SpywareWatchdog/articles/poweriso.html

75 lines
4.5 KiB
HTML
Raw Normal View History

2020-07-25 12:33:15 +03:00
<!--Old Style-->
2020-02-07 09:12:15 +02:00
<!DOCTYPE HTML>
<html lang=”en-us”>
<head>
<link rel="stylesheet" href="../style.css">
2020-02-07 09:12:15 +02:00
<meta charset="UTF-8">
2020-07-30 14:34:56 +03:00
<title>PowerISO — Spyware Watchdog</title>
2020-02-07 09:12:15 +02:00
</head>
<body>
<meta name="viewport" content="width=device-width, initial-scale=1">
2020-02-08 10:32:22 +02:00
<img src="../images/poweriso_logo.png" alt="PowerISO logo">
2020-06-04 04:22:07 +03:00
<h1>PowerISO</h1>
2020-02-07 09:12:15 +02:00
<p>
PowerISO is a CD / DVD / BD image file processing tool.
</p>
<h2>Spyware Level: <font color="yellow">Medium</font></h2>
<p>
The PowerISO software itself, after you have installed it, does not seem to have a lot of serious privacy problems and would probably be listed
2020-07-30 14:34:56 +03:00
as "Not Spyware" or "Low". However, downloading and installing this software requires careful attention because it attempts to install several spyware
2020-02-07 09:12:15 +02:00
programs and otherwise violates your privacy at every step of the installation process. So it's received this higher rating because of how bad this
2020-02-08 10:09:18 +02:00
process is for user privacy. Also, keep in mind that this is for the free version of the software and the paid version might be slightly better for
user privacy, however because there are so many problems with the free version you would have to do your own tests to make sure.
2020-02-07 09:12:15 +02:00
</p>
<p>
To talk more specifically about the software itself, it will check off "automatically check for updates" by default in the installer which is bad, but you can uncheck it.
When I actually ran it after installing, it did not make any unsolicited requests so it didn't have any problems. When I asked it to check for updates,
2020-02-08 10:09:18 +02:00
it used HTTP to talk to some server. HTTP is a little excessive and not good for privacy. But at least it doesn't phone home or anything, which is really
not something I expected after seeing the absolute disregard for user privacy when trying to install the program.
2020-02-07 09:12:15 +02:00
</p>
<p>
Microsoft Network Monitor 3.4, ProcMon, and NoScript were used to check this program and it's installation process for spyware.
</p>
<h3>Unsolicited connections in installation process</h3>
<p>
When you try to download this program off of the developer's website (<a href="http://www.poweriso.com/download.php">http://www.poweriso.com/download.php</a>), the download link,
which appears to be a link to: <code>http://www.fettcedob-nero.com/vf6o1o5/PowerISO7-x64.exe</code>, is actually a redirect to a website that tries to run a third
party script (spyware) on your browser.
</p>
2020-07-30 14:34:56 +03:00
<img class="screenshot" src="../images/piso_scripts.png" alt="PowerISO install button running scripts caught by NoScript.">
<h3>Attempting to install a Chrome extension</h3>
2020-02-07 09:12:15 +02:00
<p>
2020-07-30 14:34:56 +03:00
I could not manage to download this program with a Firefox-based browser, so I used a Chrome-Based browser to download it. Once I had enabled JavaScript and executed all of the
spyware involved, it attempted to get me to install this Chrome extension:
2020-02-07 09:12:15 +02:00
</p>
2020-07-30 14:34:56 +03:00
<img class="screenshot" src="../images/piso_extension.png" alt="PowerISO attempt to install a Chrome extension">
2020-02-07 09:12:15 +02:00
<p>
2020-02-08 10:09:18 +02:00
While this is not a review of search manager, it's worth noting that this extension is known adware at least, and who knows what else it does. Any searches about this
extension should explain this. But at the very least, assuming that you didn't install any spyware yet, you at least have the PowerISO installer...
2020-02-07 09:12:15 +02:00
</p>
2020-07-30 14:34:56 +03:00
<h3>Attempts to install spyware in the PowerISO installer</h3>
2020-02-07 09:12:15 +02:00
<p>
2020-07-30 14:34:56 +03:00
Once you run the PowerISO installer, it will attempt to install the following programs on your computer:
2020-02-07 09:12:15 +02:00
</p>
2020-06-04 04:22:07 +03:00
<img class="screenshot" src="../images/PowerISO7-x64_1.png" alt="PowerISO attempt to install spyware 1">
<img class="screenshot" src="../images/PowerISO7-x64_2.png" alt="PowerISO attempt to install spyware 2">
2020-02-07 09:12:15 +02:00
<p>
2020-02-08 10:09:18 +02:00
Which both look very shady. <a href="../articles/cdex.html">CDex</a> also seems to be using this same tactic and installer software.<br>
2020-02-07 09:12:15 +02:00
Now, to top it all off, the PowerISO installer will also phone home to some Amazon Servers:
</p>
2020-06-04 04:22:07 +03:00
<img class="screenshot" src="../images/piso_installer_phone_home.png" alt="PowerISO installer phoning home">
2020-02-07 09:12:15 +02:00
<hr>
2020-06-04 04:22:07 +03:00
<center>
2020-02-07 09:12:15 +02:00
<p><b>
This article was created on 10/7/2018
</b></p>
<p>
2020-11-17 22:48:20 +02:00
If you want to edit this article, or contribute your own article(s), visit us at the git repo on <a href="https://codeberg.org/shadow/SpywareWatchdog">Codeberg</a>. All contributions must be licensed under the CC0 license to be accepted.
2020-02-07 09:12:15 +02:00
</p>
2020-07-30 14:34:56 +03:00
<a href="https://creativecommons.org/publicdomain/zero/1.0/legalcode"><img class="icon" src="../images/cc0.png" alt="CC0 License"></a>
2020-06-04 04:22:07 +03:00
<p><a href="../articles/index.html">Back to catalog</a></p>
</center>
2020-02-07 09:12:15 +02:00
</body>
2020-07-30 14:34:56 +03:00
</html>