Saturday, October 11, 2014

Adobe Spying on Users, Collecting Data on Their Libraries

Nate Hoffelder:

Adobe is gathering data on the ebooks that have been opened, which pages were read, and in what order. All of this data, including the title, publisher, and other metadata for the book is being sent to Adobe’s server in clear text.

[…]

The first file proves that Adobe is tracking users in the app, while the second one shows that Adobe is indexing my ebook collection.

The above two files were generated using data collected by an app called Wireshark. This nifty little app can be used to log all of the information that is sent or received by your computer over a network.

4 Comments RSS · Twitter

"Adobe is gathering data on the ebooks that have been opened, which pages were read, and in what order."

To be entirely fair, physical Amazon Kindles do this exact same thing, and I strongly suspect all the various Kindle reader software versions do so as well. (I don't follow the product closely, but I think I recall that iBooks does this too.)

Of course, what Adobe is doing goes well beyond this, and is far more troubling for multiple reasons.

But I did want to be entirely fair.

There is no evidence that Adobe is gathering more info than Amazon. I strongly suspect that based on Amazon's other customer profiling endeavors (tracking users across the web) that they're doing exactly what Adobe does.

The follow-up post says that it’s only reporting data about books within the Adobe app’s library, not scanning the hard drive for other books as previously alleged. Amazon and Apple probably do much the same thing, but I would hope they use a secure connection.

"The follow-up post says that it’s only reporting data about books within the Adobe app’s library, not scanning the hard drive for other books as previously alleged."

My reading differs.

His updated theory at this point is that it is indeed not scanning the hard drive, but it is scanning the e-reader, and transmitting info on ebooks he had not used the Adobe software to acquire, open, or transfer. He hasn't gotten secondary confirmation yet, so it's all a bit fuzzy. But if proven-out, a genuine scandal.

And, yes, the unencrypted part is bad enough by itself.

Leave a Comment