skipit Posted March 23, 2007 Posted March 23, 2007 (edited) ImgBurn trys to connect to www.baytest2.microsoft.com (207.46.19.60) py-in-f147.google.com (64.233.167.147) f1.www.wip.re3.yahoo.com (69.147.114.210) Why? Edited March 23, 2007 by skipit
cornholio7 Posted March 23, 2007 Posted March 23, 2007 its just checking there is a connection by checking 3 places that are almost certain to be online before it checks imgburn which could (if you have been visiting regularly) be down. its not transmitting info.
lfcrule1972 Posted March 23, 2007 Posted March 23, 2007 If you don't like it (it really is just checking the internet connection) you can turn it off under settings, in other words ImgBurn will no longer tell you when an update is available and you will have to check manually
LIGHTNING UK! Posted March 23, 2007 Posted March 23, 2007 It amazes me when people question what ImgBurn is doing trying to connect to the internet after they've told it to check for updates. Where's it gonna get that update info from if not the internet?! 'But why those sites?', you might ask... well, surely how I have it check for updates is down to me? (corny already explained the reason - and it's been covered before if you search). All you, as a user, have to decide, is if it does it (full stop) or not.
skipit Posted April 25, 2007 Author Posted April 25, 2007 It amazes me when people question what ImgBurn is doing trying to connect to the internet after they've told it to check for updates. I explicitly told it NOT to check for updates. It is MY responsibility to change my computer's software, NOT YOURS. But it tried to connect to these hosts anyway! Even though I said do not check for updates! 60.198.46.207.in-addr.arpa domain name pointer wwwtkttest5.microsoft.com. 147.7.102.66.in-addr.arpa domain name pointer mc-in-f147.google.com. 158.36.131.209.in-addr.arpa domain name pointer f1.www.vip.sp1.yahoo.com. This smells like spyware to me! DVD burning software should NOT need an internet connection. It should only have to read the hard disk and write the DVD. Please update your software to only initiate an internet connection in response to my specific request. Software that does suspicious things of its own initiative is not to be trusted.
cornholio7 Posted April 25, 2007 Posted April 25, 2007 Software that does suspicious things of its own initiative is not to be trusted. so dont use it, its only checking to see if there's an update for your benefit and totally free, dont take Lightning's word or anyone from here's word for it, look here , this is totally independant of the software http://www.softpedia.com/get/CD-DVD-Tools/...g/ImgBurn.shtml
Clear Posted April 25, 2007 Posted April 25, 2007 It amazes me when people question what ImgBurn is doing trying to connect to the internet after they've told it to check for updates. I explicitly told it NOT to check for updates. It is MY responsibility to change my computer's software, NOT YOURS. But it tried to connect to these hosts anyway! Even though I said do not check for updates! 60.198.46.207.in-addr.arpa domain name pointer wwwtkttest5.microsoft.com. 147.7.102.66.in-addr.arpa domain name pointer mc-in-f147.google.com. 158.36.131.209.in-addr.arpa domain name pointer f1.www.vip.sp1.yahoo.com. This smells like spyware to me! DVD burning software should NOT need an internet connection. It should only have to read the hard disk and write the DVD. Please update your software to only initiate an internet connection in response to my specific request. Software that does suspicious things of its own initiative is not to be trusted. It seems to be have designed that way. Don't like it? Uninstall it... I'm sure plenty of other software programs do exactly the same thing.
LIGHTNING UK! Posted April 25, 2007 Posted April 25, 2007 I explicitly told it NOT to check for updates. It is MY responsibility to change my computer's software, NOT YOURS. On a clean install (or where you choose to reset the settings), you'll get a prompt to check for updates. Otherwise, it'll use your existing setting. The whole update checking routine ONLY runs if a certain variable is set - obviously it was for you or it wouldn't have run. if(Settings.EVENTS_CheckForProgramUpdate) { SetStatusBarText("Checking For Program Update", 0); CheckForProgramUpdate(true); } Settings.EVENTS_CheckForProgramUpdate is only ever a value between 0 and 4 Where 0 = Never, 1 = Daily, 2 = Weekly, 3 = Fortnightly, 4 = Month. It's probably worth mentioning that the program defaults to checking for updates every week and the settings are on a per user basis - so if you install as one person and then run as another, the updates will be disabled for the person that installed it, but will be on (weekly) for the other user. If you can honestly tell me (hand on your heart) that the program connects to the net when you start it up and yet on the events tab in the settings it says 'Never' for checking for updates, I'll eat my words.
Shamus_McFartfinger Posted April 25, 2007 Posted April 25, 2007 This smells like spyware to me! And you sound like an idiot to me. You've been told 3 times already why ImgBurn connects to these sites. Even the author has told you. I'd tell you for a forth time if I thought you'd listen. Given your apparent inability to grasp simple English, it may be time for you to sell your PC and buy something less complicated. I suggest an Etch-a-sketch.
skipit Posted April 25, 2007 Author Posted April 25, 2007 It's probably worth mentioning that the program defaults to checking for updates every week and the settings are on a per user basis - so if you install as one person and then run as another, the updates will be disabled for the person that installed it, but will be on for the other user. You are correct. I installed it as administrator. (Administrators install stuff.) I told it not to check for updates. Then I logged in as a non-admin user. (You shouldn't be an administrator if you're not planning to install stuff.) On starting the program it (A) ignored the fact the administrator told it not to update, and ( assumed a non-admin user who never had the chance to uncheck some setting would be updating the software. You are telling me it is functioning as intended. I accept that. I am suggesting you might want to alter your intent if you don't want to arouse the suspicions of security-aware users. Your choice of course. I'm just telling you how your (program's) actions look to this observer.
Clear Posted April 25, 2007 Posted April 25, 2007 This smells like spyware to me! And you sound like an idiot to me. You've been told 3 times already why ImgBurn connects to these sites. Even the author has told you. I'd tell you for a forth time if I thought you'd listen. Given your apparent inability to grasp simple English, it may be time for you to sell your PC and buy something less complicated. I suggest an Etch-a-sketch. Ah the ol' Etch-a-Sketch... even I had trouble learning that.
Clear Posted April 25, 2007 Posted April 25, 2007 It's probably worth mentioning that the program defaults to checking for updates every week and the settings are on a per user basis - so if you install as one person and then run as another, the updates will be disabled for the person that installed it, but will be on for the other user. You are correct. I installed it as administrator. (Administrators install stuff.) I told it not to check for updates. Then I logged in as a non-admin user. (You shouldn't be an administrator if you're not planning to install stuff.) On starting the program it (A) ignored the fact the administrator told it not to update, and ( assumed a non-admin user who never had the chance to uncheck some setting would be updating the software. You are telling me it is functioning as intended. I accept that. I am suggesting you might want to alter your intent if you don't want to arouse the suspicions of security-aware users. Your choice of course. I'm just telling you how your (program's) actions look to this observer. It gives you an option, you and only you chose how it acts. If you still think it arouses suspicions, I'd suspect yourself instead.
skipit Posted April 25, 2007 Author Posted April 25, 2007 you sound like an idiot to me. You've been told 3 times already why ImgBurn connects to these sites. I did read and understand those claims. You seem to assume I should trust everything I read, and everything a program wants to do, instead of trusting my firewall. Given your apparent inability to grasp simple English, it may be time for you to sell your PC and buy something less complicated. I suggest an Etch-a-sketch. Given your apparent inability to grasp the basics of information security, I hope for your own sake your bank account does not offer online access. There! Does the person who shouts loudest win? Or can we get back to discussing appropriate behavior for polite, non-malicious software?
dontasciime Posted April 25, 2007 Posted April 25, 2007 Yes the author of this program is very sly, he has also got a routine in place to hack my hi-tech GRD-267DTU to see how much beer I have b4 popping round.
Shamus_McFartfinger Posted April 25, 2007 Posted April 25, 2007 You are telling me it is functioning as intended. I accept that. I am suggesting you might want to alter your intent if you don't want to arouse the suspicions of security-aware users. Your choice of course. I'm just telling you how your (program's) actions look to this observer. The first course of action in dealing with possible security problems is to ask - which you did. Debating the answer with the people who actually know is just arrogance. For what it's worth, Lightning_UKs' current and pasts programs (including DVD Decrypter) have been connecting to these same sites and for the same reason for years. LavaSoft, SpyBot etc would have flagged this program as malicious long ago if it were so, wouldn't they?
skipit Posted April 25, 2007 Author Posted April 25, 2007 It gives you an option, you and only you chose how it acts. If you still think it arouses suspicions, I'd suspect yourself instead. Not quite true. It gave me an option. I said no. It behaved as if I said yes. This did not strike me as the behavior of obedient, trustworthy software. In a scenario where administrators admin the computer, and users use the computer (the only reasonable scenario from a security perspective), a user CANNOT set the option to no without starting the program first. Right? And the first time a user starts the program, it tries to connect to the internet. Because you didn't get a chance to set the option yet! And it pays no attention to the option the administrator set while installing it.
LIGHTNING UK! Posted April 25, 2007 Posted April 25, 2007 It's functioning in the only way it can. As a per user tool, it doesn't know about other users on the pc or care what settings they're using. If you install via 'Run As' whilst logged on as your normal user, does it still not put the registry stuff in the key for the currently logged on user? In any case, even as a security aware user, you were given perfectly decent explainations at the start of this thread as to why it does what it does. There was no reason at all to then say it 'smells like spyware'. Saying stuff like that just makes you come across as a bit of a twat - and I've no time for twats. EDIT: Oh and it's not ignoring what the admin user said, it doesn't know what they said! A user is just a user. Be it an admin one or anyone else. It works both ways. I could default to 'Never' for update checking and the 'Admin' user could say 'Yes, I want to check for updates' - which then makes it check weekly. Other users on the system would still use the program default of 'Never' and then I'd have them moaning. The only way I could change it is to rename the 'Create shortcuts for all users' to 'Install for all users' and then create an ImgBurn key under HKLM\Software which then contains an overriding setting for the update checking which 'new' people will use rather than the default program value.
dontasciime Posted April 25, 2007 Posted April 25, 2007 on first install just after installer finishes and runs Imgburn If ticked, it asks you then if you want to allow check for update. mine does not do what you say happens on yours when i have no to updates Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\Ascii>netstat -v -b Active Connections Proto Local Address Foreign Address State PID TCP ascii-dfi:1035 192.168.2.1:http ESTABLISHED 1076 c:\windows\system32\WS2_32.dll C:\WINDOWS\System32\WINHTTP.dll [svchost.exe] TCP ascii-dfi:2537 update.ewido.net:http ESTABLISHED 372 C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\WS2_32.dll C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -- unknown component(s) -- C:\WINDOWS\system32\SHLWAPI.dll ntdll.dll C:\WINDOWS\system32\kernel32.dll [avgas.exe] TCP ascii-dfi:2612 80-239-236-129.customer.teliacarrier.com:http E STABLISHED 2656 C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WININET.dll [iexplore.exe] TCP ascii-dfi:2620 uk-forums.net:http CLOSING 1308 C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WININET.dll [IEXPLORE.EXE] TCP ascii-dfi:2622 uk-forums.net:http CLOSING 1308 C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WININET.dll [IEXPLORE.EXE] TCP ascii-dfi:2627 uk-forums.net:http CLOSING 1308 C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\SHLWAPI.dll ntdll.dll C:\WINDOWS\system32\kernel32.dll [IEXPLORE.EXE] TCP ascii-dfi:2631 uk-forums.net:http CLOSING 1308 C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WININET.dll [IEXPLORE.EXE] TCP ascii-dfi:2632 uk-forums.net:http CLOSING 1308 C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\SHLWAPI.dll ntdll.dll C:\WINDOWS\system32\kernel32.dll [IEXPLORE.EXE] TCP ascii-dfi:2636 uk-forums.net:http CLOSING 1308 C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WININET.dll [IEXPLORE.EXE] TCP ascii-dfi:2670 uk-forums.net:http CLOSING 1308 C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\SHLWAPI.dll ntdll.dll C:\WINDOWS\system32\kernel32.dll [IEXPLORE.EXE] TCP ascii-dfi:2686 uk-forums.net:http CLOSING 1308 C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\SHLWAPI.dll ntdll.dll C:\WINDOWS\system32\kernel32.dll [IEXPLORE.EXE] TCP ascii-dfi:2694 uk-forums.net:http CLOSING 1308 C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\SHLWAPI.dll ntdll.dll C:\WINDOWS\system32\kernel32.dll [IEXPLORE.EXE] TCP ascii-dfi:2708 uk-forums.net:http TIME_WAIT 0 C:\Documents and Settings\Ascii>
Shamus_McFartfinger Posted April 25, 2007 Posted April 25, 2007 Given your apparent inability to grasp the basics of information security, I hope for your own sake your bank account does not offer online access. A rare display of wit from one who seems to possess roughly half of that.... While my understanding of security may be inferior to one of your obvious gifts, I find that a good understanding of the software I use to be an asset to me. It's certainly better than the education you've based your arguements on. Don't forget about that Etch-a-sketch.
skipit Posted April 25, 2007 Author Posted April 25, 2007 on first install just after installer finishes and runs Imgburn If ticked, it asks you then if you want to allow check for update. I know. And I said No. Then when I logged in as a non-admin user, it went ahead and checked for updates anyway.
dontasciime Posted April 25, 2007 Posted April 25, 2007 I think something else has got control of you pc then as mine does not do that. Get rid of the firewall your using (it's not windows firewall is it)
Clear Posted April 25, 2007 Posted April 25, 2007 Given your apparent inability to grasp the basics of information security, I hope for your own sake your bank account does not offer online access. A rare display of wit from one who seems to possess roughly half of that.... While my understanding of security may be inferior to one of your obvious gifts, I find that a good understanding of the software I use to be an asset to me. It's certainly better than the education you've based your arguements on. Don't forget about that Etch-a-sketch. Dude, let me see your shoe! The bottom line is this: ImgBurn was designed that way. The author wants it that way, and he wrote the program. Unless you're above God, LIGHTNING UK! decides how it acts. Don't like it? Too bad.
skipit Posted April 25, 2007 Author Posted April 25, 2007 I think something else has got control of you pc then as mine does not do that. The author of the software already confirmed the behavior I reported on this discussion, if you read it. He says that the settings made by the administrator have no effect when other users run the program. Get rid of the firewall your using (it's not windows firewall is it) Good idea. If I don't like what my firewall is telling me, shut it off! And if I see a traffic accident happening in front of me, close my eyes! No, of course it is not Windows firewall. That thing trusts most anything malicious software wants to do, including most of the spying Microsoft programs want to do.
Shamus_McFartfinger Posted April 25, 2007 Posted April 25, 2007 Dude, let me see your shoe! Follow the Gourd! The bottom line is this: ImgBurn was designed that way. The author wants it that way, and he wrote the program. Unless you're above God, LIGHTNING UK! decides how it acts. Don't like it? Too bad. You got it.
Recommended Posts