Announcement: Our new CyberLink Feedback Forum has arrived! Please transfer to our new forum to provide your feedback or to start a new discussion. The content on this CyberLink Community forum is now read only, but will continue to be available as a user resource. Thanks!
CyberLink Community Forum
where the experts meet | Advanced Search >
Forum Index » PowerDVD (previous versions)
  • Recent Topics
  • |
  • Register
  • |
  • Login
Privacy Test - Epic Fail (Data sent to 5 cities)
BJ1200 [Avatar]
Newbie Joined: Feb 10, 2012 13:31 Messages: 28 Offline
[Post New] Oct 28, 2013 12:01
We've been using PDVD since version 9 and our family likes it, especially playlists. However, during installation of v12 last year it started to scan every movie, picture, and music file on our computer. It wouldn't allow me to delete the "Video" folder until I added a dummy folder to swap out. It basically forced us to provide a folder. This set tone of my skepticism....why the forceful nature of accessing our information.

WHY WE TESTED PDVD13?
Our v12 experiences made me a bit paranoid. We don't need to solicit metadata or want to participate in anything like that. We just want to use PDVD to watch movies and TV shows that are located on our NAS. We always accessed our movies using "My Computer". But v13 looks promising so before we let it scan our entire movie collection, we created a test folder with a few movies. We were shocked at what we found.

QUESTIONS FOR CYBERLINK OR USERS:
1)With all of the PDVD13 settings OFF, why is data being sent and received from my computer to these servers?
Google - Mountain View, CA (IP 74.125.224.233 through Port 80)
Hurricane Electric (ISP) - Fremont, CA (IP 72.52.84.204 through Port 80)
Digital United, Inc. (ISP) - Taipei, Taiwan (IP 203.73.25.241 through Port 80)
Amazon Technologies - Seattle, WA (IP 54.230.87.209 encrypted through Port 443)
Akamai Technologies, Inc. - Cambridge, MA (IP 23.42.82.110 through Port 80)

2) What PDVD13 settings will stop these and any other data transmissions?





With ALL network/internet settings seemingly turned OFF in PDVD13, the app still opened up to 15 concurrent internet connections and was sending or receiving data from at least 5 different cities (that we know of). We had "Movie Info" unchecked, yet movie details appeared. We had "Movies Library" checked so the "Add Movies Folder" tab appears.

OFF - Run at startup
OFF - Check for product updates
OFF - Participate in product Improvement
OFF - Enable Network for BD-Live
OFF - Allow connection when cert is invalid
OFF - Movie Info Auto Sign In
OFF - Movie Info Features
OFF - Device Tab
OFF - Store
OFF - Home Media DLNA
OFF - DLNA Access Control
OFF - DLNA Folder Sharing
OFF - Online Media (All 3 unchecked)


OPENING THE APPLICATION:
With the application open and static, internet connections open and data is transferred to IP addresses at Google and Hurricane Electric (ISP). It is unclear what data is being sent and received. Those with deeper technical skills should further investigate these connections.

HITTING THE PLAY or STOP BUTTON:
Selecting the "Play" button with those movies on your computer that are listed in the "Media Library" tab will trigger an internet connection to ISP Digital United, Inc. in Taipei, Taiwan. This city is also the HQ for Cyberlink. Digital United is one of the largest ISP's in that country and was formerly known as SeedNet. It is owned by The Ministry of Economic, Institute for Information Industry (Taiwan). The government of Taiwan apparently has access to our data.

IT KNOWS WHAT YOU WATCHED....AND WHEN!
ALL "Movie Info Features" are turned OFF. When we hit the "Stop" button with our test movies, the application presented details about that movie in the "Media Library" window. This also triggers several internet connections. So even with everything unchecked, the application is transmitting data about our movies. It then serves up its best guess of the movies details in the application window. It knows what we are watching, and when.



Hurricane Electric IP 72.52.84.204 connects your PC to these:




Google IP 74.125.224.233 connects your PC to these:




Digital United IP 203.73.25.241 in Taipei, Taiwan:
See below report, possibly sending logs.




There are several IP's that PDVD13 connects to. I used these links to collect IP data. I am truly a technical novice so all this took me quite a bit of time.
http://ip-lookup.net/
http://urlquery.net/index.php


This message was edited 1 time. Last update was at Oct 28. 2013 12:06

Korrigan
Senior Member Joined: Oct 06, 2010 04:57 Messages: 221 Offline
[Post New] Oct 28, 2013 13:12
This post is a good display of someone trying to talk about something he doesn't have the start of a clue about.

If you're really that paranoid, a suggestion... just stop any outgoing connection from PDVD on your firewall. Problem solved. My collection: http://www.blu-ray.com/community/collection.php?u=194008&action=showcategory&category=1&categoryid=7
Luis Michel [Avatar]
Newbie Joined: Oct 11, 2013 13:45 Messages: 8 Offline
[Post New] Oct 29, 2013 06:46
Media Info:
Google - Mountain View, CA (IP 74.125.224.233 through Port 80)
Hurricane Electric (ISP) - Fremont, CA (IP 72.52.84.204 through Port 80)
Digital United, Inc. (ISP) - Taipei, Taiwan (IP 203.73.25.241 through Port 80)
Amazon Technologies - Seattle, WA (IP 54.230.87.209 encrypted through Port 443)
Check for updates
Akamai Technologies, Inc. - Cambridge, MA (IP 23.42.82.110 through Port 80)

What is the issue, the product is inteeded to do that.

OFF - Allow connection when cert is invalid
OFF - Device Tab


Do you know that this has nothing to do with you "privacy report", right?

Rather than a "OMG my privacy issue", this is a bug, since you disabled movie info and the software still get movie info, ignoring the options.

So, as Korrigan said, if that bug bothers you, just disable outgoing connections from PowerDVD on your firewall.
BJ1200 [Avatar]
Newbie Joined: Feb 10, 2012 13:31 Messages: 28 Offline
[Post New] Oct 29, 2013 22:37
It's unclear why responders avoid explaining what personal data on our PC's is being transmitted, or to whom, or show zero concern about it. The thread is the results of my TEST, not listed anywhere as a REPORT, to help those interested in protecting of our children, their PRIVACY, and that of our families.

I have two daughters with several cell videos and other data stored on our server. At my age, there's a certain level of trust and expectations when using a product as intended. However, had I not tested v13, I wouldn't have known about the constant movement of OUR data or taken steps to stop it.

The personal attacks show a lack of appreciation for the several hours I spent trying to figure this out.....or the sharing of those results. For those of you that do "Get It", I'm glad I could help.
Korrigan
Senior Member Joined: Oct 06, 2010 04:57 Messages: 221 Offline
[Post New] Oct 30, 2013 12:28
You missed the point made... none of those connection are threatening your precious privacy, it's only to recover movie info. They don't upload your daughter's precious videos to the net, they just ask for info. Nothing more.

And you missed the solution given too... just disallow any outgoing connection for PDVD in your windows firewall, if it really bothers you that much.

My first comment was just emphasizing the fact that you make a mountain out of a molehill. You actually gave more privacy info here by telling that your daughters have cell videos and other data than what PDVD transmits to the search engines. It doesn't invade your privacy more than when you search "Harry Potter" on Google. My collection: http://www.blu-ray.com/community/collection.php?u=194008&action=showcategory&category=1&categoryid=7
PJay [Avatar]
Member Joined: Jun 09, 2009 13:53 Messages: 109 Offline
[Post New] Oct 31, 2013 07:47
It only transfers under 1KB for me with this IP: 203.73.25.241
What exactly did you do during the test?

I think iOS/Android have the worst privacy

This message was edited 1 time. Last update was at Oct 31. 2013 07:49

BJ1200 [Avatar]
Newbie Joined: Feb 10, 2012 13:31 Messages: 28 Offline
[Post New] Oct 31, 2013 17:41
Quote: What exactly did you do during the test?

We just started and stopped movies on a new install of PDVD13. It's obviously small bits of data, like metadata in movie files. An IT friend of mined looked into this a bit and stated "A quick glance suggests there's possibly some sort of revenue stream here....". He didn't have time to install the app, inspect registry entries, create log files and so on. During install you are prompted with two privacy agreements. One for the application, and another one for MovieLive.

ML privacy agreement states they cater to their "3rd party advertisers" and use our IP to collect statistics, the movies watched via PowerDVD, to gather broad demographic information...". This is probably why PDVD13 is connecting our installed application to the ad servers listed above. Although Cyberlink states they don't sell our information, most companies sell strategically placed ads...based on our information. This is industry standard practice, very common.

The person above who suggested this is nothing more than a "bug" should understand the ramifications and product development of applications. The Legal or Risk teams are to insure products don't jeopardize the organization. They typically demand a "brick wall" be in place until that customer agrees to Terms or Privacy Policy. This is why during install of virtually every application it closes down if you don't accept terms, game over.

If MovieLive is conducting business as usually inside PDVD13 regardless of terms acceptance, they have a major issue, not some bug. In my opinion, if there is no ML acceptance during install, this module of the application should never be installed in the first place.

This message was edited 1 time. Last update was at Oct 31. 2013 18:00

Powered by JForum 2.1.8 © JForum Team