lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 5 Dec 2003 09:48:47 -0000 From: Alexander Falk <al@...ova.com> To: bugtraq@...urityfocus.com Subject: Re: Altova XMLSpy "phones home" user data In-Reply-To: <86ekvlkvmn.fsf@...e.nest.cx> >>>>>> "Bruno" == Bruno Lustosa <bruno@...tosa.net> writes: > > Bruno> ... whenever someone will launch XMLSpy, the > Bruno> program will try to connect to Altova's servers, send some > Bruno> user info through a POST to a web server, and wait for a > Bruno> response. That is correct, this is a process described in our EULA in Section 1(k) Software Activation and Section 1(l) LiveUpdate. Please see our EULA for details, which is available on our website under this URL: http://www.altova.com/order_license4.html > Bruno> What bothers me is that > Bruno> it's sending user information that was _not_ entered into the > Bruno> program. It sends user name used to register the program, and > Bruno> it also sends an email address that I'm almost sure was not > Bruno> entered into the program. This is incorrect insofar as the information transmitted is data that has been entered by the user into the Registration dialog (Help menu / Registration). This does include the e-mail address, provided that the user has entered this into the Registration dialog when requesting an evaluation key-code from our license server. Regarding the collection of e-mail addresses from users of our software, who are requesting an evaluation key-code, please see our strict privacy policy, which is available at this URL: http://www.altova.com/privacy.html Altova takes privacy and security very seriously, and we believe we have properly disclosed any legitimate anti-piracy measures in our product in the EULA. Sincerely, Alexander Falk President & CEO Altova, Inc.
Powered by blists - more mailing lists