Comment by jt2190
3 days ago
Redditor thenickdude commented:
> I found that in my hosts file the other day too, and I investigated to find why they're doing it at all.
> They're using this to detect if you have Creative Cloud already installed when you visit on their website.
> When you visit https://www.adobe.com/home, they load this image using JavaScript: https://detect-ccd.creativecloud.adobe.com/cc.png
> If the DNS entry in your hosts file is present, your browser will therefore connect to their server, so they know you have Creative Cloud installed, otherwise the load fails, which they detect.
> They used to just hit http://localhost:<various ports>/cc.png which connected to your Creative Cloud app directly, but then Chrome started blocking Local Network Access, so they had to do this hosts file hack instead.
This is clever in a way, but I wonder what the review process looks like on that team (I say that team because my experience at Adobe was that the company is very heterogeneous).
They’re still completely heterogeneous in my experience as someone who works with each of their teams. It’s like talking to completely different companies who have little idea what the others are doing.
It's because Adobe grew through acquisitions and they have a philosophy of "let teams keep working in the way that works for them".
Novel. A similar approach could be taken by other SaaS tools to comply with age verificaiton laws. Just write an entry to the client's hosts file that points to a subdomain corresponding to a particular birth year. Simple enough for legislative representatives to understand.
/s
The underlying intent here (figure out if it's an existing customer of our locally installed apps when they visit our website) doesn't seem bad, but I certainly dislike both the hosts file and localhost detection options.
I'm curious if there's a "good" way to do this.
I dislike the intent too. A website should simply not be able to see which apps I've got installed. Imagine Facebook doing stuff like this in order to know what ads they should serve.
Fairly certain they already do, atleast on mobile.
Just do it by asking users to log in. Am I missing something here ?
No that seems like the reasonable expectation to me too.
Next they'll be installing a font like TeamViewer did... https://community.teamviewer.com/English/discussion/124507/s...