cybersecurity

6053 readers

29 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

101

Adobe modifies hosts file to detect whether Creative Cloud is installed (www.osnews.com)

submitted 1 week ago by floofloof@lemmy.ca to c/cybersecurity

10 comments fedilink hide all child comments

cross-posted from: https://lemmy.bestiver.se/post/1033182

Comments

all 11 comments

sorted by: hot top controversial new old

[–] sirblastalot@ttrpg.network 3 points 6 days ago

They used to just hit http://localhost/:/cc.png which connected to your Creative Cloud app directly, but then Chrome started blocking Local Network Access, so they had to do this hosts file hack instead.

Ok but adobe what if you didn't portscan me either, please.

[–] Kissaki@programming.dev 3 points 6 days ago

Interesting, clever technical workaround for (potentially) real user benefit. But still, they should never do that. Working around safeguards and system component borders for user convenience is a very bad idea and practice.

[–] Vince@lemmy.world 26 points 1 week ago (1 children)

Interesting, considering one of the ways to prevent Adobe from phoning home was to redirect their domains via hosts file. Perhaps that's where they got the idea, or one of the things they added, like hey were already looking at your hosts file to check for piracy, might as well add some entries for other reasons.

[–] floofloof@lemmy.ca 33 points 1 week ago (3 children)

I'm trying to think of legitimate reasons why an installer should be able to edit that file, and I can't think of any. Seems like the OS should lock it down.

[–] MonkderVierte@lemmy.zip 1 points 6 days ago

From what i remember, the user has to disable some safeguards, to be able to modify it.

[–] hoshikarakitaridia@lemmy.world 11 points 1 week ago (1 children)

Yeah from my intuition it sounds like this file serves as a makeshift firewall / proxy. Allowing software to override it kinda makes this weak and basically useless for a lot of purposes.

[–] freeman@sh.itjust.works 3 points 1 week ago

It's a DNS override. DNS is what turns URL addresses (www.Lemmy.org) to IP addresses (127.1.0.42) which are what is used to actually connect to another computer.

Normally your PC asks a DNS server,usually provided by your ISP by default, unless there is an entry in the hosts file.

So authorities often 'block' websites by just asking ISP to not return the true IP for a URL. You can get around that by putting the IP in your hosts file. You can also block websites by adding an entry on your hosts file that point to local host (your PC).

[–] grey_maniac@lemmy.ca 6 points 1 week ago (1 children)

I don't use windows that much anymore, but couldn't you make it a read-only file?

[–] hoshikarakitaridia@lemmy.world 6 points 1 week ago (1 children)

Tbf it's already write for admins only. But, if you completely remove write access that makes the file itself obsolete (there's no use in a file that no one can edit) and if you restrict it to trusted installer / verified software, that's not gonna eliminate Adobe.

[–] lefaucet@slrpnk.net 3 points 1 week ago

Pretty sure to install Adobe you have to give admin permissions