Offshore Software

Discussion in 'privacy general' started by ajcstr, Mar 20, 2016.

  1. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    I am wondering if anyone has an issue with software developed and based overseas (ie China, Russia). For instance Aomei and EaseUS? Kaspersky? I AM NOT saying these are not legit companies but there has been some conversations about Chinese based security programs having privacy issues. I guess I am focused on Aomei and EaseUS at the moment but have steered away from Kaspersky in the past .

    Is this too paranoid or is this a valid concern.
     
  2. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe
    Well, if we look at the actual economic and politic situation, it's obviously that the Republic of China - the Republic I say, not i hope all the privates - is interested to watch and to know many things in Occident. And sometimes - now I use Aomei - I have the same doubt than you have. But think: the NSA ( https://www.wilderssecurity.com/thre...ems-for-user-data-secret-files-reveal.348308/ ) is an american agency - not the only one - as Microsoft is american, as many software and hardware producers too. Are we sure that american - or european - software are all safe, honest, and clean, not infiltrated ? I don't think that Occident is always the good and so it never breaks our privacy, offering freeware programs, or infiltering - backdoor, trojan.. - honest third part software, for example. Stuxnet was american, and not the only seems.
    So what about ? I'm also would be " paranoid ", but to be consequential I had to give up many software that I like. I'm not a company, neither a politic, a business man, unfortunately not even a scientist, so I try to choose well known programs and I hope for my privacy.
     
  3. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,149
    Location:
    UK
    By overseas, I take it you mean anywhere apart from the US?

    I doubt it's paranoid, but could you be clearer about the threat you're most concerned with? Clearly, given other discussions in this section, there are many reasons to be unhappy, because there don't seem to be many jurisdictions that are upholding the rule of law. As far as the companies themselves are concerned, you can normally get a flavor from their track record and culture; and likely most importantly, from their business model. But pretty much any of them can be subverted by court orders or TLA insiders.

    The problem with disk management/backup/AV software is that it pretty much has full admin rights quite a lot of the time, or is doing very intrusive stuff and cannot be sandboxed easily. That would be an argument for going FOSS.
     
  4. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    Well, Identity theft for one, tax returns bank statements on PC

    Next would be hidden ransomeware, malicious code.

    Finally, if relations with the country in question deteriorate, can they compromise the pc. Could there be trojan horses in them? A good bit of the phishing we see is from those countries.

    Kaspersky and EaseUS have been around for a while, but I was looking at Anomei's website and the English language used on that site is so poor, it rivals some of the phishing emails I get.
     
  5. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    406
    5yrs back I encountered a freeware utility (find duplicate/similar audiofiles) which started an inbuilt webserver component at each launch. The program was hugely popular in terms of download counts and the number of sites offering it for download, and I scratched my head wondering why no one had noticed (complained, questioned) the webserver. I ran the program sandboxed and monitored network traffic... and never witnessed it engaging in network connections. But still, there was zero reason for that program to initiate a service, continually listening on port 80 (hmm, or was it 8081?).

    Hard for me to believe the webserver component was "accidentally" incorporated into the freeware. With the "check for updates" feature (enabled by default) calling a mothership at each launch, the PC of any user not behind a NAT router would be primed for addition to a botnet, or for data exfiltration. Perhaps the "angle" of the freeware author was to develop a large install userbase, then later sell access to the inbuilt backdoor?

    I researched the program's author and learned that he is a Chinese national.
    So what? Anyone with malicious intent could create a persona by using a European-seeming
    email contact address to obscure their nationallity, or whatever.
    FWIW, Croatian freeware (region, not country) seems to be laced with malware more often than Chinese freeware.

    AOMEI.
    fat-fingered spelling, or just hooked on phonics?
    Either way, sounds like the pot is calling the kettle black.
     
  6. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,149
    Location:
    UK
    I wonder if you'd considered running software in virtual machines, or within sandboxes or "RBAC" (things like apparmor)? Point being, you can compartmentalise your exposure, limiting malware's ability to gain any access to your data. So, for example, you can browse in a virtual machine which has no ability to exfiltrate your real data, and then revert to snapshot to remove any consequences of that browsing. Similar things can be done in sandboxes (with limits) - things like Sandboxie for Windows or Firejail for LInux (though obviously you have to trust them too). Any application "should" be sandboxed/isolated to an applicable extent because all the popular applications are routinely attacked (browser, mail, document, media). Of course, it's much harder to do that sandboxing/isolation for backup and A/V utilities, but can still be done in some cases.

    As far as attempting to protect yourself against attack from a nation-state actor, whether that's your own neighbourhood TLA or one from a different country - that's a whole 'nuther set of difficulties and well outside the scope of most people - in fact it's very hard to do even with excellent controls and operational security - because the whole base of computing is riddled with weak security even if there's no active collusion.

    I've sometimes had the fantasy that one should "invite" a couple of competing nation state actors into your machine, and hope that they fight each other to death, leaving your machine alone.....
     
  7. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    Hey, I'm no English major but I am not trying to sell software worldwide !

    What I am saying is the site is not professional (in my opinion).

    Examples.....

    "AOMEI have gotten a mounting number of reviews and identities from profess-ional media and evaluation organizations. "

    "AOMEI has built a mature framework for less than three years of development, with inde-pendent and elite team of research and development, testing, marketing, website, customer service, administrative & hr etc."
     
    Last edited: Mar 21, 2016
  8. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    406
    I'm not xenophobic. Some of my most-cherished software titles are Chinese or Russian -authored.
    I believe the Aomei developers are brilliant. They just aren't fluent in writing English.
    Often, in exchange for proofreading / translating such foreign websites, you can receive software upgrades/licenses for free.
    In fact, IIRC one of the Aomei site's webpages (or their support forum?) displays an offer for swag in exchange for translation.
     
  9. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    I'm just asking for opinions. According to Time magazine, Russia and China are the two top sources of cybercrime in the world (that's not my opinion, that's published). And a few years ago International Business Times reported "Qihoo 360 Technology Co. Ltd. (Nasdaq:QIHU), whose free antivirus software has captured more than 80 percent of the market -- estimated at about 1.5 billion people -- is being accused of stealing confidential information from hundreds of millions of users."

    So I am just being cautious. Yes Aomei has great products for free, but if I am uncomfortable, I'll use a product that maybe is less feature rich but I trust it more. Case in point I decided to go with Macrium's free tool instead. In addition, I just decided to purchase the paid version of EaseUS Todo - also from China (so I'm not xenophobic) but I feel much more comfortable using it than I do with Aomei.

    If I get a popup saying I have a virus, the reason I am not calling the number is not because its in India, its because I know the person who will answer the phone is a thief so please don't infer any racist agenda in this thread.
     
    Last edited: Mar 22, 2016
  10. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
  11. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,239
    @ajcstr OpenCandy is really nothing to worry about. It is only used when the installer is run to offer 3rd party downloads. If you pay attention when installing, and deselect the 3rd party offers, you won't get anything extra installed.
     
  12. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    I would generally agree, but as the poster in that thread pointed out (with screen shots) there was no option to exclude it. I don't think there was malicious intent as implied by some of those posters but it does look like you got it regardless.
     
  13. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,239
    @ajcstr OpenCandy is only used by the installer to provide the 3rd party software offers. It is absolutely not malware, and does not actually install on a computer, as the OpenCandy components are only executed by the program's installer. The worst that can happen, is if you don't select not to the install the 3rd party software, you'll end up with unwanted software installed. But, if you pay attenton during the install, and deselect the opton to install the extras, you'll only get the product you are installing.

    Some antivirus software such as ESET products (if I recall correctly), will detect and quarantine the OpenCandy DLL file when you launch an installer than includes OpenCandy. Doing so, will prevent the 3rd party software being offered altogether.
     
  14. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    From your point of view that includes Western Europe, but maybe not South America or the North Pole.
    I advise you to work on your general perception of the world before worrying about software.

    I advise you to work on your general perception of the world.
     
  15. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    I don't think Macrium is Chinese.
     
  16. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    Correct, UK, very happy with product. Very reputable company.
     
  17. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    I use Macrium Reflect as well. But, they're also offshore for you surely? Not necessarily for me though.
     
    Last edited: Mar 25, 2016
  18. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    I used to use KMPlayer, one day I got a pop-up claiming a routine update. I allowed it. The next thing I know Avast! is finding PUP's and quarantines them as they installed with the upgrade. When I checked them they appeared to be Open Candy. I uninstalled KMP and went back to SMPlayer.
     
  19. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,239
    @Daveski17 OpenCandy is just the componet that offers 3rd party downloads when you install certain software. Any actual PUPs which get installed have nothing at all to do with OpenCandy, since OpenCandy installs nothing on your computer apart from the 3rd party software if you didn't select not to install it.

    After running an installer which uses OpenCandy, there will be components of OpenCandy left in your temporary folder (just as they will be other temporary files left by the installer). However, these will get deleted with disk cleanups.
     
  20. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    OK thanks for the info. It was on a Vista machine and I discovered that I couldn't run a lot of my MP4 files on SMPlayer as Vista (unlike 7) didn't have the necessary codecs. KMP could play anything so I was happy until they tried to install PUP's surreptitiously. Fortunately Avast! was on the ball.
     
  21. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    Yes they are and I am still trying to figure out why being cautious about the origin of software is a sign of intolerance, prejudice, etc. I see "offshore" was definitely a poor choice of words and the thread has taken an ugly turn for some, but I AM talking about vetting software and software companies before installing.

    When I see US, UK, Canada begin being listed as major origins of malware and cybercrime I will be cautious about those sources also.
     
  22. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    Well, do you think China is one of the major origins of malware & cybercrime?

    Maxthon is a company known mainly for producing Windows web browsers.[16] It has corporate offices in San Francisco, Beijing, Hong Kong and Shanghai. Most of Maxthon’s engineers live and work in the company's Beijing office, which develops and maintains versions of the Maxthon web browser for Windows, Mac, iOS, Windows Phone and Android.[17]

    In 1999, current CEO Ming Jie "Jeff" Chen founded Hong Kong-based Mysoft International Limited to distribute the MyIE browser.[19] In 2005 the company received seed funding from venture capital firm WI Harper Group
    and Morten Lund, the first Skype investor, and Chen moved the company to Beijing.[20][21] In 2006, Maxthon received further investment from the US-based venture capital firm Charles River Ventures.[22] ~ Wikipedia

    Is all Chinese and Russian software suspect, or just most? I use Avast! as an AV and that originates from the Czech Republic. My Lenovo laptop was made in China. I have no reason to believe my Chinese made laptop is a hive of malware (it runs with Ubuntu) or that Avast! is compromised because it is from a foreign country in Eastern Europe.
     
  23. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    It's number 1 or 2 on every list I've seen.

    Lenovo & Kaspersky are well trusted obviously. I've used Bitdefender which is Romanian I believe and Avast in the past . EaseUS appears to trusted (and I purchased their backup software) but they pulled that stunt with OpenCandy which I think is not right. As soon as it became an issue I think they may have stopped doing it so they must have realized it was not good business. I know every time I do an Adobe or Java update I have to be careful to uncheck boxes or I get my browser switched or an extra toolbar - not right either.

    Aomei is the reason I started my thread. I saw their tools highly rated, I downloaded 2 of them. I had some questions and when I signed up for their forum I got some odd messages on my browser screen, and when I looked at their website I got a little nervous because, as I said before, to me it reads like a phishing email. Go to any website of the other companies mentioned in this thread and you just don't get the same impression. So my intention was to pose the question to others. I really didn't want to single them out - they could be the best company in the world for all I know - but that's the way the question came out of my superior intellect. If those things would not raise red flags for others then so be it.
     
  24. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    It all depends on your perspective I guess.
    https://securityintelligence.com/news/us-tops-list-of-countries-hosting-malware-and-botnets/
     
  25. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    Last edited: Mar 26, 2016
Loading...