If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
|
#1
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off Automatic Updates
I'm sure this How-to Geek article won't change the minds of CCleaner lovers, but here it is: https://www.howtogeek.com/fyi/cclean...pdating-users- who-turned-off-automatic-updates/ That links to "Here's What You Should Use Instead of CCleaner" at https://www.howtogeek.com/361112/her...d-use-instead- of-ccleaner/ -- Stan Brown, Oak Road Systems, Tompkins County, New York, USA http://BrownMath.com/ http://OakRoadSystems.com/ Shikata ga nai... |
#2
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off AutomaticUpdates
On 2018-09-19, Stan Brown wrote:
That links to "Here's What You Should Use Instead of CCleaner" at https://www.howtogeek.com/361112/her...d-use-instead- of-ccleaner/ Do the warnings pertain to the portable version of ccleaner? As far as I can tell that doesn't install anything, it's just a standalone executable. -- ----------------------------------------------------------------------------- Roger Blake (Posts from Google Groups killfiled due to excess spam.) NSA sedition and treason -- http://www.DeathToNSAthugs.com Don't talk to cops! -- http://www.DontTalkToCops.com Badges don't grant extra rights -- http://www.CopBlock.org ----------------------------------------------------------------------------- |
#3
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off Automatic Updates
Roger Blake wrote:
On 2018-09-19, Stan Brown wrote: That links to "Here's What You Should Use Instead of CCleaner" at https://www.howtogeek.com/361112/her...d-use-instead- of-ccleaner/ Do the warnings pertain to the portable version of ccleaner? As far as I can tell that doesn't install anything, it's just a standalone executable. I'd like to know too. So far, mine is the same. Maybe I will need to block all network accesses to CCLeaner for now on? -- Quote of the Week: "Still we live meanly, like ants;... like pygmies we fight with cranes;... Our life is frittered away by detail. Simplify... simplify..." --Henry Thoreau Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly. /\___/\Ant(Dude) @ http://antfarm.home.dhs.org / http://antfarm.ma.cx / /\ /\ \ Please nuke ANT if replying by e-mail privately. If credit- | |o o| | ing, then please kindly use Ant nickname and URL/link. \ _ / ( ) |
#4
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off AutomaticUpdates
Stan Brown wrote:
I'm sure this How-to Geek article won't change the minds of CCleaner lovers, but here it is: https://www.howtogeek.com/fyi/cclean...pdating-users- who-turned-off-automatic-updates/ That links to "Here's What You Should Use Instead of CCleaner" at https://www.howtogeek.com/361112/her...d-use-instead- of-ccleaner/ My CC 5.10.5373 does not call home. |
#5
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off Automatic Updates
Stan Brown wrote:
I'm sure this How-to Geek article won't change the minds of CCleaner lovers, but here it is: https://www.howtogeek.com/fyi/cclean...pdating-users- who-turned-off-automatic-updates/ That links to "Here's What You Should Use Instead of CCleaner" at https://www.howtogeek.com/361112/her...d-use-instead- of-ccleaner/ Sure glad I stuck with (actually went back to) version 5.40. No changes in later versions are needed on Windows 7 and I certainly don't want Avast's adware platform or regenerated tracking cookie. By the way, the EU's GPDR legislation is ****ing over a lot of software authors. One of the latest Windows 7 updates has only do to with changes mandated to be complaint with GPDR. https://redmondmag.com/articles/2018...nce-tools.aspx The EU are idiots: the whole GPDR stupidity is having just the opposite effect. The result is to NOT protect privacy. Software authors can now implement even more data collection which requires users to discover the change to then opt-out from new default settings that divulged them more. Or send an e-mail that notifies of GPDR changes requiring the user to make config changes in their account. Uh huh, like that'll have a 100% correction effect by users. https://www.infosecurity-magazine.co...-improve-data/ https://www.theregister.co.uk/2018/06/25/gdpr_fails/ Yeah, just lock out the EU visitors from your site. That'll really help promote GPDR, uh huh. Sorry, your EU ****ed you over, so goodbye. https://digiday.com/media/everyone-b...falling-short/ |
#6
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off AutomaticUpdates
On 19/09/2018 07:46, VanguardLH wrote:
By the way, the EU's GPDR legislation is ****ing over a lot of software authors. One of the latest Windows 7 updates has only do to with changes mandated to be complaint with GPDR. https://redmondmag.com/articles/2018...nce-tools.aspx Seemingly a Microsoft front-window, nothing useful there supporting your rant. The EU are idiots: the whole GPDR stupidity is having just the opposite effect. The result is to NOT protect privacy. None of the links you give below claim this, and in fact they mostly say the opposite, though there is no shortage of statements that the legislation needs to go further. Software authors can now implement even more data collection which requires users to discover the change to then opt-out from new default settings that divulged them more. Or send an e-mail that notifies of GPDR changes requiring the user to make config changes in their account. Uh huh, like that'll have a 100% correction effect by users. That's not my reading of those links, though they do make it plain that at least some companies are not really trying, and rather than beginning with the spirit of the law and working through their system accordingly, they're trying to obfuscate their present practices sufficiently to make them seem compliant. We don't know how that will pan out for them if/until they start to get fined, and by how much. The purport of the act seems to be similar to one that has already existed in the UK for some time, the Data Protection Act. I have already used (the threat of invoking) this successfully to: * Refuse a corporate parking fine of questionable legality * Force my school to remove me from their begging lists * Forcibly prevent a firm from sending letters to my house addressed to its previous owners. * Force Readers' Digest to remove me from their mailing lists The last must be considered the greatest victory of all - somehow they had tracked me past several house moves across the south of England for at least a decade after I had stopped subscribing. https://www.infosecurity-magazine.co...-improve-data/ https://www.theregister.co.uk/2018/06/25/gdpr_fails/ Yeah, just lock out the EU visitors from your site. That'll really help promote GPDR, uh huh. Sorry, your EU ****ed you over, so goodbye. It's much more likely that any demotion in people's minds will be of such sites rather than of GPDR. What they're effectively saying is: "We don't care sh*t about your privacy!" ... Hardly a selling point. https://digiday.com/media/everyone-b...falling-short/ In many ways the best link. In summary, I'm sure the GDPR isn't perfect, but, over recent decades, the economic power of the EU has tended to ensure that its safety and similar legislation that has become the norm worldwide, so GDPR or something very like it, hopefully an improvement on it, is likely to become a template for other such legislation across the world. Might as well stop ranting and get used to it. |
#7
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off Automatic Updates
"VanguardLH" wrote
| By the way, the EU's GPDR legislation is ****ing over a lot of software | authors. One of the latest Windows 7 updates has only do to with | changes mandated to be complaint with GPDR. | | https://redmondmag.com/articles/2018...nce-tools.aspx I don't get how it's a problem for software authors. If you don't spy on your customers and store the data then you don't have to worry. If MS were not collecting data that's none of their business then they wouldn't have to worry. Your link explains that they have to worry with Win10 because they're the "data controller" who's collecting surveillance data from customers. So the law says they have to protect that data, they can be fined if they don't, and customers have a right to demand that the data be erased. Isn't that good? And if you read the Register article you'll see the sites blocking EU are American companies. Why should Dick's Sporting Goods or Pottery Barn get involved if they don't have enough EU customers to justify it? That doesn't make the law bad. It just highlights our lack of protection in the US. What's worse is sites that say, "Hi! Happy to see you... as long as you agree to this thing that signs away your rights." I'm periodically getting a page at npr.org that tells me to choose between a page with a handful of links to plain-text stories or giving them permission to spy on me. A non-profit news outlet! Yet they demand the right to spy. And this is an American visiting a US site. I don't know what I'd see if I allowed javascript. As it stands now, I only see that page about once per week. (And of course I can't agree, even if I wanted to, without javascript.) The rest of the time the site works. So I'm guessing that they're experimenting with options. Another increasing problem is sites that put their content in javascript, so that their pages just won't work at all unless you allow them to use all the spy tool javascript provides. Script, as it's used today, fundamentally changes the nature of a webpage. A passive publication becomes dynamic software. (Anyone who doesn't know about that... try visiting this site with js enabled and without: https://panopticlick.eff.org/) The GPDR does seem to be unnecessarily complicated, but it provides important things like requirements to implement good anonymization of data. What's really needed is two things: 1) Fully opt-in for any data collection, without penalty for opt-out. 2) Outlaw cross-site spying, like Google Tag Manager, which allows fully ID-ing and tracking people online and goes against the original spirit of the Internet. (Cookies were supposed to be restricted to the site visited.) Any effort to share surveillance of visitors with other companies, even an advertising company, should be illegal. Let them collect data the old- fashioned way, by offering some kind of reward for completing a survey. Here's one example of only one of many ways that Google spies on people who aren't visiting their domains: https://www.lunametrics.com/blog/201...ng-real-users/ There needs to be public recognition that corporate spying on people in civil society is not allowed. Period. When and if that kind of law might happen? It certainly doesn't look good. Wired has a very interesting article, published recently, about how tech companies are trying to hijack California's already modest, proposed law: https://www.wired.com/story/why-cali...ook-or-google/ |
#8
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off Automatic Updates
Mayayana wrote:
I don't get how [GPDR] a problem for software authors. It's a nuisance to them. It is a problem for the users. Authors have to push a new version to be GDPR compliant. Users get a new version with the defaults set to divulge their information with opt-out settings. The GPDR does not mandate the authors default to opt-in, so some can add more options or change old ones that require the user to opt-out to increase their privacy. For example, Microsoft, Avast, and many other software programs have logistics collection sometimes called community reporting or some other euphemism. It lets the authors know how their programs or services are being used. Yep, you could opt-out but you were initially and covertly opted in by default. GPDR doesn't stop authors/owners from adding even more collection methods but it states the user must opt-in, not have to sometime later upon discovery to opt-out. Alas, GPDR does not require opt-in when the user has already consented. When you open an account at a site or establish any business or interaction with a site, you're supposed to have already read their TOS and privacy terms. Establishing a relationship means you grant them to contact you, which opens the door to them spamming you. There's a whole mess going on regarding spam and GPDR. Of course, that only affects EU citizens since the US and other countries are not part of the EU. What's worse is sites that say, "Hi! Happy to see you... as long as you agree to this thing that signs away your rights." Yep, their property (the web site), so they can dictate anything that remains contractionally legal for them. GPDR only mandates the user be informed although the information can be buried where most users cannot find it or won't bother to look. The GPDR does not ban any author (software or web) from collecting information on you whether it be generic (they're not identifying you but instead just collecting statistics) or specific. GPDR only requires the user/visitor be informed. Silent or covert opt-in is not allowed by GPDR. I'm periodically getting a page at npr.org that tells me to choose between a page with a handful of links to plain-text stories or giving them permission to spy on me. They aren't spying. They are collecting metrics on how you are using THEIR property. They aren't spying on YOU. They are seeing how their property is getting used. A car rental agency checking the mileage on THEIR car upon you returning it to them is not them spying on you. It's them checking how their property got used. I visited npr.org with Javascript disabled (which is presumably why they present you with non-dynamic content). As I recall, you have Javascript disabled by default. With Javascript disabled, http://npr.org won't take you to their https://npr.org site. In uBlock Origin, the only domain allowed to deliver content was npr.org. In uMatrix, I block all 3rd-party content but allow all 1st party content except scripting by default. Couldn't get the popup you mentioned. Most sites have a Terms of Service or separate Privacy Policy page and that makes them GPDR compliant. That users don't bother to read those pages is their choice for not being active in protecting their privacy. Sounds like NPR is GPDR complaint if they are showing you popups to their text-only site. They are informing you and letting you opt-out rather than covertly opting you in. Since they, like many sites, have TOS or privacy policy pages, that may be all they need to be GPDR compliant. However, you think web surfing would be convenient if every site upon visiting them first redirected you to the TOS or Privacy Policy page as their home page? Of course, there is https://text.npr.org/. Have fun there. GPDR is only protecting its EU citizenry. International web sites (those that have a regional presence, not just that some user can reach them across the oceans) are now creating different content based on region. For example: USA Today EU site Size: 500KB javascript: 0 US site: Size: 5.2MB javascript: 124 scripts Remember when it was a bitch visiting sites because they rendered differently depending on which web browser you used to visit the sites (by the way, Google is becoming the new Internet Explorer for just that reason)? Now we're getting into the same mess with GPDR. NPR went hardcore and has their text-only site (text.npr.org) to be GPDR compliant; however, did you find that site as easy to navigate or read? Not sure how you are setup to get NPR to issue prompts about using their text-only site. If you give some clues, I can try to simulate. Like those good old days of having to decide which web browser to use when visiting a site depending on how you want it rendered, now we're getting differentiation between EU and non-EU sites. Oh joy. The Chinese already know that joy: the Great Firewall Of China. Another increasing problem is sites that put their content in javascript, so that their pages just won't work at all unless you allow them to use all the spy tool javascript provides. Script, as it's used today, fundamentally changes the nature of a webpage. A passive publication becomes dynamic software. Yep, their content so they decide what, if anything, you can view of theirs. Old-timers think they are entitled to free content because that's the way it was long ago (by the way, I'm an old-timer, too). They can block based on IP address of the visitor. BBC has been using that for a long time to keep non-UK visitors from seeing some content at their site. Many sites won't present all of their content unless you create an account with them. None of that has anything to do with GPDR. You are complaining that content is becoming more dynamic over an electronic venue rather than remaining static, like books printed on paper. Nothing to do with privacy. Just you reminiscing about the good old days of static content. The GPDR does seem to be unnecessarily complicated, Actually the biggest complaint I've seen so far by site owners is that it is too vague. That's how law works: it cannot be written for every conceivable case but gets modified over time to adapt to what actually happens. However, these type of "laws" or regulations often stay static for decades. Here's one example of only one of many ways that Google spies on people who aren't visiting their domains: https://www.lunametrics.com/blog/201...ng-real-users/ Ever notice how many sites no longer produce their own specialty fonts, don't use a limited set of fonts that most of their visitors are likely to have already available in their OS, and are using Google's fonts? The redirection to Google's fonts lets Google track who used their fonts, at which site, using which web browser, and when. Programmers are taught not to rebuild the same code if they can use a pre-built library. Same for fonts. While the fonts could be embedded (copied) to the site, that requires further management of the server's resources, so web devs just link to Google's fonts to get them from there. Google isn't the only one providing fonts to sites through redirection, so other font houses can also just as easily track who is using their fonts from where and when; however, they are the huge data collector of Google. https://developers.google.com/fonts/faq So even with you disabling Javascript and using various ad/content blockers, you can still get tracked when a site uses someone else's font library. Well, actually when a site utilizes anyone's resource external to the site to which the client must connect. I've seen this in practice. Some fonts are graphics, like arrows or special images. Sites will use them rather than design their own image, save in a file, and deliver from their server. Instead they use Google Fonts to pick a charset with the cutsy image-like characters. My pharmacy is one of those. When you visit their login page, and if external font loading is blocked, you see weird characters and don't know what to do on that page. With external font resources unblocked, the goofy chars turn into arrows or other chars that make the page understandable. This became apparent when I configured uBlock Origin to block remote fonts. All of a sudden a lot of web pages were hard or impossible to figure out how to use. https://github.com/gorhill/uBlock/wi...o-remote-fonts So just who is supposed to inform a visitor per GPDR requirements that they may be tracked by fonts? Is the site going to interrupt your visit with a prompt saying a 3rd party (perhaps Google if the site is using their fonts or someone else if using other external fonts) /might/ collect information about the visitor at that site or can they not bother at all because the one doing the actual tracking is not the site but whomever is providing the font library used by the site? It's not just fonts as external resources used by a site that could be used to track. Anyone providing resources commonly employed at many sites can do similar tracking; however, mostly likely that is them doing metrics measuring of how their property is getting used but there is the potential for tracking of users. Would you bother [re]visiting a site that prompted you on every external resource they use at their site that the external resource might collect metrics which could possibly be used to track you? How many dozens or hundreds of prompts would you have to get through before you could view the site? And do that on every visit to the site? Sites just don't realize how all those external resource they employ could be used to track their users. Protonmail (outside US and EU jurisdiction) uses web fonts at their site (in this case, Google's). Of course, ProtonMail service is only to protect the content of your e-mails, not from getting tracked by them, Google, or anyone else when using ProtonMail's web site which is outside the scope regarding the content of your e-mails or to whom they are delivered. |
#9
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off Automatic Updates
VanguardLH wrote:
Mayayana wrote: I don't get how [GPDR] a problem for software authors. It's a nuisance to them. It is a problem for the users. Authors have to push a new version to be GDPR compliant. Nope. They only have to inform the user if they were/are collecting *personal* information (i.e. things like name, e-mail address, address, phone number, age, sex, etc.,etc.). *If* they've been collecting such information, it most likely includes the user's e-mail address, so they can just send e-mail, no need for a new version of the software. And that's exactly what's happening. I've received many such e-mails. [...] For example, Microsoft, Avast, and many other software programs have logistics collection sometimes called community reporting or some other euphemism. It lets the authors know how their programs or services are being used. Yep, you could opt-out but you were initially and covertly opted in by default. GPDR doesn't stop authors/owners from adding even more collection methods but it states the user must opt-in, not have to sometime later upon discovery to opt-out. The GPDR is about *personal* information, not about anonymous/ anonymized statistical/usage data. Alas, GPDR does not require opt-in when the user has already consented. Nonsense. When you open an account at a site or establish any business or interaction with a site, you're supposed to have already read their TOS and privacy terms. Establishing a relationship means you grant them to contact you, which opens the door to them spamming you. There's a whole mess going on regarding spam and GPDR. Of course, that only affects EU citizens since the US and other countries are not part of the EU. Allowing a 'relation' to *contact* you is a seperate issue. It does *not* mean that you've implicitly given consent to their past TOS, etc.. Actually the GDPR *mandates* that - as of May 25, 2018 - the relation must explicitly ask *again* for any and all consent. And, as I've said above, that's exactly what they're doing. Before and after May 25, I/everybody got many, many of such requests-for-consent. What's worse is sites that say, "Hi! Happy to see you... as long as you agree to this thing that signs away your rights." Yep, their property (the web site), so they can dictate anything that remains contractionally legal for them. GPDR only mandates the user be informed although the information can be buried where most users cannot find it or won't bother to look. Nope, the information can *not* be "buried". The GPDR does not ban any author (software or web) from collecting information on you whether it be generic (they're not identifying you but instead just collecting statistics) or specific. GPDR only requires the user/visitor be informed. Silent or covert opt-in is not allowed by GPDR. Correct, so why do you say/imply otherwise in your earlier text? [Non GDPR stuff deleted.] |
#10
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off AutomaticUpdates
On 09/18/2018 08:36 PM, Stan Brown wrote:
I'm sure this How-to Geek article won't change the minds of CCleaner lovers, but here it is: https://www.howtogeek.com/fyi/cclean...pdating-users- who-turned-off-automatic-updates/ That links to "Here's What You Should Use Instead of CCleaner" at https://www.howtogeek.com/361112/her...d-use-instead- of-ccleaner/ I like the built in Windows 10 cleaner they have now, but it's just not comprehensive like CC. I like to flush my browsers and a few other things now and then. And yes to keep the old version. |
#11
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off Automatic Updates
On Tue, 18 Sep 2018 20:36:00 -0400, Stan Brown wrote:
I'm sure this How-to Geek article won't change the minds of CCleaner lovers, but here it is: https://www.howtogeek.com/fyi/cclean...pdating-users- who-turned-off-automatic-updates/ No silent updates on my end... -- s|b |
#12
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off AutomaticUpdates
On 09/20/2018 04:14 PM, s|b wrote:
On Tue, 18 Sep 2018 20:36:00 -0400, Stan Brown wrote: I'm sure this How-to Geek article won't change the minds of CCleaner lovers, but here it is: https://www.howtogeek.com/fyi/cclean...pdating-users- who-turned-off-automatic-updates/ No silent updates on my end... What version are you? |
#13
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off Automatic Updates
On Thu, 20 Sep 2018 16:57:26 -0400, Big Al wrote:
What version are you? 5.46 portable. I used Privatefirewall to block it though. Anyway, funny thing just happened when I turned on my PC. CCleaner apparently crashed and then Windows warned me my antivirus wasn't active. No panic, it happens sometimes.I use Avast Free Antivirus, so I clicked on the icon and got an option to restart the service. Didn't get to activate it until I noticed the (broken) icon of CCleaner in systray. I hovered over it with my mouse pointer, it disappeared and suddenly I was able to restart Avast... And yet, somehow I don't feel that safe anymore... :-o -- s|b |
#14
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off Automatic Updates
FredW wrote:
On Thu, 20 Sep 2018 22:14:38 +0200, "s|b" wrote: On Tue, 18 Sep 2018 20:36:00 -0400, Stan Brown wrote: I'm sure this How-to Geek article won't change the minds of CCleaner lovers, but here it is: https://www.howtogeek.com/fyi/cclean...pdating-users- who-turned-off-automatic-updates/ No silent updates on my end... My 5.40 portable (!) tried to phone home (never done before). It showed in my firewall (asking permission) and I blocked. End of CCleaner for me. Yeah, mine phoned home too. -- Quote of the Week: "Still we live meanly, like ants;... like pygmies we fight with cranes;... Our life is frittered away by detail. Simplify... simplify..." --Henry Thoreau Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly. /\___/\Ant(Dude) @ http://antfarm.home.dhs.org / http://antfarm.ma.cx / /\ /\ \ Please nuke ANT if replying by e-mail privately. If credit- | |o o| | ing, then please kindly use Ant nickname and URL/link. \ _ / ( ) |
#15
|
|||
|
|||
CCleaner Is Silently Updating Users Who Turned Off Automatic Updates
Stan Brown
https://www.howtogeek.com/fyi/cclean...matic-updates/ That links to "Here's What You Should Use Instead of CCleaner" at https://www.howtogeek.com/361112/her...d-of-ccleaner/ I'm late to the party, so I read this first: https://www.howtogeek.com/fyi/ccleaner-is-silently-updating-users-who-turned-off-automatic-updates/ Which said: - Even if users opt out of automatic updates, they're happening anyway - Piriform is "gathering anonymized information about the user" - The way to tell is to check the version number - I just checked mine, which is not portable, which is "v5.39.6399" - The article says it happens at and after version 5.46 - Privacy settings revert to the default, which sends usage data The original forum thread discusses earlier versions having the problem, but the summary article fixes the problem at 5.46 and above. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|