Black eyes for Adobe
On December 22, I wrote about problems updating the Flash player in Firefox, where I mentioned that the Adobe un-installer program for the Flash player does not always un-install the Firefox plug-in DLL version of the Flash player. Simply put, Adobe is not aware of all the places that Firefox looks to find the Flash player. The un-installer would run fine, but Firefox would nonetheless continue to use an old version of the Flash player, even after installing a newer version.
At the time, I reported this as a bug to Adobe (using this form). It is now two weeks later, and Adobe never responded, either to me or by updating the un-installer.
Realizing their press people might want to be aware of this, I also contacted the public relations department at Adobe (using this form). No response.
And then there is the whole issue of needing a special Flash player un-installer in the first place. Did you know this was necessary? Do your friends?
From where I sit, it doesn't seem that Adobe has done a good job of communicating this. And it's a necessary communication, removing the Flash player using the standard Add or Remove Programs applet from the Windows XP control panel doesn't work, and may or may not indicate that it doesn't work.
Speaking of communication, did you know that versions of the Flash player prior to "9,0,115,0" have serious security bugs (aka vulnerabilities or holes)? Secunia calls these bugs "highly critical." The tech support page for Flash doesn't mention them at all.
Then there are the recent stories about Adobe spying on how their customers use their CS3 software.
-- Adobe, Omniture in hot water for snooping on CS3 users
by David Chartier December 31, 2007
-- Wear tinfoil hats when using Adobe products
by Nicholas Carlson December 27, 2007
The CS3 software makes an outbound connection to something specifically designed to deceive. The connection is to a computer by name, but the name was chosen to look like a safe IP address. Specifically, the CS3 software communicates with 192.168.112.2O7.net.
Many people know that IP addresses that start with 192.168.x.x are for internal use only. That is, they are special IP addresses that do not exist on the Internet, but are instead reserved for use on local area networks. Adobe and tracking firm Omniture tried to use this commonly known fact to trick people who are not real techies.
Nerds know that this is 207.net, but many people no doubt see it as 192.168.112.207 and think it is a safe, internal-use-only IP address. Pretty sneaky.
By the way, Omniture owns two 207.net domains, one with the middle character the letter "O" and one with the middle character a zero.
Finally, there is another wrinkle to the problem of not fully removing the Firefox plug-in DLL version of the Flash player. Originally, I noted that Adobe's un-installer failed to remove the program from
C:\Program Files\Mozilla Firefox\plugins\
Recently, I worked on a computer that had Netscape Communicator installed (the e-mail program continued to be viable long after the Web browser fell by the wayside). On this machine, the Flash player DLL was in
C:\Program Files\Netscape\communicator\program\plugins
The un-installer missed this too.
If you know someone at Adobe, you might want to pass this on. They won't speak to me.
Update: Someone from Adobe contacted me on January 7th. They are investigating this now. Apparently many/most/all Adobe employees take off from December 24th until early January.
See a summary of all my Defensive Computing postings.
Michael Horowitz is an independent computer consultant and the author of several classes on Defensive Computing. He is a member of the CNET Blog Network, and is not an employee of CNET. Disclosure.
Sorry, but this is FUD.
The Welcome window can cause such a connection to be made, but it happens solely because the Welcome window includes content from Adobe's web site. If you turn the Welcome window off, you'll find that no connections to 2O7.net are made.
I do not use CS3, so I can't test when it connects to 2o7.net. However, the way the 2o7.net computer name was chosen, to make it look like an internal IP address, has to have been done for deceptive reasons.
Michael Horowitz
But it still might not be. You (and other commentators) are all assuming the worst. For all we know, it may be a total coincidence that it ended up with a name that looks like a private IP address. I agree that it seems likely that it was intentionally chosen, but what irritates me most about this whole saga is that nobody will give anyone the benefit of the doubt. Everyone immediately assumes someone is spying, someone is deceiving them, someone is secretly watching their every move. Please! Most peoples' every move couldn't be more dull.
And even *if* we assume it is an attempt to deceive someone, that raises the questions of *who* it is supposed to deceive, *why*, and who made the decision to do it. Again, everyone assumes the worst.
It's best to apply Hanlon's Razor in these kinds of circumstances. i.e. assume stupidity or incompetence, rather than malicious intent.
Seen this movie before (I think it was titled 'The Robert Scoble Story.")
Whether Adobe talks to me or not, is not really the point. Selfishly, I don't care, I fixed all my Flash problems and don't use CS3. I was trying to notify them about a bug in their software. This matters to the millions of daily Flash users that may still be using an insecure and dangerous version of the Flash player, either because they don't know of the need to update it or they seemingly did update it, but the update never actually took. .
Michael Horowitz
The blog posting you pointed to, written by John Nack of Adobe, does not, in fact address the issue of the IP address purposely designed to deceive. I read the December 28th posting you linked to and the follow-up one. As of January 7th Mr. Nack still has no answer. Quoting him: " I said I'm working on it, and I am. Sometimes at a big company (esp. when other companies are involved) it's not possible to move as quickly as one would like."
Michael Horowitz