Adobe plans to update its Digital Edition e-reader software after researchers reported that they found the application transmits unencrypted private data such as what book the user is reading, what page they're on and what platform is being used. Digital Edition is used by publishers, libraries and users to read and track digital versions of books and documents. E-book blogger Nate Hoffelder first reported the purported security issue after being tipped off by "a hacker acquaintance." He said the acquaintance showed that the data in question, meant to be sent privately to Adobe to verify that a book is correctly licensed, was instead being broadcast in plain text, meaning it could be read by anyone watching that user's Internet traffic.
In a statement to NBC News, Adobe said the data being transmitted is collected only for licensing purposes. "Additionally, this information is solely collected for the eBook currently being read by the user and not for any other eBook in the user’s library or read/available in any other reader." Adobe indicated it would issue a patch to address the transmission method. "“In terms of the transmission of the data collected, Adobe is in the process of working on an update to address this issue," the company said.
- Stolen Adobe passwords turn up on Web, security firm says
- Apple encryption: Bad news for law enforcement
- 'Perfect privacy'? In Internet communication, that doesn't exist