Free software is the Devil, not

Discussion in 'other software & services' started by Mrkvonic, Apr 11, 2015.

  1. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,694
    Are you worried about the security of your shi ... This is a sort of a response to an article on the dangers of using free software by Howtogeek, including status report and reasons for the prevalence of bundled spyware and adware on download portals, as well as useful tips and tricks for safe software installations - careful testing, isolation, virtualization, backup, imaging, Noscript, user agent faking, Linux, and more. Worry not, read on.

    http://www.dedoimedo.com/computers/free-apps-response.html


    Cheers,
    Mrk
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Always good to see common sense prevail over nonsense.
     
  3. aztony

    aztony Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    547
    Location:
    USA Southwest
    While I don't subscribe to the notion that all freeware is evil, users of freeware should be aware there is no such thing as a free lunch in the business world. There is a always cost involved. The price will either be transparent and up front, or obscure on the back-end, which the average user is oblivious. When using freeware due diligence is a must.
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,694
    When using *ware, due diligence is a must.
    Mrk
     
  5. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    It's the same issue with artist/creators of all types (movies, music, writing, drawing/painting, animation, software dev, etc), while having the freedoms of the internet, still have a hard time making a living. So if you want to make something with quality, some real soul put into it, you're still going to be struggling for the resources of whatever the creation requires. For every one that lives comfortably, thousands never, and even abandon their work, or at best, put it as a back burner hobby.

    The general consumer mindset of free anything, is that there shouldn't be any expectations of quality one way or another. "What do you expect? It's free." So if a thing is junk, the critic can't comment because it's free. But yet too, if it's quality, people then also can have a hypervigilant defense against it too, with a "Well, what's the catch?".

    But now that we have computers and the internet, the tools to easily copy and distribute to anyone on the planet- free is king in my book. But the idea that anyone but a very few will make money off of their ideas or creations, well, that's just life.
     
  6. wildman

    wildman Registered Member

    Joined:
    Feb 18, 2004
    Posts:
    2,179
    Location:
    Home on the range.
    Just my thoughts but it makes good business seance to me to offer the product free to the home user and charge for business use. If the product is good perhaps word of mouth and postings on sites such as this one could help the bottom line. Lets face it advertisement is not cheap either perhaps this is a good alternative.

    Always,
    Wildman
     
  7. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I tend to avoid "Free" stuff. The notable exception is Sophos UTM 9, mostly because it's a $15,000.00 device OS that happens to be free for the home in order to help promote, and improve their enterprise product.

    But as a general rule, I feel I should 'pay' for everything in life, and more importantly, anything on my computers/network. I think a lot of free stuff is free for fairly nefarious reasons, and a lot of free stuff is free for good reasons. It's not always easy for people to differentiate between those products that are free to exploit, and free because of a hippy that wants to save the world. Maybe it's because I feel like an entitled elitest when I pay for stuff, vs trying to exploit the generous? Or maybe it's because I feel I've been blessed, and can spread the blessings around, which in turn will bring in more for me to spread around - a sort of karmic mechanic? Not sure, but either way the very second I hear 'free' I start to reel back a bit, and question whether or not I want to partake in the free.
     
  8. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Strong wisdom.

    A lot of enterprise firms do this, and it works well. Partly because it improves the product, but mostly because it increases exposure. These are exceptions to my rule of not generally using 'free', strong enterprise grade products. I think the problem is with these cheap operations that release free stuff, bundle it with junk, put backdoors in it, use it to datamine, etc. Degrades the entire free landscape... Forticlient, Sophos UTM, Untangle, all good examples of enteprise grade products free for home use, without payloads.

    I think the devil is in companies that release PAID products, and keep the free mindset, and still bundle the product, use it for datamining, etc. Those are the devils... Examples are PasswordBox, which billed itself as function and free, but sends your telemetry to Mixpanel. When you pay - it still sends your telemetry to Mixpanel. I'm sure we have plenty examples of the 'devil', don't we?
     
  9. subhrobhandari

    subhrobhandari Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    708
    I have a few free softwares I use almost every day and cant do without, like Everything, Filemenu Tools, MPC-BE and Media Preview Configuration. I am yet to see any "paid" alternatives which offer the same functionality.
     
  10. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,234
    I avoid paid software as much as possible. If there's an excellent free alternative to paid software, I will use the free option. I'm not going to let unwanted extras put me off using free software. I usually pay enough attention when installing to software to avoid ending up with any extras. In the rare case any extras get installed, it doesn't bother too much - I uninstall them. I'm not the type that assumes that the extras installed may be malicious.

    If a paid product offers significant advantages over free software and is not excessively priced I will happily pay for it.
     
  11. NWOAbschaum

    NWOAbschaum Registered Member

    Joined:
    Feb 9, 2014
    Posts:
    184
    Location:
    Germany
    At the end. Money is just paper. The whole System with money is in fact wrong and not human right.
     
  12. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,103
    Location:
    Southern Rocky Mountains USA
    Well, some of the best things in life are free, but so are some of the worst. I just spent a couple of days setting up VMs from old Xp installations of mine and all the software I used to do it was free. Virtualbox, VirtualPC and Paragon Virtualization Manager. All came straight from the websites of the companies that produce them. I avoid the cesspools of PUPs like download.com. There is a lot of good free software out there. Sourceforge and Github are much better places to look. Free is good, GPL open source is better. There are also free licenses of commercial software widely available. I check for them daily. The best place I've found for that is http://giveawayradar.weebly.com. A lot of the software offered is crap but there are some real gems now and then.
     
  13. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    The problem is, unless you are controlling egress from your network via a UTM/NGFW, then you cannot be certain you are really 'avoiding' the extras. As I pointed out, I routinely find so-called free products sending 'massive' (in some cases) telemetry, and that's with just the core product installed. IObit uninstaller - recent example, sends telemetry to a CDN that is known to host 'questionable' websites - and it sends it every 60 seconds. That's even with the election of not installing any extras. Passwordbox? Same thing.

    MisterB points out excellent examples of commercial products supporting free versions to help test/promote their enterprise editions. IMO these are often the best source for anything free, and often the free versions are the only ones us mortals can afford when compared to expensive enterprise licensing schemes. Untangle and Sophos have free versions by virtue of their enterprise editions, and funded by. To help test, market, and raise awareness of their commercial endeavors.

    IF I use something free I take great precautions, and run many sniffers. But ultimately - in probably 75-85% of the cases I find the software doing 'questionable' things, or sending suspect data to questionable locations. That is regardless of the great care during installation.
     
  14. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Thanks! Better than Tipradar which I was using before.
     
  15. wildman

    wildman Registered Member

    Joined:
    Feb 18, 2004
    Posts:
    2,179
    Location:
    Home on the range.
    As you may have gathered I use FREE software and have done so for some time now. I look at sites such as this one and see what others are using, I also use sites that review products and have comments from users. I download from the vendor's site where possible or from a site I know and trust. I always do a custom install of any software I have downloaded.

    Always,
    Wildman
     
  16. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    Interesting thoughts...

    My perspective is that the HTG articles on bundled slime-ware (Windows and Mac) are targeted mostly toward low knowledge/experience computer users. Based on that assumption, I think the articles (while being over the top), are arguably passing the right message to those type of users. Low knowledge/experience users almost never read EULAs, the installation path, the UAC warning or anything. They just click until something says they don't need to click anymore or there's nothing left to click. IMO, something like the HTG articles needed to be done to make low knowledge/experience users aware that there are deceptive business models all over the place and that they need to be very careful when downloading and running any software, free or otherwise.

    For a long time, I've tried to educate everyone I know about these shady deals, but I still see a ton of stuff installed users swear they didn't install. I'm more and more convinced that just telling them to be careful is never going to work. I would rather have my friends and family ask me what is or is not safe and deal with the minor time interruptions rather than have to help them clean up the issues when they make the "wrong" decisions on their own.

    While I absolutely agree that the suggested approaches to handling this situation can and should/would work, I submit none of them would ever be an option for any of the low knowledge/experience users I know. They have zero understanding on how to perform any of those suggestions. And, to make it even more challenging, many are vocal they don't (or even won't) try because of (fill in the blank excuse/reason.) Thus the reason I just have them contact me before installing anything... Sad huh??
     
  17. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,234
    I'll take me chances. As long as no extra software gets installed I'm happy. If there is extra network actvity going on the background, while I accept that may not be a good thing, I don't know if it happening or not since I don't test for it. As they say, ignorance is bliss.

    I don't know why IObit is doing that, but I'm sure there's nothing concerned about considering it is the CDN they use for product updates.
     
  18. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
    Nice site!! But unfortunately it's not possible to subscribe to a newsletter to get daily deals...
     
  19. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I just found out 'Authy' sends substantial telemetry for their TFA application. Also, my UTM has Authy flagged as a data-tabulation product under 'Marketing IP's' and blocks it if marketing and tabulation is selected. I switched to Sophos Two Factor, it has only ONE permission - to use the camera to take QR's for apps you want TFA on..

    One must be very careful.
     
  20. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,952
    Location:
    DC Metro Area
    Last edited: Apr 14, 2015
  21. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,103
    Location:
    Southern Rocky Mountains USA
    I just reload it a couple of times of day. It just lists offers from other sites. It works fine without javascript but not all the giveaway sites it refers to do. I use disposable emails when an email address is required. Anything I download is put in a VM sandbox for initial testing and most of it doesn't ever get out of the VM. If I find it interesting, I will put it in a laptop I reserve for testing software for further vetting. If I find it useful and it doesn't do anything annoying, I will continue using it and install it on other machines. I like playing with new software in VMs but the software I actually use on a regular basis is fairly limited, just a handful of apps and utilities.
     
  22. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,010
    Location:
    The Netherlands
    Yes I agree, I pay only for software if it's better than the freeware alternatives, which is no surprise because everyone likes a free lunch. Almost all the software I use is freeware, I've payed only for about 5 apps so far, all of them were lifetime licenses.
     
  23. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    854
    Nearly all the software I use is free. Obviously we all have to decide for ourselves which software passes our vetting processes. On occasion I'll donate to the authors of some of the programs I use.

    I love the idea that there are people who create tools for everyone to use, and free software generally is better than paid alternatives. I find most paid software too bloated to want to use, with too many hooks into the system.

    While I have access to licences for a number of paid software and antiviruses, my preference is to find the most lightweight program for each purpose.
     
    Last edited: Apr 16, 2015
  24. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Can you cite some examples of this?
     
  25. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    854
    It's a fair point that free software can be monetised to spy on users, and the jump in spyware from the late 90s/early 2000s should have made a lot of us more discerning about which software to trust. I think that using IObit isn't the best example though, as the reputation alone of this company should be enough of a red flag for most knowledgeable users. I would take it as a given that they wouldn't respect the privacy of users of their software.

    If there were cases where popular, free software like MPC-HC or VLC were doing the same, then that would be more interesting. Also I'm not sure what the relevance of which CDN they use. Even amazonaws has hosted malware before, but that doesn't mean I mistrust Malwarebytes for using the service legitimately to deliver updates.

    Yes, sure. I'll write up some later. Just keep in mind that 'better' is deliberately subjective; I consider what is the best software for the task at hand, and generally don't feel I'm missing out by not using a paid alternative.
     
Loading...