Tracking PDF document use by "phoning home"

by Volker Weber

Joe Brockmeyer reports on unexpected features in Acrobat 7:

By default, Adobe Reader 7 turns on JavaScript, so the "tagged" document is able to "phone home" without the user's awareness.

It appears that you can include Javascript code into PDF documents, that Adobe Reader executes. In this incident the code called a predefined hostname that tracked the usage of the document.

If you are concerned with your privcay you may want to switch off Javascript in Adobe Reader 7.

[Thanks, Detlev]


To switch Javascriping OFF: Just go to Edit - Preferences... Select Category "Javascript" and disable the check box "Enable Acrobat Javascript" - Quite easy!

Wolfgang Schwerber, 2005-05-31

This is not new to Acrobat 7, nor the Acrobat family of PDF viewers - it has been a part of the PDF specification for some time. It is, in fact, an essential component for the workflow in some PDF scenarios. PDF files can contain almost any multmedia format, as well, and are thus subject to the security of the format player.

Everyone who is concerned with security on their computer should have an interactive utility to monitor and selectively block outbound TCP/IP traffic (Little Snitch, Zone Alarm, or something similar). This functionality should be part of every operating system.

Most users think either e-mail or html in reference to the internet, but this is a dangerously simplistic assumption.

David Richardson, 2005-06-01

Annoying experience: After switching off Javascript each time Acrobat 7.0 asks for again activating Javascript when closing a PDF! No "Don't ask me again" checkbox... ;-(

Wolfgang Schwerber, 2005-06-01

Old archive pages

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.


Paypal vowe