http://blogs.adobe.com/jnack/2007/12/adobe_ate_me_ba.html

Summary: The Welcome screen (example) in Creative Suite 3 applications does definitely get live updated material from adobe.com, and these go through site analytics just as any other web material does. Clicking the "Don't show again" checkbox will stop this vector of updated material. Doug describes at least two other scenarios where CS3 apps contact adobe.com for resources.

jd/adobe
[ link to this | view in thread ]
Jesse, 28 Dec 2007 @ 12:32pm

Re: Air Gap
This is easily done when you have two separate computers.

Two separate computers? To be safe you really need a separate computer for each proprietary application program you run. Either that or use open source software.
[ link to this | view in thread ]
Gary, 28 Dec 2007 @ 12:49pm

How high up is John?
Update: John Dowdell, an Adobe employee (and long time Techdirt reader) has replied in the comments, noting that he's talking to folks at Adobe to find out the whole story, but he thinks it's the "live update" function.

How high up is John? Unless he's very high up (corporate officer level or close to it) he may never get a straight answer. I company I used to work for purposely put time bombs disguised to look like "bugs" into their software in order to keep customers on expensive "support and update" plans. This activity was a very closely kept secret known by only a few within the company (so as to keep word from leaking out and angering the customers). The company then lied to it's own employees about the source of these mysteriously appearing bugs. The moral of the story is, unless John is very high up in the company, he may not get the truth even if he asks.
[ link to this | view in thread ]
Alfred E. Neuman, 28 Dec 2007 @ 12:49pm

Re: Update, from Adobe sources
John,

Thanks for the update. Does Adobe give any reason for the obfuscation of the connection and why they do not inform the user of the connection in an obvious fashion?
[ link to this | view in thread ]
John Dowdell, 28 Dec 2007 @ 1:42pm

re: How high up is John?
Hey Alfred, I've admired you since I was a kid.... ;-)

I don't think that Adobe offers an overall guide to Omniture analytics. Most websites are in the same situation, although few also offer desktop applications as Adobe does.

But like John Nack, I think Adobe would benefit from doing better, in clearly advising of all issues which might be perceived as privacy or security issues. We'll be able to get better and more inclusive info after the holidays.

(I don't speak for all Adobe, or even know all Adobe. I come out of Macromedia Tech Support, and a lot of what I do today is in helping customers get heard inside the company.)

jd/adobe
[ link to this | view in thread ]
Steve, 28 Dec 2007 @ 3:03pm

spyware?
The person who wrote this article is an utter retard. First, understand what Omniture and other web analytics firms do, then write your article. The lack of research put forth before this public opinion was released displays a major lack of education. Web analytics firms track web usage so to help companies make better websites. Need online help from within Photoshop?....oh, but you don't like the usability of the online help function, huh? ....well how do you expect Adobe to learn how to make their online help and update wizards more user friendly? How many of you actually fill out surveys, and when you do, how many of you actually tell the truth? ....exactly.

Omniture does not track how people use Adobe's software, contrary to the uneducated 'guess' above. It tracks anonymous activity as it pertains to the online functionality that may be utilized from the software. How many bad web sites are out there today? TOO MANY!! I see so many well known brand names put up utter garbage for web sites. Kudos to Omniture and other like firms for help the internet become a more user-friendly place.
[ link to this | view in thread ]
Alfred E. Neuman, 28 Dec 2007 @ 3:53pm

Re: spyware?
Steve,

You may have a point there, however I think the issue here is whether this activity was adequately communicated to the user.
[ link to this | view in thread ]
Ernest T. Wolf, 28 Dec 2007 @ 4:00pm

Re: spyware?
Steve is absolutely right. How can we expect companies to help us if they don't have enough information about us? For example, I'm sure that I have some great investment opportunities that would help Steve grow his personal fortune. But first, I'll need some information before I can help him with that. So Steve, if you'll kindly post your complete name, address, social security number, mother's maiden name (if different from your own), bank account and credit card numbers (don't forget the little numbers on the backs of the cards too), I'll get right on with helping you.
[ link to this | view in thread ]
Mike (profile), 28 Dec 2007 @ 4:14pm

Re: spyware?
The person who wrote this article is an utter retard

It's always nice when people who disagree with you start out by insulting you. It makes the conversation that much more productive.

First, understand what Omniture and other web analytics firms do, then write your article.

I understand what Omniture does and I wrote the article. Your point?

The lack of research put forth before this public opinion was released displays a major lack of education

And what do your insults display?

Web analytics firms track web usage so to help companies make better websites.

Indeed. They do. Why should that matter for a desktop application?

Need online help from within Photoshop?....oh, but you don't like the usability of the online help function, huh? ....well how do you expect Adobe to learn how to make their online help and update wizards more user friendly?

Perhaps the same way desktop software companies have for ages: user testing.

It tracks anonymous activity as it pertains to the online functionality that may be utilized from the software.

You left out "without telling the person" and "while hiding it by pretending it looks like a local network ping".

How many bad web sites are out there today? TOO MANY!!

Again, I'm unclear on how that matters for desktop software.

Kudos to Omniture and other like firms for help the internet become a more user-friendly place.

By tracking usage of a DESKTOP app surreptitiously and hiding that tracking? Sorry... I don't see how you can conclude one from the other... but, unlike you, I'll refrain from questioning your mental abilities.
[ link to this | view in thread ]
Open Eyes, 28 Dec 2007 @ 5:31pm

Re: I'm sorry...
re: ps. There's software out there that is specifically built to stop applications from phoning home. Search on Macupdate.com or other places.

Yes, and it's called the ISS 'BlackIce' firewall with Application protection. It will block or terminate any application from accesing the network/internet.
[ link to this | view in thread ]
SleazyTactics, 28 Dec 2007 @ 9:10pm

The MAIN question is: If Omniture is some harmless analytics company out to HELP users, then why are they obscuring their URL with some bullshit spammer technique? Does anyone think that 168..2O7.net thing is anything but total asshole corporate behavior? Hard to believe a company like Adobe would deal with something so sleazy, regardless of how "helpful" it is to their paying customers.
[ link to this | view in thread ]
jeff leong, 29 Dec 2007 @ 12:30am

truth is, this kind of method is frequently used and provides no threat to the customer. in fact, this is a benefit to the customer, as business can now better optimize as they do with the web the customer experience with applications. having a simple ping to a server doesn't provide information on what was drawn, coded or published but simply what was clicked, for how long and how many times, "user interaction" - that's all. working with web analytics, i myself have deployed an array of solutions like this and given omniture offers the manipulation of process of the data for free, its a lot cheaper for a company to utilize this option versus building it themselves. its essential data needed 'bottom line' to help provide better products for the customer and poses no threat.
[ link to this | view in thread ]
Ernest T. Wolf, 29 Dec 2007 @ 1:39am

Re:
Hey jeff,
Seeing as how we both understand how important it is to have "essential data" in order to help people, I'll make you the same offer I made to Steve. I can start "helping" you just as soon as you post the "essential data" I need.
[ link to this | view in thread ]
Mr reality check, 29 Dec 2007 @ 3:59am

Leave the conspiracy thoeries to the pros
IP's that begin with 192.160 are YOUR LAN DUMBASS!
http://en.wikipedia.org/wiki/IP_address#IPv4_private_addresses
[ link to this | view in thread ]
Anonymous of Course, 29 Dec 2007 @ 11:40am

Adobe used to be good.
I've purchased several Adobie products and many
subsequent updates, starting back with PS 2.0.

For me the release of CS was the beginning of the
end. I will not purchase it. Also consider how
horribly bloated Acrobat has become.

One of the down sides of success is it leads to
corporate rot. So you get knuckle head managers
that while away their time thinking up clever
ways of increasing revenue rather than improving
products.

Here's some essential data for you...
I used to be a loyal paying customer, now I'm not.
[ link to this | view in thread ]
Anonymous Coward, 29 Dec 2007 @ 1:16pm

A few years ago when I used ATT DSL, one of their boiler room call reps sold me an enhancement to my service.

Now this part is strange: The enhancement was to be uploaded to my DSL modem. I could turn the modem off. I could unplug it from my computer. I could could unplug the power. All I needed to do was make sure the modem was still connected to the wall phone jack. I guess all they needed to upload the "firmware" was the power in the phone line.

When you unplug - physically disconnect.

Ever since then, I unplug my modems from the wall jack every time I power down.

Also note, if you use XP, you have a QoS (Quality of Service) channel that reserves a percentage of bandwidth for so called "Background network traffic (or maintenance)". Zero that guy out. Turn off your update and error reporting and remote help features. And, never allow (for you IE users) your browser to install an ActiveX Object.

Google for tweaks. And remember, just because your network icon in the task bar is NOT BLINKING - it does not that NOTHING is going on. Don't put anything past our owners!
[ link to this | view in thread ]
uvu, 29 Dec 2007 @ 1:25pm

Re: Air Gap - disagree
Surely Adobe uses a spy ware that can wait until you are connected to the internet to "Phone Home," it is not as simple as disconnecting when you're not online. I always disconnect from the internet when I am not using it, however, there are those few occasional times when I forget, those area the times when all of the invaders have ample time to get in, get what they want and get out.
[ link to this | view in thread ]
Henry Trenton II, 29 Dec 2007 @ 2:17pm

Our Constitution has been sold out, vote Ron Paul
Adobe is another tool for the gov't. After all, corporations and gov't are merely quid-pro-quo whorehouses sold to the highest bidder. When the gov't needs illegal wire-taps, Verizon and Sprint allow them secret rooms to listen in on calls. When Haliburton (and KBR) need more revenue, the gov't hands out no-bid contracts. When the gov't dislikes literature, Amazon and Wikipedia ban the book "America Deceived". We The People had our gov't sold out from beneath us.
Final link (before Google Books caves to pressure and drops the title):
America Deceived (book)
[ link to this | view in thread ]
SleazyTactics, 29 Dec 2007 @ 3:05pm

Re: Leave the conspiracy thoeries to the pros
Are you even fucking paying attention?
We all know what our LAN addresses are.
Omniture is obscuring their probes by using 192...and ending it with 2O7.net, which ISN"T OUR LAN, DUMBASS.
[ link to this | view in thread ]
mwales, 29 Dec 2007 @ 3:33pm

Mac users: get Little Snitch.

Zone Alarm is now owned by a bunch of Israelis. Why do they need our info?
[ link to this | view in thread ]
mwales, 29 Dec 2007 @ 3:35pm

BEWARE:
"America Deceived (book)" in #27 is a load of crap. Promises one thing. Reads like a high-school scam. Unreadable. Meandering. Makes no point.

And Amazon is not banning it. Urban Legend
[ link to this | view in thread ]
mwales, 29 Dec 2007 @ 3:36pm

TYPO: Sorry, meant ""America Deceived (book)" in #37"
[ link to this | view in thread ]
JV, 29 Dec 2007 @ 4:45pm

same shit another day
Tried Little Snitch? (http://www.obdev.at/products/littlesnitch/index.html)
It's Mac only but that is Adobe's core market... still.
I use both Mac+Adobe everyday at work, FWIW.

And, yes, Adobe is a tool. Not as pervasiveley back-doored as Microshit or those online "secure" services, but still a tool.

Open source, when possible, is superior!
[ link to this | view in thread ]
little snitch software, 29 Dec 2007 @ 5:34pm

little snitch works for me
[ link to this | view in thread ]
jeannie lindsay, 29 Dec 2007 @ 7:12pm

Omniture? Are you positive the behavior analytics firm isn't called Aperture? I think Adobe should at least give me cake...
[ link to this | view in thread ]
Pete, 29 Dec 2007 @ 8:04pm

Re: Leave the conspiracy thoeries to the pros
Well DOUBLE-DUMB ASS!, you think that a thief would announce himself before stealing stuff.. The IP is 216.52.17.0/24 which gets obfuscated to 192.x.x.x.net
[ link to this | view in thread ]
how now?, 29 Dec 2007 @ 10:45pm

Re: spyware?
How many times can you utter the word utter?
A "major lack" of education?
BTW, perhaps they should "utter" that they're doing this in the first place.
[ link to this | view in thread ]
Jeffrey, 30 Dec 2007 @ 12:12am

Osama Bin Laden was right about this one.
OH NO! We are living in a terror under the surveillance world! Today, we are in Orwellian 1984! War is Peace! I will have to dump my computer with a load of spy ware to the sea! Tonight I will escape to a remote island no one ever knew where I will be there.

The world spied everyone with their own privacy thru Internet nowadays. Al Qaeda leader Osama Bin Laden was right about that because he always believes that old medieval way is much better off than today’s corrupted and wicked modern technology! He is so clever to avoid using today's technology (with hidden surveillance tools) in order to evade from overworking US troops and frustrated bounty hunters who are still searching for him in several years without any luck!
[ link to this | view in thread ]
steve, 30 Dec 2007 @ 1:20am

Re: Re: spyware?
legally, it is not required to be articulated to the user. there is no personally identifiable info being passed, so there is not legally binding requirement to inform people that their anonymous behavior as it relates to the activity taking place on the web pages is being aggregated.

do you have to inform someone that when they enter your brick n mortar store, a manager will be watching what items they browse vs those they buy? this same logic applies to web analytics and use of anonymous data.
[ link to this | view in thread ]
steve, 30 Dec 2007 @ 1:24am

Re: Re: spyware?
haha....very clever, but insanely inaccurate. web analytics technology doesn't capture any personally identifiable information. see my response above to Alfred E. Neuman's response to my original post. again, educate yourself on the technology being discussed before you make a comment....err...fool of yourself.
[ link to this | view in thread ]
steve, 30 Dec 2007 @ 1:36am

Re: Re: spyware?
Mike, the only time Omniture's tracking takes place is when a web resource is accessed, so the desktop app IS NOT being tracked. please make note.

Second, see my above response to Alfred E. Neuman, i.e. anonymous web data collection is able to be conducted, legally, without notification to the users. If Adobe were to collect any PII, or personally identifiable information, then they would need to disclose it within their privacy policy.

Thirdly, User Testing is the most inaccurate form of testing in the world. 2% of the total population is representative of the whole? Why not track the whole?....i.e. what web analytics can do....which provides the most accurate representation of what YOUR total web audience is interested in. There's too many flaws in user testing, Comscore, and NetRatings. Very soon, you will see NetRatings head towards extinction due to audience sampling becoming a thing of the past. For the first time ever, set-top boxes will be tracked in much the same fashion of web sites so that an advertiser will know exactly how many people viewed a tv show, how many times their commercial was actually viewed, etc. no personally identifiable data passed...just aggregated usability data.

so in summary, i think there is confusion in responding to this topic largely due to the question posed in the original blog being off the mark. Adobe does not track the desktop app, but when someone within the desktop app accesses a web page/resource, then that web behavior IS being tracked. in understanding this basic principle, most people here should be able to formulate intelligent opinions.
[ link to this | view in thread ]
howlingmadhowie, 30 Dec 2007 @ 4:31am

free software the only answer
if you want security, you have to have access to the code, then security problems can be fixed quickly. that's why linux and *bsd, despite building the backbone of the internet, have never had a virus or a worm or anything else. the same goes for desktop software. anybody who uses proprietary software can expect to be betrayed by the product they bought.
[ link to this | view in thread ]
Anonymous of course, 30 Dec 2007 @ 9:26am

free software / activity tracking
The first worm ever loose in the wild
ran under BSD and SUN OS. Try Googling
Morris and Worm.

All software has security problems. Just
as all licensing managers can be broken.

Also I don't buy the user testing argument.
Through pre-release QC testing, then beta
testing with knowlegable users, followed by
feedback from USER GROUPS is how things are
properly tested.

Tracking web page resource use sounds more
like a marketing activity to me... unless
you're testing the web pages but then you
won't need to doctor up the application
to do that.

In any case- feedback is given openly,
tracking implies covert data collection.
I think the inital blog is spot on.
[ link to this | view in thread ]
JustMatt, 30 Dec 2007 @ 10:09am

Making it look like a 192.168 addy is dishonest an
I'll be blocking this bad boy when I get back to the office, and also see if I can lay some smack-fu on the Adobe rep.
[ link to this | view in thread ]
John Smith, 30 Dec 2007 @ 10:59am

Adobe Spying
Not only Photoshop CS is spying, I have recently uninstalled Adobe Reader, because of its spying behaviour!
There's other reason, I hate Adobe: When they bought Macromedia, they paid Google to get rid of all links to DVD Decrypter.

By By Adobe, Viva The Gimp!
[ link to this | view in thread ]
Rose M. Welch, 30 Dec 2007 @ 10:56pm

Re: Re: Re: spyware?
Steve is absoluteley NOT right. I might expect that when I walk into a store, but I do not expect the manager of the store to follow me home and watch what I do with the merchandise that I purchase. Not do I expect them to use my computer and system resources, without permission, to tell his bosses what he finds out. WTF, people?

And I have to say that, as a web designer, I do place surveys on my sites, and they are very helpful. People don't generally lie about that crap. In fact, they are very blunt about exactly what they do and don't like. People aren't stupid, shy idiots, ya know. Well, not in America, at least.
[ link to this | view in thread ]
Mike (profile), 31 Dec 2007 @ 12:01am

Re: Re: Re: spyware?
Steve, thanks for responding and thanks for NOT choosing to continue your uncalled for insults. It would have been nice to apologize for them, but alas...

Mike, the only time Omniture's tracking takes place is when a web resource is accessed, so the desktop app IS NOT being tracked. please make note.

But this includes the splash screen... so while it may be going out and accessing a web resource, it's the equivalent of happening while just opening the desktop app.

Second, see my above response to Alfred E. Neuman, i.e. anonymous web data collection is able to be conducted, legally, without notification to the users. If Adobe were to collect any PII, or personally identifiable information, then they would need to disclose it within their privacy policy.

No one suggested what Adobe was doing was illegal. The question was simply about how ethical (or not) it was.

Thirdly, User Testing is the most inaccurate form of testing in the world. 2% of the total population is representative of the whole?

A representative sample can tell you quite a bit. Don't brush off 2%. If it's a representative sample it can be quite useful. And the reason you might track 2% rather than the whole is because that 98% didn't sign up to be tracked and would prefer not to be tracked.
[ link to this | view in thread ]
Rekrul, 31 Dec 2007 @ 3:35am

Block it!
My firewall is configured to alert me to any new outgoing connections and ask whether the action should be allowed or blocked.

Any program that tries to make an outgoing connection without my explicitly having told it to do so, or requiring one as part of its normal functioning, gets blocked. If it requires an outgoing connection to function, but tries to phone home, I will specifically block outgoing connections to its parent company. I don't even let my software check for new version automatically. I'll check for new versions when *I* want to.
[ link to this | view in thread ]
Anonymous Coward, 31 Dec 2007 @ 2:26pm

Re: Osama Bin Laden was right about this one.
Hey, looky! Another military "communications officer" (i.e. troll) at work.
[ link to this | view in thread ]
Maychic’s World’s Top Sexiest Women Networking, 2 Jan 2008 @ 2:20am

Adobe Spying On Its Customers
I am not shocked to hear about Adobe spying on its customers. It is to be expected. That is why having a firewall is wise.
[ link to this | view in thread ]
PO, 3 Jan 2008 @ 7:04pm

Use a HOST file
http://someonewhocares.org/hosts/
[ link to this | view in thread ]
Warez Boy, 7 Jul 2008 @ 1:35pm

Adobe can lick the dick cheese out from between my glans and shaft!

I get my Adobe ware for free off of P2P. Sure beats the hell out of paying the thousands Adobe wants for it. ZoneAlarm is free too. Once Adobe asks for net access, ZoneAlarm asks you to allow or deny it. Click on the "remember" box and then click Deny. Enjoy your free Adobe programs now! Woo hoo!
[ link to this | view in thread ]
Warez Boy, 7 Jul 2008 @ 1:35pm

Adobe can lick the dick cheese out from between my glans and shaft!

I get my Adobe ware for free off of P2P. Sure beats the hell out of paying the thousands Adobe wants for it. ZoneAlarm is free too. Once Adobe asks for net access, ZoneAlarm asks you to allow or deny it. Click on the "remember" box and then click Deny. Enjoy your free Adobe programs now! Woo hoo!
[ link to this | view in thread ]
Bobby, 10 Mar 2010 @ 9:32am

For some reason I find this very easy to believe. Adobe is constantly installing things on my computer that I neither ask for nor want. My antivirus program is always warning me about them, but I tend to trust them for the most part. However, this seems to be proof positive that my worst suspicions were correct.
[ link to this | view in thread ]