Adobe Digital Editions 3 Probably Safe From Adobe’s Spying, Experts Say

It has been some 16 hours since I first broke the news that Adobe was spying on anyone who installed and ran Digital Editions 4, Adobe's latest and greatest ebook app, and while I still do not have a response from Adobe I do have some new information to share.

I have followed up on this story and looked into the earlier versions of Digital Editions, just to see how long Adobe may have been spying on users. After testing DE2 and DE3 I can report, and others can confirm, that neither app appears to be tracking my reading habits nor uploading details about my ebook library.

The older apps do send some information to Adobe, but the data packet is small enough that it can't hold much more than info required to authorize the DRM. So if you need one of Adobe's apps, you do have safer options than DE4.

Adobe DE 3 can be downloaded from the Adobe website.

While the news about the older versions of Adobe DE is not enough to get me to use an Adobe app again, I thought this information could prove useful for librarians, teachers, and industry pros. Speaking of which, my story yesterday is taking on a life of its own and it turns out to have ramifications which I hadn't considered.

This isn't just a privacy violation any more; now there are concerns about how this breach would violate NDAs. According to Richard Pipe of Infogrid Pacific:

We have thousands of publisher books on our production workstations, many under non-disclosure agreements. Fortunately we have not yet rolled ADE4 out for testing (because it can’t handle inline images amongst other silly things).

This is a timely warning of corporate irresponsibility. We will ensure our publisher production contacts are all made aware of this. From a production facility perspective this is somewhat intimidating. If someone wants to ADE4 test a book under non-disclosure it will have to be on an isolated workstation modified as Michael mentioned. For us that will become a production services sales feature!

I didn't directly discuss this need for security in my post yesterday, but it was at the back of my mind. It was safe to assume that someone's corporate IT dept would run security tests on the new app before deploying it, so Adobe should have known that this privacy and security breach would have been caught and likely publicized.

In any case, if you are looking for an alternative to Adobe Digital Editions, the older versions still work. But if you wish to avoid Adobe entirely, as I plan to do, you could try competing apps like Bluefire Reader for Windows.

Independently developed by Bluefire, this app was released earlier this year. I've run it through the same check that revealed Adobe's spying, and so far as I can tell it does not spy on you. (Adobe has made me so paranoid that I am still double checking this.)

Bluefire does offer the feature of syncing your reading position between the Windows app and Bluefire's apps for Android and iOS, so you can expect them to send at least some info back to their servers, but that feature is optional and this app does not require that you log in.

To be fair to Adobe, all of the major ebook platforms offer the option of syncing your reading position, and that does require that information be uploaded to their servers. But one would also expect that the info is transmitted in a secure manner, and not left visible to all and sundry.

Speaking of syncing options, Adobe might have been tracking the reading position with plans to offer a sync option of their own. I am told they have an Adobe DE iPad app in the works, and I can see that syncing between the PC app and the iPad app would be a useful feature.

However, this still does not excuse the lack of security, nor does it excuse the fact that Adobe scanned my ebook library and uploaded the metadata.  That is beyond the pale.

image  by nolifebeforecoffee

Nate Hoffelder

View posts by Nate Hoffelder
Nate Hoffelder is the founder and editor of The Digital Reader: He's here to chew bubble gum and fix broken websites, and he is all out of bubble gum. He has been blogging about indie authors since 2010 while learning new tech skills at the drop of a hat. He fixes author sites, and shares what he learns on The Digital Reader's blog. In his spare time, he fosters dogs for A Forever Home, a local rescue group.

12 Comments

  1. fjtorres7 October, 2014

    Sync only requires scanning the directory holding the books they authenticate. Going outside that folder is spying.

    Reply
    1. Andrew7 October, 2014

      Exactly. Succinctly put.

      Reply
  2. Paul Salvette7 October, 2014

    Great coverage of this scandal, Nate. Thanks for sharing all of this.

    Reply
  3. Juli Monroe7 October, 2014

    So glad I never upgraded to DE4. I’m still using 3, and I only use it for the odd library book that isn’t available in Kindle format.

    Nice catch, Nate!

    Reply
    1. Nate Hoffelder7 October, 2014

      hanks!

      Reply
  4. […] that’s subject to the data gathering program Adobe outlined today. Earlier versions so far appear so far to be unaffected. We will update this post as more information becomes […]

    Reply
  5. Albin7 October, 2014

    OverDrive had made Toronto Public Library users involuntary captives of ADE for some years, but recently introduced the ability to read and sync library loans from a browser window. I’ve found it very quick, easy and surprisingly responsive in all devices. It even saves reading location when the loan expires and is later renewed.

    Reply
  6. Steve7 October, 2014

    And I just upgraded to ADE 4 like a week or two ago.

    Anybody use Txtr ‘s PC app? Unlike Bluefire Reader, it supposedly has the ability to copy Adobe DRM files to ereaders. Just wiped the digital editions folders on my Nook Touch like I’d done before and copied a DRM’ed book from Google Play with right adobe id using Txtr,. Unfortunately, I get a “User not activated” message everytime I try to open the book on the Nook (tried a few different books). Any one else experience this? If not, guess ADE3 it is.

    Reply
  7. […] Tests show that earlier versions of Adobe DE don’t spy on users. […]

    Reply
  8. […] back to Adobe. Nate Hoffelder of The Digital Reader broke the story, and reports that, thankfully, older editions of the software do not track reading. While one might hope that these were just wild allegations, Adobe has confirmed that it is […]

    Reply
  9. […] Tests show that earlier versions of Adobe DE don’t spy on users. […]

    Reply
  10. […] apps from accessing the web, or possibly use one of the older versions of Adobe DE (which to the best of my knowledge does not collect […]

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top