Musings on Photography

Adobe Followup

Posted in Adobe Lightroom, ethics, photoshop, software by Paul Butzi on January 8, 2008

G9-080105-0361

John Nack weighs in with Adobe’s definitive word on the upsetting business with Adobe CS3 apps contacting “192.168.112.2o7.net”, a domain name clearly chosen to look like it’s a local network address (although it’s not):

Q.: Why does Adobe use a server whose name is so suspicious-looking?
A.: I’m afraid the answer is that we don’t really know. The fact is that this SWF tracking code already existed on the Macromedia side at the time the companies merged, and it was adopted without change by a number of products for CS3. The people who wrote the code originally did not document why they used that server name, and we can’t find anyone who remembers. I’m sorry we aren’t able to provide a more solid, definitive explanation.

I would just like to point out that, now that they’ve had plenty of time to work this all out without the problems of having people on vacation over the holidays, Adobe has managed to come up with a definitive answer, and the answer is “Gee, we really don’t know.”

Boy, howdy, Adobe. You guys are really doing just exactly the right thing to maximally erode my trust and confidence. This is the best answer you can produce? I don’t know about anyone else in the world, but when you give me an answer like this, my conclusion is that you know the real answer, and you don’t want to give it, so you came up with a bullshit story like this.

Let’s just refresh our memories, with John Nack’s words from his original post on this subject:

As I say, now is the perfect time for people to throw around whatever wild assertions they’d like, given that so many people are out of the office and can’t respond.

Hey, John. It turns out it didn’t make much difference. Apparently an Adobe software development team at work doesn’t get answers any better than an Adobe software development team off on vacation and unreachable does. I think you’ll find it works better if you keep the whining about those annoying customers to a minimum. That’s probably a good thing for a senior product manager to know. And I offer it up, here, completely free of charge. Consider it a goodwill gift.

From the Adobe website referenced in John’s most recent post:

If you would prefer that the software not make these calls, simply disable the Welcome Screen in your Adobe software by selecting the Don’t Show This Again option in the lower left corner of the Welcome Screen.

This would seem to imply that turning off those welcome screens would mean that I could stop worrying about all this. But then I read, on the same web page:

…some Creative Suite 3 software contains embedded web browsers, any user action which requests Adobe.com content from such an embedded browser will cause the host software to make the tracking calls.

For example, clicking Bridge Home in Adobe Bridge CS3 will cause its embedded browser to visit an Adobe.com page and initiate this tracking. If you would like to prevent this from happening, turn off Bridge Home by opening Adobe Bridge CS3, choosing Edit > Preferences (Windows) or Bridge CS3 > Preferences (Mac OS), and deselecting Bridge Home under Favorite Items.

Uh huh. So turning off those Welcome screens means no more calls to Omniture’s servers. Except, of course, for all those OTHER calls to Omniture servers, like those that happen when I hit ‘Bridge Home’. One is left wondering, really, not just whether it’s possible to turn off all this crap, but whether Adobe actually has any employees who can muster the fairly minimal competence required to give us a definitive list of all the things we might do that will trigger this behavior.

And then, just as a final note, I followed the link from that web page to take a gander at Adobe’s Online Privacy Policy. And there, I found the following:

Please note that the practices of Adobe Systems Incorporated, its affiliates, and agents (“Adobe”), with respect to data collected and used by Adobe in connection with this website and all other Adobe.com, Acrobat.com and Acrobatusers.com websites of Adobe Systems Incorporated and its affiliates with links to this policy (collectively, the “Site”) and Adobe products and services available or enabled via the Site (“Products and Services”), are governed by this online privacy policy (“Privacy Policy”) as amended from time to time, and not the privacy policy in effect at the time the data was collected. [emphasis mine]

In other words, what Adobe are saying is that the privacy policy that applies is not the one in effect at the time they collected data from you. It’s the privacy policy that is on that website, which Adobe are free to change AFTER they collect the data. So they’ll give you lots of assurances now, collect the data, and then in the future, they’ll amend the policy, and do whatever they like.

I think that’s unspeakably scummy.

8 Responses

Subscribe to comments with RSS.

  1. chap said, on January 8, 2008 at 10:22 pm

    I think it’s a bit unfair to rail on Nack for not being able to track down the origin of the name especially considering that in the very next Q&A he states that the offending server names will be changed. It’s easy to imagine how with the merger of software teams and the turnover that happens at any company, no one knew the origin of that particular code.

    That said, the provision for changing the privacy policy retroactively is pretty outrageous. It makes the whole thing meaningless.

    If you’re concerned about outgoing connections being made by these and other applications I would highly recommend installing software to monitor outgoing connections from your computer. I use LitteSnitch (Mac) and am very pleased with it.

  2. Paul Butzi said, on January 8, 2008 at 10:40 pm

    I think it’s a bit unfair to rail on Nack for not being able to track down the origin of the name especially considering that in the very next Q&A he states that the offending server names will be changed.

    Let’s be clear, here. I didn’t rail on Nack for not being able to track down the origin of the name, I railed on him for whining about customers complaining when everyone’s on vacation. That was stupid of him. And I stand by my point, which is that it wouldn’t have mattered if people had discovered all this at the exact instant Nack had every software developer at Adobe corralled in one room, because it took them a week after everyone was back to come up with the answer “I’m afraid we don’t know”.

    That seems like an answer that completely erodes my faith in Adobe’s software development process if true and completely erodes my faith in their honesty if false. Given the dissembling nature of the privacy policy, I guess I’ll give the software developers the benefit of the doubt and end up with little faith in the honesty of Adobe as a company.

    And I’d note that Nack ends his post with the words “All in all, I’m glad that people raised the issue; that we can explain what Adobe apps are doing; and that we can bear this experience in mind as we move forward.”

    People still don’t know what other behaviors Adobe apps might be hiding. Apparently Adobe don’t either. They still don’t know how to turn it all off – and apparently neither does Adobe.

    Is this a picture that gives you confidence in their software?

  3. Bahi said, on January 9, 2008 at 2:26 am

    Bravo! This behaviour is just nuts on Adobe’s part. The sneaky choice of server name, Adobe’s reaction to the discovery of its use and the useless blog posts of its employees. If its customer service were decent, then this might be seen as an exception but it’s quite the opposite. Till last year, I was dealing with Adobe regularly on behalf of a site that licenses hundreds of seats of the full Creative Suite, with full software maintenance agreements – we were treated by Adobe like something sticky found on the bottom of its shoe. I’ve rarely been so irritated as I was when dealing with these people, whether on its abominable licensing site or on the phone. Its attitude to customers, summed up succinctly, was “F*** ’em”.

  4. David Mantripp said, on January 9, 2008 at 2:43 am

    I think you’re being rather harsh. Software development is, always has been, and probably always will be, pretty chaotic even in the best of cases. People do make mistakes, do forget to write things down, and do lose track of why things are done in a certain way.

    For John Nack to admit publicly that Adobe has actually lost the plot on this one is remarkably frank. And that CS3 is a hugely complex product suite where nobody entirely sure what is going on at all times in all parts of the system … this comes as a surprise to you ?

    And that he showed irritation at being hit with a messy problem over the holiday season is just human.

    What would you prefer ? A faceless PR flack ?

    I think you could find more deserving targets for your bile, to be honest. If you think that you cannot trust Adobe software any more, stop using it. Or use Little Snitch, as suggested. But enough of the ad hominen attacks. I don’t think your blog needs this sort of stuff – it is interesting enough without it.

  5. Paul Butzi said, on January 9, 2008 at 8:36 am

    I think you’re being rather harsh.

    Yes. I think it’s warranted.

    And that CS3 is a hugely complex product suite where nobody entirely sure what is going on at all times in all parts of the system … this comes as a surprise to you ?

    Please allow me to put on my software developer’s hat for a moment. No, it does not surprise me to find that CS3 is a hugely complete product and that no single person is entirely sure what is going on at all times in all parts of the system. But that’s not the issue. The issue is that apparently there is a part of this complex system where NO ONE KNOWS what is going on ALL OF THE TIME. And, speaking as a software developer who is familiar with large software systems, I find that somewhat frightening.

    I’m just curious – does it make you at all uncomfortable to suggest that I abandon a set of software tools I’ve purchased for a great deal of money because it’s come to light that the software might be compromising my privacy? I could understand some complacency if this was a software tool that cost $45. But the full blown Creative Suite Design Standard costs, what, $1200 in the US?

    I would think that for $1200 bucks, I would get software I could trust, and not software where I have to take defensive measures just so I can use it. And I would think that Adobe would think that, too.

    But enough of the ad hominen attacks. I don’t think your blog needs this sort of stuff – it is interesting enough without it.

    Well, first off, I don’t view any of this as personal attacks on people at Adobe, I view it as criticizing their public behaviors. If I were arguing that we couldn’t trust what Adobe says because I’d heard something truly unpleasant about Nack’s private behavior, THAT would be an ad hominem attack. But I haven’t done that.

    Second, I think it’s useless to read stuff that is only going to say positive things, and will sweep problems under the carpet (and that’s why I find most equipment reviews sadly lacking). At the same time, I think it’s not right to only complain, and never praise.

    I use a simple rule – when I run across something I like, I say so. And when I come across something I don’t like, I say so. I’ve praised Adobe in the past and have recommended their products in the past. I think it’s fair to criticize them when they come up short.

  6. Ed Richards said, on January 9, 2008 at 9:38 am

    I think this is an artifact of the lack of competition for these products. It really does not matter what Adobe does, most of its users are stuck with the product. It is not the only example, but it is a good one. Customer service only goes far enough to keep the bottom line up, and things that are not going to reduce sales do not matter much. (And no, I do not think Google will not be evil.)

  7. Martin Doonan said, on January 10, 2008 at 12:31 am

    Paul, I fully support your stance on this. It makes me wonder what all my other sfotware is doing, too. I try and block most from direct access to the ‘net unless I want them too but sometimes that stops things working. It’s insidious and I don’t like it. Sometimes it makes me wish for the days of dial-up, where my computer was rarely connected to the ‘net and software worked by itself.

    As for Adobe – I’m nealy complete in making myself completely Adobe-free. I can now do 99% of my photo work without Photoshop.

  8. mcananeya said, on January 10, 2008 at 1:55 am

    Paul,

    I just read another (very brief) article on this over at the Imaging Resource: http://www.imaging-resource.com/NEWS/1199909626.html. What caught my eye was this quote: “‘No personally identifiable information is ever submitted when fetching content from Adobe.com or when tracking calls are made after the fetched content is received,’ the TechNote claims.”

    Now, this may just be the lawyer in me, and I’m not a tech person so a lot of this stuff goes over my head, but it seems to me that they are saying:

    “No personally identifiable information is ever submitted when:

    [A] fetching content from Adobe.com,

    [B] tracking calls are made AFTER the fetched content is received.” [emphasis added]

    In other words, it seems to me that this leaves open the question of whether information is submitted when [if?] (x) fetching content from sites other than Adobe.com, or (b) tracking calls are made independent of fetching content from Adobe.com.

    Best,
    Adam


Comments are closed.

%d bloggers like this: