| Main |

Corporate conspiracies… not

UNEASYsilence published a story two days ago about connections to 2O7.net from Adobe CS3 applications.

It’s scaremongering of the worst sort. The connections to 2O7.net are happening because the splash panel fetches a Flash graphic from Adobe’s website when you start the app. It is used to fill the bottom right corner, like this:

Picture 1.png

Anyway, when you load that graphic, it connects to Omniture (who own the 2O7.net domain) who provide site access statistics and the like. Big hairy deal.

It simply isn’t, as UNEASYsilence were all too keen to suggest, some sort of devious invasion of privacy on Adobe’s part.

There should be a variant of Hanlon’s Razor to cover this kind of thing. Perhaps something like

Never attribute to privacy infringement that which can be adequately explained by on-line content delivery, statistics gathering or software update.

It’s not quite as succinct now though. We need something snappier (suggestions, anyone?)

Or maybe people should just stop crying wolf every time Little Snitch tells them that an application is accessing the network.

Posted by alastair on December 28, 2007 at 5:01 PM Digg It | | Comments (2) | TrackBacks (0)

Trackbacks

TrackBack URL for this entry:
http://alastairs-place.net/movabletype/mt-tb.cgi/185.

Comments

The problem isn't so much that CS3 is phoning home, as it were. The problem is that it is doing so by connecting to a domain name that is obviously designed to fool people into thinking that it is actually an IP address on their local network (i.e. 192.168.*.* addresses are typical of home networks).

Posted by Clark Cox Author Profile Page on December 31, 2007 4:59 AM

Sure, I agree that the name is intended to deceive casual observers.

But ask yourself why that might be. My guess is that Omniture did it because they were worried that people would see the communication with their servers and misinterpret it as something malicious when really it wasn’t. I don’t actually think using these kinds of domain names really helps, but I suspect that someone thought it might. In this case, clearly, it’s backfired.

Furthermore, I’m sure Omniture never expected their servers to be used when someone starts a CS3 app, and it wouldn’t exactly surprise me to find that Adobe didn’t really mean for it to happen either. (If they had intended it, it would happen whether or not the Welcome pane is enabled, which it doesn’t.)

My point really is that companies should be given the benefit of the doubt in cases like this, at least until someone competent has looked at what’s going on. The original post on the topic was written in such a way that it suggested that Adobe was up to no good (“spying on users application habits”), which is patently untrue.

Posted by alastair Author Profile Page on December 31, 2007 5:08 PM

Post a comment

If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thank-you for your patience.

(Your e-mail address will not be displayed or included in any pages served on this site; nor will you get any spam as a result.)

A live preview of your comment will be displayed below. It should refresh automatically when you stop typing, but if not then the “Preview” button above will update it.

Live Comment Preview