Gregor
Marc EdwardsI can confirm Creative Cloud has added to my /etc/hosts file.
Adobe secretly modifies your hosts file for the stupidest reason: https://www.osnews.com/story/144737/adobe-secretly-modifies-your-hosts-file-for-the-stupidest-reason/
decryption@marcedwards so gross from adobe :(
@decryption I need their stuff, but it’s just non-stop stuff like this from them. One day I’ll uninstall it all!
Ricci Adams@marcedwards I haven't experienced this yet, but I also kill any Adobe daemons when Photoshop/Illustrator/etc aren't running. I wonder if that makes the difference.
@iccir It might! It’d make sense that the apps themselves aren’t the ones to make the modification.
@marcedwards I'll try to do a quick search when I get back to my computer and try to figure out which helper/agent/daemon is modifying this. Maybe there is a default to disable it.
@marcedwards I didn't find anything, but I'm also running an older version of Creative Cloud on Sonoma (I don't update apps until I can verify my workflow won't break).
You might want to try:
`find /Applications/Utilities -name "*Adobe*" -print0 | xargs -0 grep -d recurse "Cloud WAM"`
I'm guessing they probably have some shell script that's making the entry.
Rachel Rawlings@marcedwards How is it being modified when /etc/hosts is owned by root? An after-install script run by the package manager?
@linuxandyarn Good question! I’m not sure. I guess at some point it asks for and gets admin privileges? It’s been a while since I installed Adobe CC, so I can’t remember.
Daniel Schildt@marcedwards @linuxandyarn At least on Windows, only way to install Adobe products is to give them system level access to everything. Creative Suite installs many background services, that in the past (back in 2017-) were essentially Node.js applications. So your desktop computer has a built-in web server that has been there for almost a decade, accessible via local ports.
Adobe's included Node.js server could be used to run any custom code, not only their own. Essentially an attacker could use it to run extra bits of code that would be hidden inside Adobe's software.
@autiomaa @marcedwards Christ. There are days I want to day-drink just being a Linux admin. If I were responsible for Windows users with that shiz I'd be hospitalized.
(Also, today I learned Windows might have /etc/hosts; I assumed the OP had a Mac.)
@linuxandyarn @marcedwards Yeah, Windows has those tools from FreeBSD. Parts of Windows network stack were originally from FreeBSD, and Microsoft has bern using BSD licensed software for decades. Core parts of Azure were also running on top of FreeBSD (already a decade ago).
@linuxandyarn @marcedwards At least on my machine, Adobe adds some items to /Library/PrivilegedHelperTools. These will have root access.
Billy O'Neal@marcedwards This explains why I had to constantly terminate all those bits.
aburka 🫣@marcedwards kinda hate that my first thought was "damn that's clever"
Moe Lassus@marcedwards I monitor my hosts file so good luck Adobe.
Disclaimer: I hate Adobe
mrfoostang 🇨🇦 
Eric Likness
JoeHenzi@marcedwards This would be the final straw
Jeff Clatworthy@marcedwards @daringfireball The great irony is that one of the previous ways to Crack Adobe’s Creative Suite Apps was to edit your hosts file so their registration call-home were routed to local host.
Sandy Corzeta@marcedwards this probably to combat those keygen patcher 😂
Jarno@marcedwards does it run with root privileges or other elevated privileges then?
@jarno Yeah, I think they get that when installing.
Frank Heijkamp@marcedwards
That is absolutely terrible!
That is absolutely terrible!