cybersecurity

6029 readers

120 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

Adobe modifies hosts file to detect whether Creative Cloud is installed (www.osnews.com)

submitted 17 hours ago by floofloof@lemmy.ca to c/cybersecurity

9 comments fedilink hide all child comments

cross-posted from: https://lemmy.bestiver.se/post/1033182

Comments

all 10 comments

sorted by: hot top controversial new old

[–] Kissaki@programming.dev 2 points 2 hours ago

Interesting, clever technical workaround for (potentially) real user benefit. But still, they should never do that. Working around safeguards and system component borders for user convenience is a very bad idea and practice.

[–] Vince@lemmy.world 25 points 17 hours ago (1 children)

Interesting, considering one of the ways to prevent Adobe from phoning home was to redirect their domains via hosts file. Perhaps that's where they got the idea, or one of the things they added, like hey were already looking at your hosts file to check for piracy, might as well add some entries for other reasons.

[–] floofloof@lemmy.ca 29 points 16 hours ago (3 children)

I'm trying to think of legitimate reasons why an installer should be able to edit that file, and I can't think of any. Seems like the OS should lock it down.

[–] MonkderVierte@lemmy.zip 1 points 1 hour ago

From what i remember, the user has to disable some safeguards, to be able to modify it.

[–] hoshikarakitaridia@lemmy.world 10 points 12 hours ago (1 children)

Yeah from my intuition it sounds like this file serves as a makeshift firewall / proxy. Allowing software to override it kinda makes this weak and basically useless for a lot of purposes.

[–] freeman@sh.itjust.works 3 points 6 hours ago

It's a DNS override. DNS is what turns URL addresses (www.Lemmy.org) to IP addresses (127.1.0.42) which are what is used to actually connect to another computer.

Normally your PC asks a DNS server,usually provided by your ISP by default, unless there is an entry in the hosts file.

So authorities often 'block' websites by just asking ISP to not return the true IP for a URL. You can get around that by putting the IP in your hosts file. You can also block websites by adding an entry on your hosts file that point to local host (your PC).

[–] grey_maniac@lemmy.ca 6 points 15 hours ago (1 children)

I don't use windows that much anymore, but couldn't you make it a read-only file?

[–] hoshikarakitaridia@lemmy.world 6 points 12 hours ago (1 children)

Tbf it's already write for admins only. But, if you completely remove write access that makes the file itself obsolete (there's no use in a file that no one can edit) and if you restrict it to trusted installer / verified software, that's not gonna eliminate Adobe.

[–] lefaucet@slrpnk.net 2 points 9 hours ago

Pretty sure to install Adobe you have to give admin permissions