If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
EaseUS Todo HQ
I like this backup software and used the free version a few times before
I decided to pay for a licensed version when they offered a special discount on it. Then I realized something I wasn't aware befo EaseUS looks like a Chinese product because of the confirmation mail I received from "CHENGDU YIWO Tech Development Co., Ltd." Am I wrong? Does anybody know more about this company? I hesitate to use any software that is developed in China or Russia, the home of many of the worst hackers. And what would make the ideal Trojan Horse on a PC than a backup software? I started to be suspicious when I saw that extreme long period between executing the program and the pop-up of the GUI. Could that time be used by the software to get a snapshot of the system and "call home" with it? Tell me it ain't so and I am just paranoid. |
Ads |
#2
|
|||
|
|||
EaseUS Todo HQ
cameo wrote on 8/21/2015 1:16 PM:
I like this backup software and used the free version a few times before I decided to pay for a licensed version when they offered a special discount on it. Then I realized something I wasn't aware befo EaseUS looks like a Chinese product because of the confirmation mail I received from "CHENGDU YIWO Tech Development Co., Ltd." Am I wrong? Does anybody know more about this company? I hesitate to use any software that is developed in China or Russia, the home of many of the worst hackers. And what would make the ideal Trojan Horse on a PC than a backup software? I started to be suspicious when I saw that extreme long period between executing the program and the pop-up of the GUI. Could that time be used by the software to get a snapshot of the system and "call home" with it? Tell me it ain't so and I am just paranoid. If you're looking for free, Macrium Reflect is good. I used EaseUS free and as much as it worked, I liked Macrium better. However if I pay, I use Acronis True Image. I have 2013 &14 spread over 3 machines. |
#3
|
|||
|
|||
EaseUS Todo HQ
cameo wrote:
I like this backup software and used the free version a few times before I decided to pay for a licensed version when they offered a special discount on it. Then I realized something I wasn't aware befo EaseUS looks like a Chinese product because of the confirmation mail I received from "CHENGDU YIWO Tech Development Co., Ltd." Am I wrong? Does anybody know more about this company? If you are afraid of any software that is distributed from countries other than your own then you need to stop using computers. There are a lot more countries than your own that develop software. It's not the country you need to be concerned about. It's who produced the software and that could be the USA, Germany, or even your own. Badware, spyware, and malware comes from everywhere. I hesitate to use any software that is developed in China or Russia, the home of many of the worst hackers. Those would be in the USA. There's a web site for them (blackhats.com) end they even have annual conventions in the USA and Europe and Pwn2Own contests. Haven't bothered with learning to history of where they originally started but looks to be global now. Same for CanSecWest and the Pwn2Own contests. Easeus is a good company. Yes, they are Chineseware. So are other products that I use. I also use Russianware, Australianware, Americanware, Czechware, Germanware, Communityware, and even some UnknownAuthorCountryware. And what would make the ideal Trojan Horse on a PC than a backup software? That would be any executable you run on your computer. I started to be suspicious when I saw that extreme long period between executing the program and the pop-up of the GUI. Could that time be used by the software to get a snapshot of the system and "call home" with it? Tell me it ain't so and I am just paranoid. You are paranoid. You are also lazy in that you don't do your own online research to see if a product has established itself or to review a company profile. Go visit the alt.comp.os.windows-10 newsgroup. Other countries are concerned about their privacy laws getting violated by Microsoft. Users are concerned about their privacy and personal data getting collected by Microsoft. There are new tools showing up to more easily configure Windows 10 so users are more secure. Users have been adding some Microsoft sites to their 'hosts' file to thwart tracking yet Microsoft has hardcoded the IP addresses of many of their sites into Windows so their is no DNS lookup so there is no check of the 'hosts' file (i.e., all DNS lookup is bypassed) since Windows XP (don't know about Win2000). Yet I bet you trust Microsoft. The only way to be safe[er] is to be an educated user. That requires proactive research: learn before using. |
#4
|
|||
|
|||
EaseUS Todo HQ
Paul wrote:
cameo wrote: I like this backup software and used the free version a few times before I decided to pay for a licensed version when they offered a special discount on it. Then I realized something I wasn't aware befo EaseUS looks like a Chinese product because of the confirmation mail I received from "CHENGDU YIWO Tech Development Co., Ltd." Am I wrong? Does anybody know more about this company? I hesitate to use any software that is developed in China or Russia, the home of many of the worst hackers. And what would make the ideal Trojan Horse on a PC than a backup software? I started to be suspicious when I saw that extreme long period between executing the program and the pop-up of the GUI. Could that time be used by the software to get a snapshot of the system and "call home" with it? Tell me it ain't so and I am just paranoid. Details are in Wikipedia. 200 employees. https://en.wikipedia.org/wiki/EaseUS It's a little late to be asking the question now, if you've already installed the software. I have two "freebie" programs fro EaseUS. One had OpenCandy (a delivery vehicle for adware), OpenCandy is not a delivery vehicle for adware. It is, as you say, adware itself. If you research what is OpenCandy, it is a means to advertize other software. Rather than include bundleware with a program (which *is* delivery of other software which may or may not itself be adware), OpenCandy does not include the bundleware but offers to download it for you *if and only if* YOU decide. It allows the sofware author to recoup some of their costs by advertizing other software. This really isn't something new with freeware as many if not most freeware includes bundleware or offers it via link as with OpenCandy. OpenCandy only runs when the installer runs. It is a lib that is attached to the installer code so it only runs during the install. After the install completes, OpenCandy isn't around anymore (except in the case the installer crashed or did not perform proper post-cleanup). In case OpenCandy's lib gets left behind (worthless unless called by the installer), they even provide a clean-up tool to eliminate the unusable file space consumed by their dev plug-in. Those claiming OpenCandy is malware are running around with deliberate blindfolds (they refuse to learn what is OpenCandy) yelling "the sky is falling, the sky is falling". OpenCandy is not worse (or, conversely, is just as bad) than bundleware included with software, some of which may come from the author themself of the program you want to install. Only boobs select the default or typical install choice. Always, when available, use the custom install choice and even then make damn sure to actually read the dialogs presented by the installer program. Usually bundleware is opted in by default so the user needs to opt out of that crap. Same for OpenCandy: read the installer dialogs and do NOT select any of the offered crapware. OpenCandy eliminates bloating the size of the installer by not including the bundleware with the installer. There is the size of the OpenCandy library file that the installer calls for what is currently offered as the "bundle" but it's pretty small compared to bundleware for actual programs included with the installer. OpenCandy is a plug-in to the installer. Are you always running the installer? Just go read http://opencandy.com/faqs/. If you don't believe them to be truthful then go do your own independent research on how OpenCandy works, run your own network monitors to see where OpenCandy connects during an install (at the point, usually at the end, in the install where the installer program calls the OpenCandy plug-in) and then watch after the install for similar connections (which won't happen unless you are again running another installer that incorporates the OpenCandy plug-in). Fearmongering about OpenCandy reminds of every few years someone again writes up about the evil of Flash cookies despite Flash itself lets you configure it NOT to allow the creation of .sol cookie files and you can disable or prompt for use of local storage when a site requests it. If you use cookie cleaners then make sure not to delete the settings.sol cookie file (i.e., don't go wiping all .sol files) because that is where your settings are retained so Flash can comply to your choices. I had to tell the CCleaner author to stop deleting this cookie so Flash would actually obey my settings for Flash. When the installer calls the OpenCandy, just say no to the offers. Same goes for when software (not always freeware) comes with bundleware (usually opted in): just say no. You actually have to read the installer dialogs to say no. Opting in, by default, denigrates the bundleware or offers to foistware. This bundling issue would not be a problem if installers always opted out by default. I've seen some of those but so few and infrequently that I can't remember which ones opted out by default. "We guarantee that all app recommendations are optional and you may choose to accept, decline, or uninstall any app at any time." I'm not sure how they can guarantee an install of an accidentally (usually lazily) accepted offer. It's not their software that got installed as the offer. Accept and decline are the only actions they can guarantee that users will have a choice. They question is whether they default to opt-in or opt-out. As I recall from some dev discussion, defaulting to opt-in or opt-out was the installer program author's choice. To clarify, only the installer program is adware if it incorporates the plug-in to call the OpenCandy lib. The main program is not necessarily adware (that it is adware is independent of whether OpenCandy was used or not when its installer ran). So you get a bloated installer that includes the bundleware or you get a smaller installer that phones home to determine what are the offers du jour. By the way, OpenCandy isn't the only one that reduces the size of the installer by not including the bundleware but only offering it to you. All those installers that push Google Chrome do not include the installer for that program. They provide the web installer to reduce size. So the authors shoving Google Chrome in your face are including someone else's web installer. Even if OpenCandy is included in an installer, and if you are deathly afraid that you will not choose a custom install or cannot say no to the offers of bundleware (installed separately), you can easily disable OpenCandy. Just don't let your computer connect to OpenCandy's servers. You can add entries in your 'hosts' file. If the OpenCandy plug-in called by the installer cannot connect to the servers then it cannot present any offers from there. You can use the /NOCANDY command-line switch when you run the OpenCandy-enabled installer but I have seen where the author ****ed up and didn't use the command-line arguments to prevent it from calling the OpenCandy lib. If you block *.opencandy.com in your firewall then you never have to be concerned whether or not a program's installer used OpenCandy. This info comes from OpenCandy themself. If you want to complain about the use of OpenCandy then complain to the author of the program's installer that uses the OpenCandy plug-in. In the same vein, complain to the author about bundleware if the author made it foistware by opting in to all that crap. A restaurant manager won't know about bad food or bad service unless you tell him. From what I've seen of OpenCandy, so far, it is no worse (and actually better) than authors that bloat their installers with bundleware and especially have it opted in by default. After all, bundleware is also advertizing another product to receive monetary reward to offset the author's costs. I have not done a survey but it seems from personal experience that most installers are adware. |
#5
|
|||
|
|||
EaseUS Todo HQ
On 8/21/15 1:49 PM, VanguardLH wrote:
cameo wrote: snip I also use Russianware, Australianware, Americanware, Czechware, Germanware, Communityware, and even some UnknownAuthorCountryware. How about Tupperware???????? G Sorry, VanguardLK, I just couldn't resist that! LOL snip The only way to be safe[er] is to be an educated user. That requires proactive research: learn before using. Agreed. One of the possible outcomes could be switching to Mac or some flavor of Linux. Not touting either over Windows, just don't discard either out of hand. It all depends on how you use your system. -- Ken Mac OS X 10.8.5 Firefox 36.0.4 Thunderbird 31.5 "My brain is like lightning, a quick flash and it's gone!" |
#6
|
|||
|
|||
EaseUS Todo HQ
cameo wrote on 08/21/2015 1:16 PM:
I like this backup software and used the free version a few times before I decided to pay for a licensed version when they offered a special discount on it. Then I realized something I wasn't aware befo EaseUS looks like a Chinese product because of the confirmation mail I received from "CHENGDU YIWO Tech Development Co., Ltd." Am I wrong? Does anybody know more about this company? I hesitate to use any software that is developed in China or Russia, the home of many of the worst hackers. And what would make the ideal Trojan Horse on a PC than a backup software? I started to be suspicious when I saw that extreme long period between executing the program and the pop-up of the GUI. Could that time be used by the software to get a snapshot of the system and "call home" with it? Tell me it ain't so and I am just paranoid. CHENGDU Yiwo Tech Development Co., Ltd. (" Yiwo ") Address: 12 F, Building 1, Idealism Center, No. 38 Tian Yi Street, Hi-tech Zone, Chengdu, Sichuan Province, China Any information sent to Yiwo, with the exception of credit card numbers, will be deemed NOT CONFIDENTIAL. You grant Yiwo an unrestricted, irrevocable license to display, use, modify, perform, reproduce, transmit, and distribute any information you send Yiwo, for any and all commercial and non-commercial purposes. You also agree that Yiwo is free to use any ideas, concepts, or techniques that you send Yiwo for any purpose, including, but not limited to, developing, manufacturing, and marketing products that incorporate such ideas, concepts, or techniques. -- ...winston msft mvp windows experience |
#7
|
|||
|
|||
EaseUS Todo HQ
On Fri, 21 Aug 2015 17:01:51 -0600 "Ken Springer"
wrote in article mr8aks$3ro$1 @news.albasani.net Agreed. One of the possible outcomes could be switching to Mac or some flavor of Linux. Those systems are far from invulnerable. Look at the weekly CERT bulletin for proof. |
#8
|
|||
|
|||
EaseUS Todo HQ
On 8/21/2015 12:16 PM, cameo wrote:
I like this backup software and used the free version a few times before I decided to pay for a licensed version when they offered a special discount on it. Then I realized something I wasn't aware befo EaseUS looks like a Chinese product because of the confirmation mail I received from "CHENGDU YIWO Tech Development Co., Ltd." Am I wrong? Does anybody know more about this company? I hesitate to use any software that is developed in China or Russia, the home of many of the worst hackers. And what would make the ideal Trojan Horse on a PC than a backup software? I started to be suspicious when I saw that extreme long period between executing the program and the pop-up of the GUI. Could that time be used by the software to get a snapshot of the system and "call home" with it? Tell me it ain't so and I am just paranoid. I used their "Partiton Master" to partition my hard drive ---it worked fine |
#9
|
|||
|
|||
EaseUS Todo HQ
VanguardLH wrote on 08/21/2015 16:32 ET :
Paul wrote: cameo wrote: I like this backup software and used the free version a few times before I decided to pay for a licensed version when they offered a special discount on it. Then I realized something I wasn't aware befo EaseUS looks like a Chinese product because of the confirmation mail I received from "CHENGDU YIWO Tech Development Co., Ltd." Am I wrong? Does anybody know more about this company? I hesitate to use any software that is developed in China or Russia, the home of many of the worst hackers. And what would make the ideal Trojan Horse on a PC than a backup software? I started to be suspicious when I saw that extreme long period between executing the program and the pop-up of the GUI. Could that time be used by the software to get a snapshot of the system and "call home" with it? Tell me it ain't so and I am just paranoid. Details are in Wikipedia. 200 employees. https://en.wikipedia.org/wiki/EaseUS It's a little late to be asking the question now, if you've already installed the software. I have two "freebie" programs fro EaseUS. One had OpenCandy (a delivery vehicle for adware), OpenCandy is not a delivery vehicle for adware. It is, as you say, adware itself. If you research what is OpenCandy, it is a means to advertize other software. Rather than include bundleware with a program (which *is* delivery of other software which may or may not itself be adware), OpenCandy does not include the bundleware but offers to download it for you *if and only if* YOU decide. It allows the sofware author to recoup some of their costs by advertizing other software. This really isn't something new with freeware as many if not most freeware includes bundleware or offers it via link as with OpenCandy. OpenCandy only runs when the installer runs. It is a lib that is attached to the installer code so it only runs during the install. After the install completes, OpenCandy isn't around anymore (except in the case the installer crashed or did not perform proper post-cleanup). In case OpenCandy's lib gets left behind (worthless unless called by the installer), they even provide a clean-up tool to eliminate the unusable file space consumed by their dev plug-in. Those claiming OpenCandy is malware are running around with deliberate blindfolds (they refuse to learn what is OpenCandy) yelling "the sky is falling, the sky is falling". OpenCandy is not worse (or, conversely, is just as bad) than bundleware included with software, some of which may come from the author themself of the program you want to install. Only boobs select the default or typical install choice. Always, when available, use the custom install choice and even then make damn sure to actually read the dialogs presented by the installer program. Usually bundleware is opted in by default so the user needs to opt out of that crap. Same for OpenCandy: read the installer dialogs and do NOT select any of the offered crapware. OpenCandy eliminates bloating the size of the installer by not including the bundleware with the installer. There is the size of the OpenCandy library file that the installer calls for what is currently offered as the "bundle" but it's pretty small compared to bundleware for actual programs included with the installer. OpenCandy is a plug-in to the installer. Are you always running the installer? Just go read http://opencandy.com/faqs/. If you don't believe them to be truthful then go do your own independent research on how OpenCandy works, run your own network monitors to see where OpenCandy connects during an install (at the point, usually at the end, in the install where the installer program calls the OpenCandy plug-in) and then watch after the install for similar connections (which won't happen unless you are again running another installer that incorporates the OpenCandy plug-in). Fearmongering about OpenCandy reminds of every few years someone again writes up about the evil of Flash cookies despite Flash itself lets you configure it NOT to allow the creation of .sol cookie files and you can disable or prompt for use of local storage when a site requests it. If you use cookie cleaners then make sure not to delete the settings.sol cookie file (i.e., don't go wiping all .sol files) because that is where your settings are retained so Flash can comply to your choices. I had to tell the CCleaner author to stop deleting this cookie so Flash would actually obey my settings for Flash. When the installer calls the OpenCandy, just say no to the offers. Same goes for when software (not always freeware) comes with bundleware (usually opted in): just say no. You actually have to read the installer dialogs to say no. Opting in, by default, denigrates the bundleware or offers to foistware. This bundling issue would not be a problem if installers always opted out by default. I've seen some of those but so few and infrequently that I can't remember which ones opted out by default. "We guarantee that all app recommendations are optional and you may choose to accept, decline, or uninstall any app at any time." I'm not sure how they can guarantee an install of an accidentally (usually lazily) accepted offer. It's not their software that got installed as the offer. Accept and decline are the only actions they can guarantee that users will have a choice. They question is whether they default to opt-in or opt-out. As I recall from some dev discussion, defaulting to opt-in or opt-out was the installer program author's choice. To clarify, only the installer program is adware if it incorporates the plug-in to call the OpenCandy lib. The main program is not necessarily adware (that it is adware is independent of whether OpenCandy was used or not when its installer ran). So you get a bloated installer that includes the bundleware or you get a smaller installer that phones home to determine what are the offers du jour. By the way, OpenCandy isn't the only one that reduces the size of the installer by not including the bundleware but only offering it to you. All those installers that push Google Chrome do not include the installer for that program. They provide the web installer to reduce size. So the authors shoving Google Chrome in your face are including someone else's web installer. Even if OpenCandy is included in an installer, and if you are deathly afraid that you will not choose a custom install or cannot say no to the offers of bundleware (installed separately), you can easily disable OpenCandy. Just don't let your computer connect to OpenCandy's servers. You can add entries in your 'hosts' file. If the OpenCandy plug-in called by the installer cannot connect to the servers then it cannot present any offers from there. You can use the /NOCANDY command-line switch when you run the OpenCandy-enabled installer but I have seen where the author ****ed up and didn't use the command-line arguments to prevent it from calling the OpenCandy lib. If you block *.opencandy.com in your firewall then you never have to be concerned whether or not a program's installer used OpenCandy. This info comes from OpenCandy themself. If you want to complain about the use of OpenCandy then complain to the author of the program's installer that uses the OpenCandy plug-in. In the same vein, complain to the author about bundleware if the author made it foistware by opting in to all that crap. A restaurant manager won't know about bad food or bad service unless you tell him. From what I've seen of OpenCandy, so far, it is no worse (and actually better) than authors that bloat their installers with bundleware and especially have it opted in by default. After all, bundleware is also advertizing another product to receive monetary reward to offset the author's costs. I have not done a survey but it seems from personal experience that most installers are adware. Yesterday, I downloaded and installed EaseUS Partition Master. Nice software. Since then my + - 1 Mbps bandwidth was its peak, + - 140 KB/s. My connection isnīt symettrical, so, the download bandwidh is higher than the upload bandwidth. This peak of 140 KB/s is the maximum *download* bandwidth (usually this level is recorded when Iīm using Netflix). Iīve found that some application had 11 open connections to 69.16.175.10 at port 80. I killed the EaseUS installer task, which was still active after the installation, and the bandwith returned to normal. I didnīt restarted the machine yet. Thereīs no a website answering at port 80 in 69.16.175.10. I googled around and discovered that this IP is suspicious. Whatever they did, they were *uploading* something to my computer. Just in case, I adjusted Avast firewall to ask about all traffic by EaseUS software. I started the partition manager again and the bandwidth usage remained low. |
#10
|
|||
|
|||
EaseUS Todo HQ
cameo wrote on 8/21/2015 1:16 PM:
I like this backup software and used the free version a few times before I decided to pay for a licensed version when they offered a special discount on it. Then I realized something I wasn't aware befo EaseUS looks like a Chinese product because of the confirmation mail I received from "CHENGDU YIWO Tech Development Co., Ltd." Am I wrong? Does anybody know more about this company? I hesitate to use any software that is developed in China or Russia, the home of many of the worst hackers. And what would make the ideal Trojan Horse on a PC than a backup software? I started to be suspicious when I saw that extreme long period between executing the program and the pop-up of the GUI. Could that time be used by the software to get a snapshot of the system and "call home" with it? Tell me it ain't so and I am just paranoid. Backup software should allow you to make a boot recovery CD. I've used Macrium. With the boot CD, you could unplug the Ethernet cable, boot and make your backups if you think the program is phoning home. Doesn't solve the paranoid aspect of it, rather just confirms you're paranoid :-) |
Thread Tools | |
Display Modes | Rate This Thread |
|
|