🇹
That would be good, quite interested
Size: a a a
2019 January 11
W🦊
🇹 🇼 🍩 🍩 🇨 🇦 🇰 🇪 🇸
Could you advise what you meant by the official build was backdoored by somone. What were the nature of the back doors, do you also know how the tool acted as a Trojan
Guys are called "Renessans-bz" are abused auto-update mechanism through which they are sent malware with ads
W🦊
Nummer who is an original creator of DWS have annouced this in his Twitter
W🦊
On a quick hand I have picked the code up and fixed it to make sure it will be safe
🇹
Can't trust anything these days.
🇹
👍
🇹
There seems to be an enormous amount of services disabled and ip blocks as part of the app. How sure are they that every single one is indeed leaking personally identifying information. In the EU, we now have GDPR. It might be an idea to place a request on Microsoft for full disclosure. They are now compelled by law to detail every nuance of their data collection and storage, including 3rd party transfers
🇹
Then compare that with the knolegebase encapsulated within the app. If they fail to disclose any channel, you have grounds to sue. They also get a fine linked to their gross income I think
🦊
🇹 🇼 🍩 🍩 🇨 🇦 🇰 🇪 🇸
There seems to be an enormous amount of services disabled and ip blocks as part of the app. How sure are they that every single one is indeed leaking personally identifying information. In the EU, we now have GDPR. It might be an idea to place a request on Microsoft for full disclosure. They are now compelled by law to detail every nuance of their data collection and storage, including 3rd party transfers
Nice idea, I think the community would be grateful if you run this and let us know of the progress and of-course the results if any🦊
🇹
I wouldn't offer much value to that endeavor, it needs someone who can craft the right questions. Also enough knowledge of the leakages in win 10 in order to correctly assess any feedback from MS.
🇹
So dws was written initially by os dev, the code was then sold to some dodgy company, who swapped out the update url to their own, through which they used it to download dubious binaries and execute them on the client machine.
This kind of thing happens a lot
https://github.com/Nummer/Destroy-Windows-10-Spying/blob/master/DWS/MainWindow.xaml.cs#L197-L239
This kind of thing happens a lot
https://github.com/Nummer/Destroy-Windows-10-Spying/blob/master/DWS/MainWindow.xaml.cs#L197-L239
🦊
🇹 🇼 🍩 🍩 🇨 🇦 🇰 🇪 🇸
I wouldn't offer much value to that endeavor, it needs someone who can craft the right questions. Also enough knowledge of the leakages in win 10 in order to correctly assess any feedback from MS.
I doubt that anyone who tampers with the internals of their softcraps will admit it by submitting any official requests, it better to be done by governments or public organizations, at least the will be protected from countersues...
🦊
🇹 🇼 🍩 🍩 🇨 🇦 🇰 🇪 🇸
So dws was written initially by os dev, the code was then sold to some dodgy company, who swapped out the update url to their own, through which they used it to download dubious binaries and execute them on the client machine.
This kind of thing happens a lot
https://github.com/Nummer/Destroy-Windows-10-Spying/blob/master/DWS/MainWindow.xaml.cs#L197-L239
This kind of thing happens a lot
https://github.com/Nummer/Destroy-Windows-10-Spying/blob/master/DWS/MainWindow.xaml.cs#L197-L239
Nope, it was written by someone who investigated into what OS does, came with a bunch of holes that should be sealed, and after several years of dealing with it by himself decided to pass it over to some team he thought that could be trusted, but it didn't last long...
🇹
Many torrent clients get pawned like this. But the miscreant Devs tend to be more subtle in their infection stratagem. I wouldn't touch uTorrent with a barge pole
🇹
I doubt that anyone who tampers with the internals of their softcraps will admit it by submitting any official requests, it better to be done by governments or public organizations, at least the will be protected from countersues...
The request needn't give anything away regards the requestees motivations or any admission of reverse engineering. Just a bunch of leading questions that can be validated against a bunch of known factors. The results of that process could instead be analised, peer checked and then published instead, name and shame Microsoft into a PR desaster