As a general principle, application developers should not have free rein to modify my system's configuration, and OS's should do their part to make it very difficult for developers. Installing your binaries into C:\Program Files\AppName or /usr/local/bin? Fine. Dumping crap all over C:\Windows or /usr or /boot or something? No way--the OS should make the developer obtain my consent (not just a blanket sudo-like escalation) to do these things. Sneakily modifying /etc/hosts to act against me? Get the hell outta here!
show comments
dpedu
I installed Creative Cloud just last week. No such entry was created in the hosts file on my macOs system.
matsemann
Oh well, as a teenager, blocking adobe servers in hosts file was how you got to "phone activation" and could generate a code. So I guess we're even, heh.
show comments
lousken
How is defender not flagging this? Changing hosts file should raise alarms
show comments
hatradiowigwam
Whether it's run as root/administrator or not - you can disable this behavior by setting the immutable flag on /etc/hosts. No user, including root, can write to a file with the immutable flag set(although root could _remove_ the attribute and then write).
Oh helllll no. Let's imagine an analogy for Adobe leadership:
1. You hired a night janitor to clean and vacuum your executive offices.
2. That janitor secretly stops at every desk-phone to alter the settings of voicemail accounts.
3. After the change, any external caller can dial a certain sequence to get a message of "Yes, this office was serviced by Adobe Janitorial!"
What's your reaction when you discover it? Do you chuckle and say something like "boys will be boys"? No! You have a panic-call, Facilities revokes access, IT starts checking for other unauthorized surprises, HR looks into terminating contracts, and Legal advises whether you need to pursue data-breach notifications or lawsuits or criminal charges.
* Is it acceptable because they had some permission to touch objects in the rooms? No.
* Is it acceptable because the final effect is innocuous? No.
* Is it acceptable because the employment contract had some vague sentence about "enhancing office communication experiences"? No.
* Is it acceptable if they were just dumb instead of malicious? No.
No person that would blithely cross those lines can be trusted near your stuff, full-stop.
show comments
1bpp
I owe thousands of dollars to amtlib.dll.
vondur
If you don't like Adobe modifying your hosts file then I'd not use them. The checking for the software this way is kinda interesting though.
show comments
Dwedit
Browsers could still do something about mixed Internet and LAN/Localhost requests by IP address regardless of the domain name.
show comments
nashashmi
So can I fool the website that I have CC installed?
psyclobe
The most difficult of tasks is trying to un-unstall this pos app on windows.
throw_await
what happens if you happen to use a DNS server that resolves this domain to the correct IP?
show comments
ramon156
To be fair, to crack all adobe products requires a few reg keys. It's wild that they have just given up on pirates.
show comments
OptionOfT
Can't even reproduce it when setting location to Belgium, or CA or AZ.
I must be missing something.
hypeatei
Looks like they got a wildcard certificate for *.creativecloud.adobe.com[0] so that the HTTPS connection works and so they don't have to publish DNS records for the "detect-ccd" subdomain to obtain a cert. Pretty neat setup, but also kinda hacky.
Honestly a pretty nifty way to detect if it's installed. I'm sure this can power a lot of nice features, like linking directly into adobe products if they're installed.
show comments
j45
Make affinity sound like a smarter and smarter choice.
cromka
> for a very stupid reason.
I cannot stomach Thom's articles. So borderline judgmental, holier than thou, feels like he only writes whenever there's something to criticize.
No, it's not a stupid reason. Reason is OK, the execution is controversial.
As a general principle, application developers should not have free rein to modify my system's configuration, and OS's should do their part to make it very difficult for developers. Installing your binaries into C:\Program Files\AppName or /usr/local/bin? Fine. Dumping crap all over C:\Windows or /usr or /boot or something? No way--the OS should make the developer obtain my consent (not just a blanket sudo-like escalation) to do these things. Sneakily modifying /etc/hosts to act against me? Get the hell outta here!
I installed Creative Cloud just last week. No such entry was created in the hosts file on my macOs system.
Oh well, as a teenager, blocking adobe servers in hosts file was how you got to "phone activation" and could generate a code. So I guess we're even, heh.
How is defender not flagging this? Changing hosts file should raise alarms
Whether it's run as root/administrator or not - you can disable this behavior by setting the immutable flag on /etc/hosts. No user, including root, can write to a file with the immutable flag set(although root could _remove_ the attribute and then write).
Recycling a comment from prior discussion (4 days, 68 points, 13 comments): https://news.ycombinator.com/item?id=47617463
_______
Oh helllll no. Let's imagine an analogy for Adobe leadership:
1. You hired a night janitor to clean and vacuum your executive offices.
2. That janitor secretly stops at every desk-phone to alter the settings of voicemail accounts.
3. After the change, any external caller can dial a certain sequence to get a message of "Yes, this office was serviced by Adobe Janitorial!"
What's your reaction when you discover it? Do you chuckle and say something like "boys will be boys"? No! You have a panic-call, Facilities revokes access, IT starts checking for other unauthorized surprises, HR looks into terminating contracts, and Legal advises whether you need to pursue data-breach notifications or lawsuits or criminal charges.
* Is it acceptable because they had some permission to touch objects in the rooms? No.
* Is it acceptable because the final effect is innocuous? No.
* Is it acceptable because the employment contract had some vague sentence about "enhancing office communication experiences"? No.
* Is it acceptable if they were just dumb instead of malicious? No.
No person that would blithely cross those lines can be trusted near your stuff, full-stop.
I owe thousands of dollars to amtlib.dll.
If you don't like Adobe modifying your hosts file then I'd not use them. The checking for the software this way is kinda interesting though.
Browsers could still do something about mixed Internet and LAN/Localhost requests by IP address regardless of the domain name.
So can I fool the website that I have CC installed?
The most difficult of tasks is trying to un-unstall this pos app on windows.
what happens if you happen to use a DNS server that resolves this domain to the correct IP?
To be fair, to crack all adobe products requires a few reg keys. It's wild that they have just given up on pirates.
Can't even reproduce it when setting location to Belgium, or CA or AZ.
I must be missing something.
Looks like they got a wildcard certificate for *.creativecloud.adobe.com[0] so that the HTTPS connection works and so they don't have to publish DNS records for the "detect-ccd" subdomain to obtain a cert. Pretty neat setup, but also kinda hacky.
0: https://crt.sh/?q=creativecloud.adobe.com
[dupe] https://news.ycombinator.com/item?id=47617463
https://news.ycombinator.com/item?id=47624990
Honestly a pretty nifty way to detect if it's installed. I'm sure this can power a lot of nice features, like linking directly into adobe products if they're installed.
Make affinity sound like a smarter and smarter choice.
> for a very stupid reason.
I cannot stomach Thom's articles. So borderline judgmental, holier than thou, feels like he only writes whenever there's something to criticize.
No, it's not a stupid reason. Reason is OK, the execution is controversial.