EFF Confirms Reports of Adobe’s Spying

EFF Confirms Reports of Adobe's Spying Adobe Security & Privacy Yesterday the EFF weighed in for the second time on the Adobe spying scandal, offering a belated confirmation of both my initial report as well as a confirmation that Adobe has updated Digital Editions and stopped the spying.

When I first broke the news last month I reported that Adobe was tracking what users were doing inside Adobe DE 4, and that they were also scanning my ebook library and uploading all of the metadata to their servers.

While the tracking was readily confirmed, the scanning was not witnessed by more than a handful of technical experts. Now we can add the EFF to that list. Working from instructions I gave them, the EFF reported that:

We were also able to reproduce the results of the experiment run by The Digital Reader. To perform these tests we again used Wireshark. We plugged a Sony Reader PRS-600 into a computer with ADE installed. When we started ADE with the reader plugged in, we observed ADE sending back data about what has been happening on the reader such as books added and deleted from the reader. Books which were never opened in Adobe Digital Editions.

We were also able to confirm that Adobe Digital Editions gets information from other e-readers that simply have Adobe software installed on them, such as the Sony Reader, Nook, and Boyue. Of course, there may be other readers that are also susceptible.

The EFF goes on to report that they tested the new version of Digital Editions (4.0.1). Their tests went one step further than the other reports I have received; in addition to testing with Wireshark, they also used Fiddler to to track the encrypted data which Adobe was sending to itself. Not only can they report that Adobe is using encryption, the data being sent to Adobe's servers really was limited to only the information required for DRM purposes.

This is what Adobe claimed in their initial response last month, and now it is finally true.

EFF Confirms Reports of Adobe's Spying Adobe Security & Privacy

There's not much new to be said about this story, but the EFF did have a cogent codicil.

Adobe was able to spy on users because they had made their DRM one of the core technologies for the consumer ebook market. And as we know from Cory Doctorow's Law, "Anytime someone puts a lock on something you own, against your wishes, and doesn't give you the key, they're not doing it for your benefit."

Similarly, the EFF proposed a corollary to Doctorow's Law: "Anytime someones collect information about you, without your knowledge and against your wishes, they're not doing it for your benefit."

That is clearly true in the case of Adobe.

image by laverrue

About Nate Hoffelder (10076 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader:"I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

6 Comments on EFF Confirms Reports of Adobe’s Spying

  1. Within the context of the interoperable epub ecosystem it is pretty clear whose interests they were trying to serve and, naturally enough, it wasn’t really Adobe’s. Which is why they stopped it so readily. They weren’t about to open a vein on their behalf.

    I would add one more quote: “The price of freedom (from intrusion) is constant vigilance.”

    You done good, Nate.

  2. >>Adobe has updated Digital Editions and stopped the spying.

    Well done, Nate. You did that.

  3. Yes you’re making a difference Nate!!

  4. A little blog beat all the mainstream journalists to the punch. Bravo, Digital Reader!

  5. Indeed, congrats Nate, thanks for your vigilance 🙂

Leave a comment

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: