Dear John Nack, how dare you?
I’ve been lightly following a certain set of stories regarding Adobe phoning home whenever you start up CS3 products. The basic idea is this; When you start a CS3 product, it sends a few packets of information to 192.168.112.2o7.net, which is actually just a subdomain for the website 2o7.net, which is owned by Omniture, a statistics company.
I’m not saying they’re giving away my social security number, I’m not saying there are even any privacy issues here. However, two things are awry in this scenario. The first is that they’re trying to hide the website address by disguising it as a local-looking IP address. The second is that they’re phoning home, no matter what the information is, without my permission.
Guess what, Adobe? THIS IS SPYWARE.
John Nack, the product manager for Adobe Photoshop, took it upon himself today to write a blog post about the situation. In this post, Mr Nack is lashing out at users and customers without providing a single answer.
The main point that John keeps bringing up is that a lot of people are on holiday, so it’s the perfect time to put up some major speculative post, because the companies involved won’t be able to respond. He likens it to 2 posts that have occured in the past two consecutive years… which are also about Adobe.
John, I think you’re a little too concerned with yourself. The prior posts and this one occurring around the holidays are merely coincidence.
In addition, John, you quoted Doug Miller saying that “There are only 3 places we track things via Omniture anywhere in or around our products”. Given that this 2o7.net example was not listed, it makes this statement inaccurate and therefore quotable with a grain of salt. You can’t deny that the products are contacting 2o7.net… so there are 4 places you track things via Omniture.
Nowhere in your post do you address the following; 1) Why is the address intended to be hidden? 2) What information is Adobe collecting?
Instead of peddling the idea that your customers and users are crying wolf, and instead of defending yourself to the point of insulting your customers intelligence (Crying wolf?? No common sense??), you should concentrate on finding out the real reason behind the 2o7.net domain.
Until then, you should probably shut your mouth before your foot ends up in it. Oh, and run your post by HR next time if you want to save a bit of face.
John Nack
December 29, 2007 @ 4:15 pm
The definition of “Spyware” is open to some interpretation. Wikipedia says, “Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user’s interaction with the computer, without the user’s informed consent.” The Federal Trade Commission says, “Installed on your computer without your consent, spyware software monitors or controls your computer use. It may be used to send you pop-up ads, redirect your computer to websites, monitor your Internet surfing, or record your keystrokes, which, in turn, could lead to identity theft.”
The SWF included in the welcome screens of various Adobe apps makes a call to the Net to pull in the latest news & links, designed to help users of Adobe software find online resources more easily. The network call, like all calls to Adobe.com servers, is tracked by third-party Omniture. The only thing possible to discern from tracking that information is that an Adobe app was launched at a particular IP address. That’s it.
I contend that behavior doesn’t meet the commonly held definition of spyware. You may feel differently, which is obviously your right. I do think it’s important to make a distinction between what Adobe apps are doing and what various viruses, keyloggers, & other privacy-invading tools are doing.
“Mr Nack is lashing out at users and customers without providing a single answer.”
If I’m “lashing out,” it’s at Web writers (nominal journalists included) who jack up their stats by irresponsibly scaring people. I also have problems with mob mentality & the tendency to assume the worst about people.
“The main point that John keeps bringing up is that a lot of people are on holiday…”
That’s hardly my main point. In any case, it’s hard not to notice a pattern: when people have more time at home & less work, and when there’s little other tech news being generated, we see a big uptick in stories that lend themselves to speculation. It’s actually a minor point in the whole discussion.
“In addition, John, you quoted Doug Miller saying that “There are only 3 places we track things via Omniture anywhere in or around our products”. Given that this 2o7.net example was not listed, it makes this statement inaccurate and therefore quotable with a grain of salt. You can’t deny that the products are contacting 2o7.net… so there are 4 places you track things via Omniture.”
That’s not my understanding of the situation. Doug indicated that there are three operations initiated by Adobe desktop tools that call Adobe.com properties: the welcome screens loading a SWF; Adobe Bridge loading an Adobe Web page; and users launching an Adobe Web page in a browser via links from the apps. In all those cases, because Adobe.com content is getting loaded, it’s getting tracked by Omniture. Therefore the 2o7.net example isn’t separate at all: it’s one and the same with these instances (i.e. calling Adobe.com also means calling Omniture, which = 2o7.net).
“Nowhere in your post do you address the following; 1) Why is the address intended to be hidden? 2) What information is Adobe collecting?”
1) I said I’d investigate the story behind the choice of address, and that’s what I’m doing. 2) I believe I said several times that Adobe is simply logging the fact that a particular SWF got loaded at a particular Web address (i.e. nothing else about your identity, usage patterns, etc.). Did I not?
I hope you find this info useful.
J.