Adobe is Spying on Users, Collecting Data on Their eBook Libraries

Adobe is Spying on Users, Collecting Data on Their eBook Libraries Adobe Security & Privacy Adobe has just given us a graphic demonstration of how not to handle security and privacy issues.

A hacker acquaintance of mine has tipped me to a huge security and privacy violation on the part of Adobe. That anonymous acquaintance was examining Adobe's DRM for educational purposes when they noticed that Digital Editions 4, the newest version of Adobe's Epub app, seemed to be sending an awful lot of data to Adobe's servers.

My source told me, and I can confirm, that Adobe is tracking users in the app and uploading the data to their servers. (Adobe was contacted in advance of publication, but declined to respond.)  Edit: Adobe responded Tuesday night.

Update Timeline

And just to be clear, I have seen this happen, and I can also tell you that Benjamin Daniel Mussler, the security researcher who found the security hole on Amazon.com, has also tested this at my request and saw it with his own eyes.

Adobe is gathering data on the ebooks that have been opened, which pages were read, and in what order. All of this data, including the title, publisher, and other metadata for the book is being sent to Adobe's server in clear text.

I am not joking; Adobe is not only logging what users are doing, they're also sending those logs to their servers in such a way that anyone running one of the servers in between can listen in and know everything.

But wait, there's more.

Adobe isn't just tracking what users are doing in DE4; this app was also scanning my computer, gathering the metadata from all of the ebooks sitting on my hard disk, and uploading that data to Adobe's servers.

In. Plain. Text.

And just to be clear, this includes not just ebooks I opened in DE4, but also ebooks I store in calibre and every Epub ebook I happen to have sitting on my hard disk.

Update: Further testing has revealed that the files being scanned were actually on my ereader, not my HD. I had not used ADE to load the files on to the ereader, and yet the app scanned them, made a list, and uploaded the list to Adobe.

And just to show that I am neither exaggerating nor on drugs, here is proof.

The first file proves that Adobe is tracking users in the app, while the second one shows that Adobe is indexing my ebook collection.

The above two files were generated using data collected by an app called Wireshark. This nifty little app can be used to log all of the information that is sent or received by your computer over a network. Muussler and I both saw that data was being sent to 192.150.16.235, one of Adobe's IP addresses. Wireshark logged all of the data sent to Adobe, and on request spat out the text files.

Adobe is Spying on Users, Collecting Data on Their eBook Libraries Adobe Security & Privacy

This is a privacy and security breach so big that I am still trying to wrap my head around the technical aspects, much less the legal aspects.

On a technical level, this kind of mistake is not new. Numerous apps have been caught sending data in clear text, and others have been caught scraping data without permission (email address books, for example). What's more, LG was caught in a very similar privacy violation last November when one of their Smart TVs was shown to be uploading metadata from a user's private files to LG's servers - and like Adobe, that data was sent in clear text.

I am sharing these details not to excuse or justify Adobe, but to show you that this was a massively boneheaded stupid mistake that Adobe would have seen coming had they had the brains of a goldfish.

As for the legal aspects, I am still unsure of just how many privacy laws have been violated. Most states have privacy laws about library books, so if this app was installed in a library or used with a library ebook then those laws may have been violated. What's more, Adobe may have also violated the data protection sections of FERPA, the Family Educational Rights and Privacy Act, and similar laws passed by states like California. (I'm going to have to let a lawyer answer that.)

And then there are the European privacy laws, some of which make US laws look lax.

Speaking of Europe, the Frankfurt Book Fair is coming up later this week. Adobe will be exhibiting at the trade show, and something tells me they will not be having a nice trip. (I for one hope that the senior management is detained for questioning.)

In any case, I would highly recommend that users avoid running Adobe's apps for the near future - ever again, for that matter. Luckily for us, there are alternatives.

Rather than use Adobe DE 4, I would suggest using an app provided by Amazon, Google, Apple, or Kobo. Amazon uses the Kindle format, and each of the last three ebook platforms uses their own unique DRM and Epub (-ish) file format inside their apps. (While Google and Kobo will let you download an ebook which can be read in Adobe DE, that DRM is not used internally by either Kobo or Google.)

None of those 4 platforms are susceptible to Adobe's security hole.

Of course, I can't say for sure whether those platforms are more secure and private than Adobe's, but I'm sure they will be made more secure in the next few weeks.

images by arturodonateukCWCS

Nate Hoffelder

View posts by Nate Hoffelder
Nate Hoffelder is the founder and editor of The Digital Reader: He's here to chew bubble gum and fix broken websites, and he is all out of bubble gum. He has been blogging about indie authors since 2010 while learning new tech skills at the drop of a hat. He fixes author sites, and shares what he learns on The Digital Reader's blog. In his spare time, he fosters dogs for A Forever Home, a local rescue group.

274 Comments

  1. fjtorres6 October, 2014

    So, it only looks at epubs?
    So it targets Kobo, Google, and Nook, but not Amazon?

    Heh.

    “Kahn!!!!”

    Reply
    1. Nate Hoffelder6 October, 2014

      Google doesn’t download apps to your PC, so it’s out. And for all I know it might be able to scrape Kindle files as well.

      Reply
      1. JM Hatch8 October, 2014

        Reception of eBooksStore at launch was mixed. Reviewers noted that it was still glitchy, and that books lacked reviews even for those that were centuries old.[6] Also others remarked that Google touted the EBookStore as “open”, but that it was still using Adobe’s Adept eBooks Digital rights management.[7]

        https://en.wikipedia.org/wiki/Google_eBooks

        Reply
        1. Nate Hoffelder8 October, 2014

          This is one of those complicated technical points which are difficult to explain.

          For one thing, Google doesn’t have a Play Books app for Windows, so you read the ebooks in a web browser. Each ebook is sent in chunks, and is encrypted in Google’s own DRM.

          For the record, Google doesn’t use Adobe DRM internally. They will sell you an ebook and let you download an Epub file, but if you read that ebook in a Play Books app you won’t be reading an Epub file; it will be something different:
          http://the-digital-reader.com/2014/01/31/google-play-books-doesnt-support-epub-crazy-possibilities/

          And so any ebook read inside a Google Play Books app is safe from Adobe’s snooping.

          Weird, isn’t it?

          Reply
  2. fjtorres6 October, 2014

    Nasty thought: are they looking for “disinfected” versions of DRM’ed ebooks?

    Reply
    1. Timothy Wilhoit6 October, 2014

      I’m not really a tinfoil hat guy but that thought occurred to me as well. There’s absolutely no reason for any program to sift through your computer, especially since permission wasn’t asked. I didn’t have a particularly high opinion of Adobe but this caper has lowered it quite a bit more.

      “Adobe DE 4, special SW version! Spyware from a company you (don’t) trust!”

      Reply
  3. Claude6 October, 2014

    Is it only in Adobe DE 4 or can we see the same thing with earlier version of the software?

    Reply
    1. Nate Hoffelder6 October, 2014

      I don’t know, but now that I know what to look for I plan to check earlier versions of the app.

      Reply
    2. Greyhawk7 October, 2014

      DE 3 does not do this, we tested DE 3 extensively for exactly that before deploying.

      Reply
      1. Nate Hoffelder7 October, 2014

        I didn’t find this leak in ADE3 either.

        I’m not surprised to learn that you tested the app; I am more surprised that Adobe didn’t expect that someone would run security tests on the app and find this issue.

        Reply
  4. Claude6 October, 2014

    That said, I guess all ebooks sellers are “spying” on their users somehow. They all collect data of what we read. But maybe it’s more “secure”.

    Reply
    1. Brian7 October, 2014

      They collect data on books bought from them to some extent or another. Books aren’t bought from Adobe (they aren’t a seller), plus Adobe is collecting info on books not even associated with their app.

      Wonder what they ALA will think. They’re pretty big on eBook reader privacy IIRC and most library systems use ADE as a download method.

      Reply
      1. Glinda Harrison7 October, 2014

        I was wondering the same thing about the libraries.

        Reply
        1. Galen Charlton7 October, 2014

          This blew up on library Twitter this morning, and several folks who I know are involved in leadership positions at ALA are now getting the wheels turning. I would expect some sort of statement, at the very least, relatively soon.

          Reply
          1. Nate Hoffelder7 October, 2014

            Who should I contact to get a copy of that statement?

      2. Galen Charlton7 October, 2014

        This blew up on library Twitter this morning, and several folks who I know are involved in leadership positions at ALA are now getting the wheels turning. I would expect some sort of statement, at the very least, relatively soon.

        Reply
      3. Andromeda Yelton7 October, 2014

        I am a member of the board of LITA, the technology division of ALA, and brought this issue to the board this morning. It is also being discussed by ALA Council right now. I suspect there are numerous other groups within ALA that will have an opinion, and that we’ll be wanting to speak with a coordinated voice.

        Thank you for bringing this to everyone’s attention. Stay tuned 🙂

        Reply
        1. Nate Hoffelder7 October, 2014

          Thank you for the heads up.

          On an unrelated note, I just posted an article about 3M Cloud Library’s new hardware program. Can you read the post and tell me if my concerns are well founded? Thanks!
          http://the-digital-reader.com/2014/10/07/3m-cloud-library-launches-new-hardware-lending-program-nook-glowlight/

          Reply
          1. Andromeda Yelton7 October, 2014

            I am not an expert in the cases here (I mean, I followed them from a distance, but IANAL), but I would have the same concerns as you, and I would want to consult someone who IS an expert if I were in a decision-making role for a program like this.

  5. Feda6 October, 2014

    The only way to avoid is not to buy DRM infested content.

    Reply
    1. Nate Hoffelder6 October, 2014

      Except Adobe was indexing my DRM-free content as well.

      Reply
      1. Feda7 October, 2014

        Yes but you would not have the Adobe Digital Editions on your system if it wasn’t for their DRM.

        Reply
        1. S. J. Pajonas7 October, 2014

          That’s not true. On Mac, there are only a few good ePub readers and Adobe Digital Editions was one of them. I installed it just to proof my ePubs before uploading to B&N, Kobo, etc., not because I had to read something that had DRM on it. Now I have deleted ADE, and I guess I’ll use the iBooks app for the time being.

          Reply
          1. Jonathan Badger7 October, 2014

            Actually, did you know iBooks on OSX (since Mavericks) can read arbitrary ePub files? I use it all the time despite never purchasing a single ePub from Apple. It’s my favorite OSX ePub reader.

          2. Wrecks8 October, 2014

            Have you tried Calibre yet? It’s an ebook management platform that can let you read ebooks in many formats as well as convert many formats to many other formats.

            http://calibre-ebook.com/about

          3. S. J. Pajonas8 October, 2014

            I just use iBooks for proofing now. I use Calibre sometimes to convert files, but I find it frustrating as a user with the way it stores file both inputted and outputted.

          4. derek8 October, 2014

            @wrecks I use calibre probably more than any other single program except my browser, but you still have to use Adobe if you buy DRM books. Nate’s pushing Google and Kobo, but even IF you use Kobo, you use ADE internally (perhaps not with the same “features”, but the software — RMSDK — is purchased from Adobe), and I don’t like using either of those in ways that tie me to a platform or vendor. So I download to ADE, and then sideload to my ereader.

            I’m a bit surprised that there are people here using ADE 2, still, as mine stopped working (would no longer get a valid authentication from their server) and I was forced to upgrade to ADE 3. So one day, I expect something similar will force me to move to ADE4.

            Telling people not to buy DRM books is not a solution: as long as publishers use DRM, not buying DRM books is letting them choose my reading (there aren’t many books that are legally available in both a DRM and non-DRM format). We have to campaign to force them to stop using DRM: preferably by educating authors and agents to stop agreeing to publishing contracts that insist on it.

          5. Nate Hoffelder8 October, 2014

            I was only pushing Kobo because many readers will want ebooks that only come with DRM. I myself strip the DRM.

            “even IF you use Kobo, you use ADE internally”

            Not really, no. I have been told by a several expert Kobo users that they have 2 rendering engines, one for their own content and one for external Epubs.

          6. derek8 October, 2014

            Kobo’s kepubs use a different rendering engine, but they’re still using Adobe’s RMSDK afaik — which, to be fair, isn’t invading our privacy like ADE4, but still means you’re encumbered by DRM and Adobe’s got their hands on your data.

          7. bangbango9 October, 2014

            @derek

            Doesn’t kePub use kobo’s own DRM if necessary?

            (Because yeah, Kobo manages two formats and two DRM schemes)

  6. Mike J6 October, 2014

    ADE 3.0 is still available on their website. I wonder if that version collects the same info.

    Reply
    1. Nate Hoffelder6 October, 2014

      I can tell you that ADE2 does not.

      Reply
      1. Claude6 October, 2014

        Lucky, I still have version 2.

        Reply
    2. Nate Hoffelder6 October, 2014

      ADE3 sends similar minimal amounts of data.

      Reply
    3. Rob Siders7 October, 2014

      2.0 is still available to download from Adobe.

      http://www.adobe.com/support/digitaleditions/downloads.html

      Reply
  7. cakezula7 October, 2014

    So what are we supposed to do about .acsm files from our local Libraries? It’s unreal that ADE is the *only* software available for checking books out. UG.

    Reply
    1. ZiGraves7 October, 2014

      A few users further up say that ADE2 & possibly ADE3 don’t have this problem, and that you can still download these older versions from the adobe website – as long as you make sure you use the old versions, you and other students should be okay.

      I suggest letting your local libraries know, though, because librarians can be very militant about user privacy and they’ll be well placed to advise or kick up a stink.

      Reply
  8. Michael7 October, 2014

    From my own experimentation, it looks like the best way to thwart this in the short-term is by editing the hosts file and directing adelogs.adobe.com to either 0.0.0.0 or 127.0.0.1. I hope we can expect Adobe to address this issue quickly. I sent them an e-mail about my own concerns a little while ago.

    Reply
    1. Nate Hoffelder7 October, 2014

      Wouldn’t that also tend to block the DRM authentication? It might render ADE4 unusable.

      Reply
      1. Michael7 October, 2014

        No, that’s just the logging server. The licensing server is separate, and fortunately they do communicate with that one over an encrypted connection.

        Perhaps this lovely snooping feature was designed to facilitate syncing bookmarks and notes between multiple devices, but if so Adobe never bothered to ask my permission first. Apart from debugging code inadvertently shipped with the final release, that’s the only innocuous use I can think of.

        I reinstalled ADE to read the terms, and I can’t find any place such behavior is consented to. Unfortunately I do need ADE 4 installed for the work I do, so for now blocking the connection to the logging server will have to suffice.

        Reply
        1. Michael7 October, 2014

          * “innocuous” in the sense of providing value to some users. Syncing isn’t something I would need or consent to. I expect a company to make clear what data they are collecting and why, and when transmitting approved data to handle it responsibly, not send it in clear text like this.

          Reply
        2. bangbango9 October, 2014

          The way they would be logging bookmarks in this particular case (at X page turn, location Y. at Z, page turn, location A… instead of at last use, location X). Either it is incompetence* or something quite different.

          * Could be incompetence. After all, ADE is developed in India on a tiny budget and it seems they are out-sourcing in China (could) and Romania (is for sure).

          Reply
  9. Name Required7 October, 2014

    Congratulations for the scoop Nate.
    Looks like your soapbox got a little taller overnight 😉

    Reply
  10. […] gemieden haben. Das wird in Zukunft aber wohl nicht mehr so einfach möglich sein, wenn man einem Bericht von The Digital Reader glauben schenken […]

    Reply
  11. redsun7 October, 2014

    May be you made a typo of some sort. An IP-adress starting with 192 is an unroutable, i.e. local(on your computer) ip-adress. But it could be of course that the information is gathered first on your computer and then sent to Adobe.
    My guess is that it’s a debugging remnant, left by one of Adobe’s programmers.

    Reply
    1. Nate Hoffelder7 October, 2014

      I don’t think that’s true. If you look up that IP address on thw web you’ll see that it belongs to Adobe. It’s clearly labeled.

      Reply
    2. Bob W7 October, 2014

      192.168.x.x is unroutable.

      Reply
      1. Steve7 October, 2014

        Correct. It’s only the 192.168.0.0/24 subnet that’s for local addresses, not the entire 192.0.0.0/36 subnet.

        Reply
        1. Nate Hoffelder7 October, 2014

          Thanks. This would explain why several of my routers offered an access page in that subnet, right?

          Reply
        2. FrancisT7 October, 2014

          Well strictly speaking 192.0.2.0/24 is also unroutable.

          If you look at Adobe’s AS (Autonomous System) they have a number of subnets – http://bgp.he.net/AS44786#_prefixes

          I did some other digging and it looks like Adobe has had this domain also resolve to 193.104.215.99 – that looks to be Adobe Europe in Ireland. I’m guessing that’s classic geographical routing to the closest IP so that European data doesn’t leave Europe
          Interestingly I did a quick check from Japan and it looks like I have a 50% chance of going to Europe or the US.

          In both cases adelogs.adobe.com is CNAMEd to adelogs.wip4.adobe.com and that is the FQDN that can resolv e to one of the two IPs.

          Someone upthread worried that blocking “adelogs.adobe.com” would block some of the DRM activation bits of ADE. As far as I can tell from a cursory scan this is unlikely to be the case. Adobe also has hosts like “activate.adobe.com” which seems more likely to be the activation server. Since there is also “update.adobe.com” and “download.adobe.com” and so I I think adelogs really is just a logging server.

          If you do want to block all of Adobe then *.wip4.adobe.com would probably work wonders, but I suspect that really WILL break anything you have from Adobe that tries to call home, including, say, flash for update checking.

          Reply
          1. js7 October, 2014

            According to ARIN:

            “Addresses starting with “192.0.2.”, “198.51.100.”, or “203.0.113.” are reserved for use in documentation and sample configurations. They should never be used in a live network configuration. No one has permission to use these addresses on the Internet.”

            192.0.2.0/24 is reserved for documentation and examples and ARIN tells network operators that they SHOULD block those addresses in their routers, not MUST. The comment from ARIN ends with:

            “These blocks are not for local use, and the filters may be used in both local and public contexts.”

        3. paul delys7 October, 2014

          Your subnet mask isn’t quite right. 192.168.0.0/16 isn’t publicly routed. In other words, 192.168.anything.anything is a private address.

          192.anything except 168.anything.anything is, by convention, a public address.

          Reply
  12. Miron Schmidt7 October, 2014

    Another reason not to buy any books with DRM, ever (as this will bind you to Adobe’s platform). I will uninstall this software as soon as I’m home today, and good riddance.

    Reply
  13. Joe Blo7 October, 2014

    Adobe developers smell of wee.

    Reply
  14. Simon Wang7 October, 2014

    Companies are still thinking they can pull this sort of stunt and here they are getting caught out again. Even better is the ‘no comment’ from the supplier, I bet they will be coming out with the excuses shortly and they will be lame.

    Great work in getting to the bottom of this. In any case, another reason to buy a real book instead of drm ridden ebooks.

    Reply
    1. derek7 October, 2014

      That’s silly. There are no good reasons to buy (and waste) paper. e-books are fine as long as they have no DRM and don’t need Adobe.

      Reply
  15. Lennart-pottering7 October, 2014

    USE opensource/free softwares always.

    http://www.kde.org

    Reply
  16. Richard7 October, 2014

    Thanks for this Nate.

    We have thousands of publisher books on our production workstations, many under non-disclosure agreements. Fortunately we have not yet rolled ADE4 out for testing (because it can’t handle inline images amongst other silly things).

    This is a timely warning of corporate irresponsibility. We will ensure our publisher production contacts are all made aware of this. From a production facility perspective this is somewhat intimidating. If someone wants to ADE4 test a book under non-disclosure it will have to be on an isolated workstation modified as Michael mentioned. For us that will become a production services sales feature!

    On a last note: It’s one thing that they are sending this private and privileged content back to their servers in clear-text, but really, their JSON sucks. If they are going to steal private information, couldn’t they do it with professional flair and sensible key names rather than this schoolboy code!

    Reply
  17. Rob Siders7 October, 2014

    Post subtitle: Or, Nate tells us what he’s reading.

    Interesting list, by the way. 😉

    Reply
    1. Nate Hoffelder7 October, 2014

      Well, no, I told you what I am buying. (And maybe I should have scrubbed that list, LOL.)

      Reply
  18. Brutal Honesty7 October, 2014

    That’s what you get for paying.

    The pirate versions don’t do that.

    Reply
    1. Rob Siders7 October, 2014

      It’s not the books that are phoning home. It’s the ereader software, which is a free download, and it’s collecting data on all epubs, regardless of source, on a user’s system.

      Reply
      1. derek7 October, 2014

        And, one suspects, in line with their comment about “for purposes such as license validation”, for checking whether books that shouldn’t be available without DRM exist on your system with the DRM stripped…

        Reply
  19. […] gemacht wurde die Datensammelwut am gestrigen Dienstag von The Digital Reader. Demnach überträgt Version 4 von Adobe Digital Editions folgende Informationen vom […]

    Reply
  20. DaveZ7 October, 2014

    Does Adobe have a privacy policy and is this covered? Who knows, maybe we all agreed to the tracking.

    Reply
    1. Nate Hoffelder7 October, 2014

      I’ve heard from someone who actually read it that this isn’t covered.

      Reply
    2. Andromeda Yelton8 October, 2014

      Adobe has a privacy policy, as well as the ADE EULA, and has issued a statement on them: http://www.infodocket.com/2014/10/07/new-and-old-serious-reader-privacy-concerns-both-inside-and-outside-the-library/

      I’ve glanced at both and…hell if I know if I agreed to it, honestly. This information isn’t all specifically referenced. You could make a case it’s covered anyway. That case would go against some people’s moral intuitions. I really have no idea.

      Reply
  21. Name Required7 October, 2014

    Install it inside a virtual machine if you have to, with nothing else and no books at all.

    Reply
  22. Andrew7 October, 2014

    Okay, I’m done with Adobe then. Amazon is cheaper than Kobo anyway. Anyone know if Amazon does the same thing?

    Reply
    1. Nate Hoffelder7 October, 2014

      With the ebooks they sell you, yes, but they kinda have to do that so they can sync your reading position across your account. And so far as I know the data is at least obscured (I will be checking).

      Reply
      1. TheSFReader7 October, 2014

        And it’s the retailer that gets the data, not a third party as is the case with Adobe DRM encumbered ebooks.

        Adobe is a third party, I wonder how much of the data it shares whith the e-booksellers…

        Reply
    2. Name Required7 October, 2014

      Check their user agreement for Kindle.
      You might be very surprised what rights they reserve ;-).

      Reply
    3. Swâmi Petaramesh7 October, 2014

      About Amazon Kindle, you might want to check http://www.defectivebydesign.org/amazon

      Reply
  23. […] Security Praxis, hat heute jemand gepostet, dass die neue Version von Adobe Digital Editions im großen Stil nachhause telefoniert. Das wird zwar gerne mit “wen überrascht’s?” kommentiert, aber das Ausmaß mit […]

    Reply
  24. Swâmi Petaramesh7 October, 2014

    Adobe is (unfortunately) not the only one…

    Let’s read the « licence » file displayed by my « Pocketbook Touch Lux 2 » reader (that also comes with AdobeViewer inside, that makes things a little funnier…)

    Now Go Read And Despair :

    1/ The licence comes in english, which probably makes it plain illegal here in France, coming with a “general public” device that my Grand’Ma can purchase.

    2/ It reads : « POCKETBOOK RESERVES THE RIGHT TO AMEND THE TERMS AND CONDITIONS OF THIS LICENSE FROM TIME TO TIME BY PLACING NEW EDITIONS HEREOF AT: http://www.pocketbook-int.com/legal/SLA. EACH NEW EDITION OF THE LICENSE AGREEMENT SHALL COME TO EFFECT AT THE DATE OF PLACEMENT AT THE MENTIONED WEB PAGE AND THIS IS THEREFORE RECOMMENDED THAT YOU PERIODICALLY VISIT THAT PAGE… »

    => Wow. They can change without notice the rights you have to use an hardware device that you have puchased and own ? And you’d be supposed to go and check every other week ? A clause that allows one part to unilaterally modify a contract after it has been “concluded” is most certainly illegal…

    3/ But the finest still is to come :

    « Information Received. The software will provide Pocketbook with data about your Pocketbook reading device and its interaction with the Service (such as available memory, up-time, log files, and signal strength). The Software will also provide Pocketbook with information related to the Digital Content on your Pocketbook reading device and Supported Devices and your use of it (such as last page read and content archiving). Information provided to Pocketbook, including annotations, bookmarks, notes, highlights, or similar markings you make using your Pocketbook reading device or Reading Application, may be stored on servers that are located outside the country in which you live. […] BY USING THE POCKETBOOK READING DEVICE YOU AUTOMATICALLY ACKNOWLEDGE AND AGREE THAT POCKETBOOK MAY COLLECT, STORE, PROCESS, TRANSMIT, PROVIDE AND/OR SELL ANY INFORMATION AVAILABLE ABOUT YOU AND THE READING DEVICE(S) THAT YOU ARE USING TO ANY THIRD PARTIES. THIS INFORMATION MAY BE USED BY POCKETBOOK AT ITS SOLE DISCRETION FOR ANY LAWFUL PURPOSES AND IN ANY MANNER OTHER THAN PROHIBITED BY APPLICABLE LAWS, WITHOUT LIMITATION.
    Pocketbook reading device and software preinstalled or subsequently installed on it provides Pocketbook with details of the Pockebook reading device used by you and certain actions performed by you on it such as: – Orientation of the Pocketbook reading device (portrait or landscape); – the language of Digital Content; – file size in bytes; – DRM type (Adobe, Pocketbook, none); – Digital Content opened for the first time or not; – the application that you use for reading; – time between the opening starts and finishes in milliseconds; – functions of keys; – the interface language; – the reading device model; – the identifier of the Pockebook reading device to establish whether data have been collected from one or different Pocketbook reading devices (not the serial number); – version of software installed;
    […] Your agreement to be bound by these Terms of Use is voluntary and implies your unconditional consent to all and any data processing conditions estyablished herein; […] »

    Reply
  25. df7 October, 2014

    What about apps like Bluefire and axisReader? I know that they are licensed to be compatible with Adobe DRM, but do they have this same problem?

    Reply
    1. Nate Hoffelder7 October, 2014

      I have assurances from one developer that his app does not. I can’t name him here, though; I don’t want his name to get mixed in by mistake.

      Reply
  26. Ben Hollingum7 October, 2014

    Well done bringing this to light, Nate.

    Perhaps this fuckup, coming as close as it does to the FBF, will make the big publishing houses reconsider their relationship with Adobe. After all, they’ve been laying on the whole “guardians of the enlightenment” shtick pretty thick recently as part of their fight against Amazon. It will be hard to reconcile that stance with complicity in a system that effectively hands oppressive governments the world over a list of people’s seditious reading habits.

    Reply
  27. rocketride7 October, 2014

    Amazon, Google, Apple and Kobo are listed here as safe(r).

    May I assume that B&N Nook devices are using some version of Adobe DRM?

    Reply
  28. Galen Charlton7 October, 2014

    For the moment, I suggest following @ALALibrary and @oitp on Twitter. A couple individuals to interact with if you have quesitons about the process are @ThatAndromeda and @mciszek.

    I’ll also try to remember to post a comment when a statement is released — but note that it may take a couple days or so; ALA is not always the fastest-moving of organizations.

    Reply
  29. Mikaela7 October, 2014

    I am glad I have stayed with ADE 2.0, right now. And that I strip DRM. That said, I am seriously considering ditching ADE and going with Bluefire instead. Especially since they have just launched a Windows version.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top
%d bloggers like this: