back to article Adobe's naughty Chrome telemetry code had XSS problem

Adobe's pushed out a fix for its already-controversial Chrome telemetry extension after Project Zero's Tavis Ormandy found an egregious bug. The update that shipped last week pushed the extension to Chrome users. It was presented as a convenience update that let people print Web pages to PDF, and use Reader instead of Chrome's …

  1. This post has been deleted by its author

    1. Neoc

      Re: Adobe was insecure? GASP!

      @AnonymousCoward: "...grass is green..."

      Not in Oz during the summer it ain't.

    2. Your alien overlord - fear me

      Re: Adobe was insecure? GASP!

      You are fucking kidding me - I thought beavers loved being hammer thrown !!!! I'm now going to have to change my throwing technique :-)

    3. Robert Helpmann?? Silver badge

      Re: Adobe was insecure? GASP!

      In other news water is wet, grass is green, air is good for your health...

      In response: yes, often*, unless there is something in it that isn't, not in Japan, I assume you speak from vast knowledge concerning this and have consulted with many of our castoridine brethren on the subject, try liquid nitrogen, & neither am I.

      I don't use Adobe products any more unless forced to at work, but I am contemplating setting up a VM and installing this just to see if I can send them a bunch of bogus info... No, it's better to leave sleeping dogs lie.

      *See other commentard's note concerning Australia

  2. Oengus Silver badge


    What is that makes these companies think that they are even entitled to collect this data without specific user authorisation?

  3. StillGridlocked

    Adobe making the case for Chromium rather than Chrome. Thanks.

  4. Your alien overlord - fear me

    Was the update to actually uninstall the spyware?

  5. David Austin

    God Fucking Damnit Adobe

    I Hate you I hate you I hate you with every fibre of my being, and If it was within my power, I would unmake everything you wrought at the atomic level.

    Get your shit together.

  6. Hans 1 Silver badge

    The fix

    probably contains at least three CVE's per line of code, if you ask me, you know, Adobe standard coding practices....

    1. druck Silver badge

      Re: The fix

      The fix is simply to say NO when Chrome asks if you want to enable this piece of malware.

  7. Anonymous Coward
    Anonymous Coward

    Why does every corp think it's OK to data rape?

    See title.

    1. Roo

      Re: Why does every corp think it's OK to data rape?

      ... because there is practically zero material penalty for doing so. If a corporate shill faced a high probability of jail time I am fairly sure their product development would take a very different direction.

      The worst that might happen here in Blighty is that you may get a stiffly worded letter from the ICO (if at all). If your crime is big enough I guess you may face a panel of techincally illiterate MPs who pitch softball questions and eventually land a fat contract at tax-payers expense to provide a functionally useless system that rapes the further erodes and the tax payers privacy.

      1. Bob Dole (tm)

        Re: Why does every corp think it's OK to data rape?

        The simple answer here is that there are no laws worth a damn that protect you.

        The reason why there aren't any good laws is because everyone's government (USA/UK/Euro/etc) all want that data too. There are only two ways to deal with this. Either bend over and accept what's happening or go completely dark and join the Luddites.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019