Adobe Flash Phones Home Uncontrollably

We recently wrote an article about Google Spyware in which we basically complained about Mozilla Firefox phoning “home” to their deep-pockets investor also known as “Google”.

What is Phoning Home

“Phoning home” is a secret or background internet communications activity whereby data from your computer is sent to the computers of a company who develops the software installed on your computer.

Most people do not want to share information with third-parties. Even if they do not mind information sharing, before agreeing to it, most end-users first want to know:

  1. that their personal information is indeed being sent to a third party
  2. what type of information about them is being sent
  3. why this information is being sent and how will it be used

All of the current privacy initiatives happening with banking and other consumer information in the offline world generally applies to end-user concerns over online privacy.

The one big exception online is that the laws are not as clear in the online world and some short-sighted companies over-step their authority to collect personal information about end-users and/or choose to not disclose the fact that they are activity collecting personal information and/or browsing history and using it for their own purposes.

Today we have discovered that another popular program is not only phoning home, but preventing the user from opting-out of this practice. We find this outrageous.

Adobe Flash

Adobe Flash was a useful browser add-on that previously leveraged the end-user’s browser technology for software configuration, caching and cookie settings. Now Adobe Flash has its own set of configuration parameters, cookie cache and data download repository.

Many people do not know this.

Adobe has chosen to default the Flash program settings to periodically send your personal information from your computer to theirs.

Even though end-users may have selected certain browser settings, cookie saving and caching options to reflect their online privacy preferences, Flash does not comply with the global settings.

Flash secretly saves end-user browsing history, cookie settings and cache files separately. This happens in the background without end-user knowledge or disclosure. Adobe has in effect chosen to do their own thing which helps feed the tiger of “user profiling”, “data mining” and “activity tracking”.

To their credit, Adobe has an online settings configuration manager for Flash but the only options presented are to disable end-user notification of the phone home activity. The Adobe Flash phone home activity itself can not be disabled. This means that end-users who are savvy enough to disable the notifications are tricked into believing that the phone-home feature is disabled when it most certainly is not.

If Adobe Flash phone home features can be disabled, Adobe does a fantastic job in hiding the fact.

In any event, why should Adobe make it easy for end-users to disable the phone home feature?

One would think that Adobe has intentionally designed the technology to permanently phone home.

While end-users install and then use Flash to download videos and other Flash content, Adobe is in the background happily collecting reams of personal data.

What is disturbing is that most of the “bad” stuff online these days is delivered through video files. So if a user wanted to be anonymous while visiting (let’s just say “adult” video content delivered as Flash), they have no way to know just what Adobe is collecting in terms of browsing history and how this personal informational is being used.

Uninstall Adobe Flash

We maintain a zero-tolerance against sneaky companies that operate on the fringes, secretly collecting our personal information. That goes for the 12 year old wanna-be hacker who tries to send spyware to us through spam e-mail. And it goes for the large, relatively successful Fortune 500 company that changes their program code for the worse i.e. from a useful browser plug-in to a full-fledged installable program that phones home, caches our content and saves personably identifiable markers outside normal channels in order to bypass controls. Spyware.

We have never installed Adobe Flash on our primary web browser (i.e. Mozilla Firefox), but we had Flash installed on our computers’ backup browser, i.e. Internet Explorer.

For now Adobe Flash has been summarily uninstalled from all of our computers. And we are recommending that others do the same. In the meantime we will be searching the Internet for an “Adobe Flash replacement”.

  • Facebook
  • TwitThis
  • StumbleUpon
  • Digg
  • del.icio.us

, , , , , , , , , , ,

One Response to “Adobe Flash Phones Home Uncontrollably”

  1. Administrator on March 31st, 2009 at 7:06 pm

    Here is some of the background information used to help compile this information:

    Background: I have my system setup so that (it feels like) I’m in control. No programs startup automatically except ZoneAlarm. All programs have “Automatically Check for Updates” disabled. ZoneAlarm is setup to prompt before allowing either itself or any other program to connect to the Internet, as well as disallowing any program from having server access.

    I like to know if and when any program is trying to “phone home”.

    This morning, shortly after startup, I was presented with an on-screen message:
    “An update to your Adobe Flash Player is available …”. WTF??!!

    1. How did this program even get initiated at startup?
    2. How did it know an update was available?
    3. If it IS able to contact the Internet, what other information is being exchanged without my knowledge?

    What I’ve done so far: Searched all the usual places for Startup programs, including AutoRuns from SysInternals. Double-checked my ZoneAlarm settings and logs. Manually searched registry and other startup files. No clues anywhere!

    It’s possible that it was triggered by yesterday’s browsing on some flash-enabled site. It’s also possible that it’s just triggered by date (30 days or so since last manual update). It would be more worrying if Flash is indeed “phoning home”. Either way, it’s spooky, and plain annoying.

    Reference Whirlpool Forum