@packetcat if they're just going to hardcode an IP address then why the fuck are they even resolving a domain name in the first place?
@packetcat fwiw, i've got it installed on a macbook, and there's no changes to my hosts file.
@packetcat they must still be sour about me modifying host file on Photoshop CS5 in order to null route their license validation servers.
@forestjohnson lol, you are the second person to mention this nulling of Adobe's license validation servers for CS apps
I have also done this in the past because I wanted to have CS apps installed for funsies (never actually made any real use of them)
@packetcat but the good news is, no one has to use Adobe software anymore. almost all the essential functions that used to be exclusive to Photoshop are now available on free beer + freedom applications that have a reasonable user interface, like Krita.
This is malware behaviour and I don't think calling it that is an exaggeration.
@packetcat This is why I cringe every time one of my streamer friends says "Oh, it's not working, let me run it as Administrator." No user-level app should even have write access to that file.
I don't use any Adobe applications myself but somebody else on my home network does and I can tell you, Adobe app telemetry is very noisy.
Adobe telemetry domains like the following are amongst the top blocked by my local pi-hole installation which is using the OISD big list:
adobecorp.data.adobedc.net
aepxlg.adobe.com
hbrt.adobe.com
So this kind of behaviour is to be expected from Adobe but modifying the local hosts file is a new low, even for them.
my thoughts on software telemetry have remained unchanged since 2023 since I wrote this:
https://nullrouted.space/2023/02/16/on-telemetry-in-software/
As far as I know the only major software developer that does software telemetry consent right is Mozilla and the way they do telemetry in Firefox.
@packetcat Valve (Steam) is pretty good too: opt-in, with a popup, every time, and a full copy of what they're going to tell the mothership.
@packetcat I mean, both Valve and Firefox collect a lot of other data that you can't easily disable, but at least in the obvious areas where you do have control, you are given obvious choices with clear opt-in. Bravo for that.
(FF's Deceptive Content/Dangerous Software Protection/OCSP responses/DoH stuff can basically log every domain you hit. Valve logs every game you play and for how long, etc.)
@wohali AFAIK, Firefox no longer checks for OCSP responses. Any settings for it in Preferences are gone and I don't see OCSP related DNS requests from Firefox anymore.
@packetcat ah nice, that's a good choice. I hadn't noticed yet because I'm still on ESR v140.8.0.
@packetcat Wait, so there is a team within Mozilla that understands consent? Maybe they can go thump... err I mean impart that wisdom on the AI features group.
@nivex I think somebody had that Talk and some of it is in latest Firefox stable
https://support.mozilla.org/en-US/kb/firefox-ai-controls
but IIRC, these "AI" features are opt-out by default so its not perfect
While I'm here, I recently found that Discord is using a newish telemetry domain in their desktop application. It doesn't seem to be used in the mobile application (at least not on iOS).
As far as I can tell, the telemetry call only happens at application start.
The domain is dc-telemetry.net. I don't know what kind of telemetry this is being used for.