Adobe: Difference between revisions

Line 49:

As an American company, Adobe is subject to the United States Cloud Act, which requires all US companies to grant the US government access to any user data even if stored on servers outside their jurisdiction and comply with requests to help with spy operations upon request.

===~~Spying on~~ users' eBook reading activities===

===Tracking users' eBook reading activities===

In 2014, it was revealed that Adobe Digital Editions, Adobe’s e-book reading application, reported extensive information about users' reading habits back to Adobe. This included several unique identifiers; which e-books were added to the application; when which one was opened, and for how long; percentage read; and page navigation information.

All of this information was transmitted completely unencrypted in plain text. This meant that ~~even~~ someone else who was on the same public Wi-Fi as another user would have been able track their reading activities in real time, entirely undetected.<ref>{{Cite web |last=Gallagher |first=Sean |date=8 Oct 2014 |title=Adobe’s e-book reader sends your reading logs back to Adobe—in plain text |url=https://arstechnica.com/information-technology/2014/10/adobes-e-book-reader-sends-your-reading-logs-back-to-adobe-in-plain-text/ |url-status=live |access-date=16 Mar 2025 |website=[[ArsTechnica]]}}</ref>

All of this information was transmitted completely unencrypted in plain text. This meant that someone else who was on the same public Wi-Fi as another user would have been able track their reading activities in real time, entirely undetected.<ref>{{Cite web |last=Gallagher |first=Sean |date=8 Oct 2014 |title=Adobe’s e-book reader sends your reading logs back to Adobe—in plain text |url=https://arstechnica.com/information-technology/2014/10/adobes-e-book-reader-sends-your-reading-logs-back-to-adobe-in-plain-text/ |url-status=live |access-date=16 Mar 2025 |website=[[ArsTechnica]]}}</ref>

===Disrespect for user choices===

Line 59:

For instance, this happened with the option to automatically install updates in the Adobe Flash installer. The same dark pattern is currently used in the Adobe Creative Cloud Desktop application, which presents the same option on each update and requires the user to disable it manually every single time if they do not wish to relinquish control to Adobe over when updates happen.

Whether this is to be attributed to ~~stupidity~~ or ~~malice~~ is debatable, as for instance Adobe Lightroom Classic also has a habit of resetting the language to the system language after every update instead of what was manually chosen in preferences, and the Windows version of Adobe Illustrator had, for a very long time, required the user to manually maximize the application window and re-enable the document rulers after each startup until the issue was finally addressed when the application was moved to a different GUI framework.

Whether this is to be attributed to an oversight or by design is debatable, as for instance Adobe Lightroom Classic also has a habit of resetting the language to the system language after every update instead of what was manually chosen in preferences, and the Windows version of Adobe Illustrator had, for a very long time, required the user to manually maximize the application window and re-enable the document rulers after each startup until the issue was finally addressed when the application was moved to a different GUI framework.

===User information leaks and data breaches===

In 2013, credit card information and personal data of 38 million users was exposed in a data breach.<ref>{{Cite web |last=Patel |first=Maaz |date=26 Mar 2023 |title=The Adobe Attack of 2013: A Cautionary Tale of Cybersecurity Failure |url=https://medium.com/@maazptl240602/the-adobe-attack-of-2013-a-cautionary-tale-of-cybersecurity-failure-1ef4ec74eb64 |url-status=live |access-date=16 Mar 2025 |website=[[Medium]]}}</ref>

In 2019, Adobe left about 7.5 million Creative Cloud customer records in a database publicly accessible online in gross negligence. The database was not ~~even~~ protected with a password.<ref>{{Cite web |last=Cimpanu |first=Catalin |date=26 Oct 2019 |title=Adobe left 7.5 million Creative Cloud user records exposed online |url=https://www.zdnet.com/article/adobe-left-7-5-million-creative-cloud-user-records-exposed-online/ |url-status=live |access-date=16 Mar 2025 |website=[ZDNet]}}</ref>

In 2019, Adobe left about 7.5 million Creative Cloud customer records in a database publicly accessible online in gross negligence. The database was not protected with a password.<ref>{{Cite web |last=Cimpanu |first=Catalin |date=26 Oct 2019 |title=Adobe left 7.5 million Creative Cloud user records exposed online |url=https://www.zdnet.com/article/adobe-left-7-5-million-creative-cloud-user-records-exposed-online/ |url-status=live |access-date=16 Mar 2025 |website=[ZDNet]}}</ref>

==Products==

@@ Line 49: / Line 49: @@
 As an American company, Adobe is subject to the United States Cloud Act, which requires all US companies to grant the US government access to any user data even if stored on servers outside their jurisdiction and comply with requests to help with spy operations upon request.
-===Spying on users' eBook reading activities===
+===Tracking users' eBook reading activities===
 In 2014, it was revealed that Adobe Digital Editions, Adobe’s e-book reading application, reported extensive information about users' reading habits back to Adobe. This included several unique identifiers; which e-books were added to the application; when which one was opened, and for how long; percentage read; and page navigation information.
-All of this information was transmitted completely unencrypted in plain text. This meant that even someone else who was on the same public Wi-Fi as another user would have been able track their reading activities in real time, entirely undetected.<ref>{{Cite web |last=Gallagher |first=Sean |date=8 Oct 2014 |title=Adobe’s e-book reader sends your reading logs back to Adobe—in plain text |url=https://arstechnica.com/information-technology/2014/10/adobes-e-book-reader-sends-your-reading-logs-back-to-adobe-in-plain-text/ |url-status=live |access-date=16 Mar 2025 |website=[[ArsTechnica]]}}</ref>
+All of this information was transmitted completely unencrypted in plain text. This meant that someone else who was on the same public Wi-Fi as another user would have been able track their reading activities in real time, entirely undetected.<ref>{{Cite web |last=Gallagher |first=Sean |date=8 Oct 2014 |title=Adobe’s e-book reader sends your reading logs back to Adobe—in plain text |url=https://arstechnica.com/information-technology/2014/10/adobes-e-book-reader-sends-your-reading-logs-back-to-adobe-in-plain-text/ |url-status=live |access-date=16 Mar 2025 |website=[[ArsTechnica]]}}</ref>
 ===Disrespect for user choices===
@@ Line 59: / Line 59: @@
 For instance, this happened with the option to automatically install updates in the Adobe Flash installer. The same dark pattern is currently used in the Adobe Creative Cloud Desktop application, which presents the same option on each update and requires the user to disable it manually every single time if they do not wish to relinquish control to Adobe over when updates happen.
-Whether this is to be attributed to stupidity or malice is debatable, as for instance Adobe Lightroom Classic also has a habit of resetting the language to the system language after every update instead of what was manually chosen in preferences, and the Windows version of Adobe Illustrator had, for a very long time, required the user to manually maximize the application window and re-enable the document rulers after each startup until the issue was finally addressed when the application was moved to a different GUI framework.
+Whether this is to be attributed to an oversight or by design is debatable, as for instance Adobe Lightroom Classic also has a habit of resetting the language to the system language after every update instead of what was manually chosen in preferences, and the Windows version of Adobe Illustrator had, for a very long time, required the user to manually maximize the application window and re-enable the document rulers after each startup until the issue was finally addressed when the application was moved to a different GUI framework.
 ===User information leaks and data breaches===
 In 2013, credit card information and personal data of 38 million users was exposed in a data breach.<ref>{{Cite web |last=Patel |first=Maaz |date=26 Mar 2023 |title=The Adobe Attack of 2013: A Cautionary Tale of Cybersecurity Failure |url=https://medium.com/@maazptl240602/the-adobe-attack-of-2013-a-cautionary-tale-of-cybersecurity-failure-1ef4ec74eb64 |url-status=live |access-date=16 Mar 2025 |website=[[Medium]]}}</ref>
-In 2019, Adobe left about 7.5 million Creative Cloud customer records in a database publicly accessible online in gross negligence. The database was not even protected with a password.<ref>{{Cite web |last=Cimpanu |first=Catalin |date=26 Oct 2019 |title=Adobe left 7.5 million Creative Cloud user records exposed online |url=https://www.zdnet.com/article/adobe-left-7-5-million-creative-cloud-user-records-exposed-online/ |url-status=live |access-date=16 Mar 2025 |website=[ZDNet]}}</ref>
+In 2019, Adobe left about 7.5 million Creative Cloud customer records in a database publicly accessible online in gross negligence. The database was not protected with a password.<ref>{{Cite web |last=Cimpanu |first=Catalin |date=26 Oct 2019 |title=Adobe left 7.5 million Creative Cloud user records exposed online |url=https://www.zdnet.com/article/adobe-left-7-5-million-creative-cloud-user-records-exposed-online/ |url-status=live |access-date=16 Mar 2025 |website=[ZDNet]}}</ref>
 ==Products==