SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    Adobe Spies on Readers: Every DRM Page Turn Leaked to Base Over SSL
Date    Friday October 24 2014, @03:03PM
Author    azrael
Topic   
from the every-page-you-read-we'll-be-watching-you dept.
https://soylentnews.org/article.pl?sid=14/10/24/0912208

n1 writes:

El Reg reports:

Adobe has tweaked its Digital Editions 4 desktop ebook reader to now encrypt the data it secretly sends back to headquarters – data that details a user's reading habits.

Previously, information on every single tome accessed by Digital Editions 4 was phoned home unencrypted, allowing anyone eavesdropping on a network to intercept it. Now that information is transmitted via HTTPS, and only if the book includes copy-protection measures.

Version 4.0 of the software collected detailed records about books the user has been reading, such as which pages were read and when, and sent this intelligence back to the adelogs.adobe.com server. There was no way to opt out of this, short of deleting the application.

Now, with version 4.0.1, that information is encrypted and sent to the aforementioned server, and is limited to books with DRM protections. We note that the server's SSL/TLS configuration scores an A- from Qualys; the server's certificate has a 2048-bit RSA key albeit with a SHA-1 signature, and it prefers RC4 over stronger ciphers.

Links

  1. "n1" - https://soylentnews.org/~n1/
  2. "El Reg reports" - http://www.theregister.co.uk/2014/10/23/adobe_updates_digital_editions_encryption/
  3. "scores an A- from Qualys" - https://www.ssllabs.com/ssltest/analyze.html?d=adelogs.adobe.com&hideResults=on

© Copyright 2024 - SoylentNews, All Rights Reserved

printed from SoylentNews, Adobe Spies on Readers: Every DRM Page Turn Leaked to Base Over SSL on 2024-03-29 13:14:06