|
Your continuous donations keep RPGWatch running!
RPGWatch Forums » General Forums » Off-Topic » Thread of privacy violations by software companies/Internet services

Default Thread of privacy violations by software companies/Internet services

October 7th, 2014, 22:20
http://the-digital-reader.com/2014/1…/#.VDQhI_ldWYA

Adobe has just given us a graphic demonstration of how not to handle security and privacy issues.

A hacker acquaintance of mine has tipped me to a huge security and privacy violation on the part of Adobe. That anonymous acquaintance was examining Adobe’s DRm for educational purposes when they noticed that Digital Editions 4, the newest version of Adobe’s Epub app, seemed to be sending an awful lot of data to Adobe’s servers.

My source told me, and I can confirm, that Adobe is tracking users in the app and uploading the data to their servers. (Adobe was contacted in advance of publication, but declined to respond.)

And just to be clear, I have seen this happen, and I can also tell you that Benjamin Daniel Mussler, the security researcher who found the security hole on Amazon.com, has also tested this at my request and saw it with his own eyes.

Update: I can now report that Ars Technica has independently confirmed many of the details in this post.

Update: Liza Daly of Safari Books has confirmed some details:

I can confirm that AD4 (OSX) is sending reading data even for non-DRMed EPUBs. Can’t confirm it searching my drive. pic.twitter.com/5MaUYQWKOi

— Liza Daly (@liza) October 7, 2014

Adobe is gathering data on the ebooks that have been opened, which pages were read, and in what order. All of this data, including the title, publisher, and other metadata for the book is being sent to Adobe’s server in clear text.

I am not joking; Adobe is not only logging what users are doing, they’re also sending those logs to their servers in such a way that anyone running one of the servers in between can listen in and know everything,

But wait, there’s more.

Adobe isn’t just tracking what users are doing in DE4; this app was also scanning my computer, gathering the metadata from all of the ebooks sitting on my hard disk, and uploading that data to Adobe’s servers.

In. Plain. Text.

And just to be clear, this includes not just ebooks I opened in DE4, but also ebooks I store in calibre and every Epub ebook I happen to have sitting on my hard disk.

Since this happens all the time, I thought of making this thread and updating it frequently so people know what to avoid.

Sadly it seems more and more unless it's open source and free and the developers have no business incentive to make money from you, it means they're monetizing you and tracking you as much as possible. Even then that might not be true (see Ubuntu sending your local searches to Amazon).

I will sure never use that Ebook program.

Your Heavenly Father loves you and wants you to come to repentance
Humanity has risen! is offline

Humanity has risen!

Humanity has risen!'s Avatar
Sentinel

#1

Join Date: Nov 2011
Location: Trois-Rivières, Québec
Posts: 444

Default 

October 15th, 2014, 19:08
Please don't forget the Secret Services are actively using leaks, too.
See the Projects "Hacienda", "Olympia" etc. made by the Five Eyes coalition.

They are actively ( ! ) breaking into PCs in order to turn them into bot-net zombies !

http://en.wikipedia.org/wiki/Five_Eyes

“ Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius – and a lot of courage – to move in the opposite direction.“ (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR

#2

Join Date: Nov 2006
Location: Old Europe
Posts: 16,002

Default 

October 18th, 2014, 10:42
http://yro.slashdot.org/story/14/10/…their-location

The social network Whisper which flaunts itself as being anonymous has been shown to track users without their consent.

It's really simple, you constantly need to wonder why you're getting something for free, and if you can't find a very good reason, your privacy is being breached.

Your Heavenly Father loves you and wants you to come to repentance
Humanity has risen! is offline

Humanity has risen!

Humanity has risen!'s Avatar
Sentinel

#3

Join Date: Nov 2011
Location: Trois-Rivières, Québec
Posts: 444

Default 

Yesterday, 23:21
http://arstechnica.com/security/2014…n-search-data/

In the latest version of Mac OS X, Yosemite, Apple has a new function called Spotlight that sends your searches to both Apple and Microsoft (through Bing). Effectively they have pulled a Ubuntu, and for the first time by default OS X doesn't respect user privacy.

I installed Yosemite yesterday, and I saw this immediately. Although to be fair, they are upfront about it.

To disable it, you need to disable it in both the system settings and in Safari, meaning that yes, for the near totality of the userbase, Apple and Microsoft will garner all their search data even when they are just looking for local files.

Your Heavenly Father loves you and wants you to come to repentance
Humanity has risen! is offline

Humanity has risen!

Humanity has risen!'s Avatar
Sentinel

#4

Join Date: Nov 2011
Location: Trois-Rivières, Québec
Posts: 444

Default 

Today, 03:13
This thread is most useful. Personally I'd not trust any software with my privacy, best bet is to go offline.

.:\\\"I saw Islam as the correct way to live, and I chose to try to live that way."///:.
Digger Nick is offline

Digger Nick

Digger Nick's Avatar
امير

#5

Join Date: May 2012
Posts: 102
RPGWatch Forums » General Forums » Off-Topic » Thread of privacy violations by software companies/Internet services
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 11:01.
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Copyright by RPGWatch