Hey Adobe!  Leave My Boot Loader Alone!

by dolst (dolst.com)

I will begin with the usual semi-legalese about this article being for instructional purposes only, and not to steal software because it is wrong/bad/illegal/immoral/unpatriotic/etc.  Doing anything listed in this article could render your computer a doorstop, and you could lose all your data if you don't know what you are doing.  This article applies to dual-boot Linux systems using GRUB and a boot partition.  All bets are off for any other configuration.  The methods described in this article also require a rudimentary understanding of the dd program (dd-0.6beta3.zip), and the knowledge that you can nuke your system should you commit a typo during its use.  With that said, let us begin...

The Master Boot Record (MBR) lives in the first 512 bytes of your computer's hard disk.  It contains the partition table and the executable code needed to make the computer give you more than a blank stare.  After that first sector, there are usually a good 63 sectors or so that are used for executable boot code, before the first partition.  For this article, I will call this the boot area.  For single-boot Windows systems, a good chunk of this boot area is unused.  However, if you are dual-booting with Windows and most any modern Linux distribution, this area is used in part by GRUB, Linux's boot loader.  (If you are using LILO and are affected by the following symptoms, I cannot help you.  Sorry.)

One day, my friend brought his laptop to me with a problem.  He had installed XP and Ubuntu in a dual-boot configuration with GRUB, which is fairly common.  His partition scheme was like this: 200 MB EXT3 boot partition; NTFS XP Partition; EXT3 Ubuntu partition; Extended partition where he kept the swap, a FAT32 partition, and another NTFS partition.  Everything was working.  He could choose between XP and Ubuntu at boot with no problem.  Then, he decided to install Adobe Creative Suite 3.

He assured me he had not altered CS3's files in any way (nor would he have known how).  CS3 had a valid serial number, and was activated.  He ran the Adobe updates.  Everything seemed cool until he restarted the computer.

During boot, he saw the typical POST screen, then "GRUB Loading Stage 1.5".  Then the screen went blank.  Then he got the POST screen again, then the GRUB message.  This continued ad infinitum until he powered off the laptop.  My friend was sure that installing CS3 was the cause, as it was the last change made before the problem occurred.

I whipped out my trusty Ubuntu CD, and booted into live mode.  I ran parted and saw all the partitions there, just as he had described them.  Everything seemed to be intact.  So, I ran GRUB from the Live CD and told it to find stage1, which it found at hd0,1.  I did the usual root(hd0,1), setup(hd0), and it said it had installed all 16 sectors and everything was okay.  Problem solved!

I was sure that whatever had b0rked his boot area couldn't have been Adobe CS3... could it?  I rebooted the machine and GRUB came up, followed by the boot menu, then XP with no problems!  Win!  Everything was cool, so I restarted for good measure.  GRUB still played nice.

My friend suggested that I run Photoshop.  I did so, then restarted the computer.  BAM!  GRUB once again got stuck in a loop!  Again, I used the Ubuntu CD to reinstall GRUB, and then everything was hunky-dorey.  A few more times, a few more tests, with Dreamweaver, Premier, Acrobat Professional, all lead to the same conclusion: Adobe software was boogering GRUB somehow!  Why would any Adobe program need to write data to the boot area?  It was Google time!

I did a search for "photoshop" and "grub", which yielded an Ubuntu Forum archive from November, 2007.  In it, several people seemed to have the same symptoms, with dual-boot systems.  Some assumed it was Vista-related.  But this obviously did not apply to my friend's XP installation.

Another search turned up a page from 2004.  It seems CS2 was doing something similar, again, to dual-boot systems!  Searches about Adobe and the master boot record produced a page that mentioned Adobe CS3 writes its serial number to the MBR.  This turned out not to be technically accurate, but it did put me on the right track.  In the interest of preventing piracy, despite already requiring a serial number and activation, Adobe determined it was okay to write that serial number to its users' boot area.

On most Windows systems, this seems to have no adverse effect.  But for those of us who use GRUB to boot into multiple OSes, Adobe's "protection" stomps all over a vital portion of the hard drive, making the computer unbootable.  Furthermore, this is not done solely at install.  Running any CS3 software, including Photoshop, Dreamweaver, Illustrator, or Premier, results in a check of this area of the hard drive.  If you have repaired it in the interest of simply booting your computer, CS3 happily "fixes" it for you, once again rendering your machine unbootable!  Sure, you can boot with an Ubuntu live CD after every use of CS3, but this gets tiresome.  So I decided that if Joe User couldn't prevent Adobe from mucking up his boot loader, he should at least have the option to reverse it every time it happens.

First, I had to determine which part of the boot area was being affected.  After letting CS3 have its way, I booted the live CD.  With dd, I copied the beginning of the drive to a file on its FAT32 partition.  After reinstalling GRUB, I copied that same sector to another file.  Initially, I only copied the first 512 bytes (a.k.a., the MBR itself).

The two files had identical MD5 checksums, so the actual MBR was not altered.  A hard drive sector is 512 bytes - the size of the MBR - and I remembered GRUB's "16 sectors" message.  So, I booted into Windows, ran CS3, rebooted with the Ubuntu CD and repeated the whole dd process.  This time I changed dd's block count to 16, and the MD5 sums were different.  This meant the change was somewhere in those 16 sectors.

I went ahead and booted back into XP, and looked at the two different 8k files in a hex editor.  Comparing the clean GRUB image to the molested version showed both were identical before block 0x1400 (5120 decimal) and after 0x1600 (5632 decimal).  I'm no hex-editing guru, but based on the evidence, it was clear some essential part of GRUB got wiped.  Apparently Adobe does not care about this.  Some say they have mentioned this to Adobe, whose response is allegedly that "it affects so few people" as to be unworthy of their attention.  So, even if you have paid Adobe real money for their software, they will still potentially ruin your dual-boot system.

What now?  We need a method to substitute the clean boot area for the fiddled-with boot area.  This is where dd for Windows comes in.  Windows refers to block devices and file systems differently than Linux.  However, the principal is the same, and the Windows version of dd is just as powerful (and dangerous in unskilled or malicious hands).  I copied dd.exe into a default Windows path so it could be called from the command line as I pleased.

Then, I created a clean image of the first 8k of the physical hard drive, like so:

C:\> dd.exe if=\\.\PhysicalDrive0 of=c:\unfiddle\clean.img bs=1024 count=8

\\.\PhysicalDrive0 is the Windows equivalent of /dev/sda.

The larger block size of bs=1024 count=8 yields better performance than the mathematically identical bs=512 count=16.

This creates a snapshot of the clean boot area in: C:\UNFIDDLE\CLEAN.IMG

Next, I created a batch file that would write this clean 8k image to the first 16 sectors of the hard drive.

The resulting command looks like this:

C:\> dd.exe if=c:\unfiddle\clean.img of=\\.\PhysicalDrive0 bs=1024 count=8

This command writes the contents of CLEAN.IMG to the first 16 sectors of the drive.  You must be absolutely sure you have exactly the right file, or you WILL render your computer unbootable, possibly beyond GRUB's help.  (The Ubuntu live CD has options for reconstructing partition tables, but you don't want to have to go there!)

I put the above command into a file called C:\UNFIDDLE\UNFIDDLE.BAT, then created a shortcut to it on the desktop.  Now, when we run an Adobe application, we have a way to fix our boot area.  Still, manually running UNFIDDLE.BAT every time we use CS3 would be tedious.  I needed to make sure this happened automatically.  Thus, I came up with this version of UNFIDDLE.BAT:

start "dummy" "%~f1"
ping -n 30 127.0.0.1
dd.exe if=c:\unfiddle\clean.img of=\\.\PhysicalDrive0 bs=1024 count=8

The batch file is called with the path to the desired Adobe program following it.

For example:

C:\unfiddle\unfiddle.bat "C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe"

start loads whatever program is listed during the calling of UNFIDDLE.BAT, then continues running UNFIDDLE.BAT itself.

The dummy is needed because of a quirk that requires the first parameter of start in quotes to be the title of any new command window that may be opened in the process.

The %~f1 is the full path to the Adobe (or, theoretically, any other) program we want to run.  While UNFIDDLE.BAT runs, this program begins loading.

Meanwhile, UNFIDDLE.BAT is still executing.  The next thing I have it do is ping 127.0.0.1 (localhost) thirty times.  This is just a way for it to bide its time.

Meanwhile, Photoshop, Dreamweaver, or whatever, is loading, initializing, starting, and fiddling with the boot area.

Then, the program finishes loading, and is ready to use.  A few seconds after this finishes, UNFIDDLE.BAT finishes pinging and then runs dd to *un*fiddle the boot area!  Use the program, edit photos, create a web page, make a music video, or whatever.  When you're done, you can still reboot your computer and have it do what it is supposed to.

Take a few minutes to go through and edit all your Adobe shortcuts in the "Start Menu" to reflect this change.  Right-click the shortcut, go to "Change Icon", then re-select the same icon it's already using.  This step may seem redundant, but if you don't do it, it "forgets" where the icon is.  Then you'll have to track down the icon's EXE file... if you care.

Next, in the "target" section, just paste C:\UNFIDDLE\UNFIDDLE.BAT in front of the existing target name, which should already be in quotes.  Then, it should look like the example above.  A few shortcuts may be "unadvertised links," which means you can't change their target.  That subject is beyond the scope of this article, but you can delete them and replace them with manually-created shortcuts to their respective EXEs.  Then you can alter their targets just like any others.

If 30 pings are not enough to keep unfiddle busy while CS3 is still loading, you can increase the count to 40, 50, or even 100.  The choice is yours.

In a sunshine-and-lollipop fairytale world, this would be all you have to do to be free of Adobe's fiddling.  Unfortunately, there are still scenarios in which these nefarious applications may execute without your consent, and run roughshod over your boot area.  Double-clicking a Photoshop file to open it, having Adobe Update run spontaneously, or even viewing an online PDF in your browser can jeopardize your boot area.  (Fortunately, the free Adobe PDF Reader is safe, if you do not have CS3.)

For this occasion, I kept the original version of UNFIDDLE.BAT and named it UFLITE.BAT.  All it does is the dd copy; nothing more, nothing less.

Using the Windows Group Policy Editor, I added UFLITE.BAT to the shutdown scripts, which makes it run at shutdown and restart.  And finally, I left a shortcut to UFLITE.BAT on the desktop for periodic use in the case of hibernation (which does not run shutdown scripts) and/or accidental powering off without shutdown.  In these cases, if UFLITE.BAT is not run and the boot area has been fiddled with, you will need to use a bootable CD of some type (Ubuntu, Trinity Rescue, BartPE, etc.) to restore the boot area from your clean image file.

Another quick note should be made here.

Adobe CS3 seems to like to communicate with 192.168.112.2O7.net.  At first glance, this looks like an internal IP address.  In fact, it is a subdomain of 2O7.net, which is owned by Omniture.  (Notice the letter "O", not the number zero in that last "octet.")  Feel free to 127.0.0.1 it out in your hosts file.

One final amusing tidbit: the licensing software Adobe uses is FlexNet, which is also used by Autodesk 3DS Max and other programs.  It was created by Macrovision, perpetrator of the early commercial video copy-protection schemes.  Those of us old enough to remember VCRs can now be heard groaning at the mention of that name.

The ramifications of software piracy are a discussion for another day.  However, in this case, the unintended consequences of Adobe's anti-piracy methods, and their effect on legitimate users, make the "cure" as bad as the disease.  I hope Adobe will adopt a less destructive method for protecting their intellectual property.

Until then, this workaround will suffice.  Happy unfiddling and, as always, surf wisely!

Obligatory shoutouts to Foxfire and Warmech.

Links
Return to $2600 Index