Announcement: Our new CyberLink Feedback Forum has arrived! Please transfer to our new forum to provide your feedback or to start a new discussion. The content on this CyberLink Community forum is now read only, but will continue to be available as a user resource. Thanks!
CyberLink Community Forum
where the experts meet | Advanced Search >
Forum Index » PowerDVD (previous versions)
  • Recent Topics
  • |
  • Register
  • |
  • Login
Privacy concerns in PowerDVD
MadManMarkAu [Avatar]
Newbie Joined: Jun 18, 2016 04:09 Messages: 3 Offline
[Post New] Jun 18, 2016 04:22
I tried to contact CyberLink directly over Twitter, but didn't get a response.

I have some concerns about information being sent to internet servers during the setup and running of PowerDVD.

According to the EULA, anonymous information is collected during setup and running of PowerDVD in order to improve the application. I have no issue with this per se, but I did notice the application collecting potentially personally identifiable information.

The app reports all my MAC addresses, system type, media drives, etc... All good. But then it also reports my computer name, domain name, and username, which can all be used to directly identify a particular person. The app also collects my Windows Security Identifier, the ID number Windows uses to identify a user. This means, if I change my username, computer name, etc... I am still identifiable with previous information collected.

The app also seems to send disc IDs for each movie I play. So, Cyberlink can now know who I am, and what I'm watching.

I don't particuarly like the idea of someone knowing if I'm watching adult entertainment on my computer, especially if they know exactly who I am.

Can someone at Cyberlink please contect me regarding these concerns?
stevek
Senior Contributor Location: Houston, Texas USA Joined: Jan 25, 2011 12:18 Messages: 4663 Offline
[Post New] Jun 18, 2016 17:35
Contact Cyberlink directly; this is a users Q&A forum. Use the tab above. .
.
BoilerPlate: To posters who ask for help -- it is nice to thank the volunteers who try to answer your questions !
Anything I post unless stated with a reference is my personal opinion.
zmarty [Avatar]
Newbie Joined: Sep 16, 2015 01:01 Messages: 8 Offline
[Post New] Jun 18, 2016 20:04
Regardless, this is very good information and it's good that it has been made public.
DellaDog [Avatar]
Newbie Joined: Nov 23, 2015 12:51 Messages: 21 Offline
[Post New] Jun 19, 2016 09:47
Quote: Regardless, this is very good information and it's good that it has been made public.




Agreed. Reason enough to NOT use PDVD till the snooping is removed.
stevek
Senior Contributor Location: Houston, Texas USA Joined: Jan 25, 2011 12:18 Messages: 4663 Offline
[Post New] Jun 19, 2016 10:57
Your choice. Before you buy something else, read the EULA for Windows, and other video editing and other programs. .
.
BoilerPlate: To posters who ask for help -- it is nice to thank the volunteers who try to answer your questions !
Anything I post unless stated with a reference is my personal opinion.
DellaDog [Avatar]
Newbie Joined: Nov 23, 2015 12:51 Messages: 21 Offline
[Post New] Jun 19, 2016 10:59
Butt out. I don't need a lecture from a fanboy.
stevek
Senior Contributor Location: Houston, Texas USA Joined: Jan 25, 2011 12:18 Messages: 4663 Offline
[Post New] Jun 19, 2016 11:07
Quote: Butt out. I don't need a lecture from a fanboy.


What lecture? Hit somethign close to home?

I'm finished with this thread. I was just pointing out the reality of today's internet - private or not. .
.
BoilerPlate: To posters who ask for help -- it is nice to thank the volunteers who try to answer your questions !
Anything I post unless stated with a reference is my personal opinion.
GrindheadJim
Newbie Location: CR, IA, USA, Earff Joined: Jun 03, 2016 21:33 Messages: 2 Offline
[Post New] Jun 28, 2016 10:46
You know, guys, if you're that worried about ANY program hitting the internet, you could block it in your firewall, or simply modify your host file to block the program(s) from even knowing the internet exists.

I think that the concern is a valid one, and I also agree that SteveK has a point - most of your major software publishers have some watchdog capability. If you avidly use Google or Facebook, you may want to look into that, too.

Notifying you of the existence of one surveillance type doesn't excuse the existence of another, and Steve sure as hell wasn't trying to justify Cyberlink here - he was trying to protect those of you that may be upset enough to move to other software.

In other words, relax, read up, and good luck. Regards,

-Jim

http://grindheadjim.com
BJ1200 [Avatar]
Newbie Joined: Feb 10, 2012 13:31 Messages: 28 Offline
[Post New] Jun 29, 2016 17:28
I ran extensive tests on PDVD14 and found data getting sent to several cities, 2 continents, various companies. That Nov. 2013 thread was removed after few months - "Privacy Test - Epic Fail (Data sent to 5 cities)". I now restrict access to the known parts that were/could moving data through the net (below).

PowerDVD.exe
PDVDLP.exe
CLMSMonitorService...exe
CSLMSServer...exeOLRSubmission.exe
OLRStateCheck.exe
Activate.exe
FiltHookUninstaller.exe
PSUtil.exe

Data Sources



I'll be upgrading to PDVD16 today and was curious about this thread. Thought I would chime in.
BJ12 [Avatar]
Newbie Location: Arizon USA Joined: Aug 11, 2011 13:40 Messages: 16 Offline
[Post New] Jun 29, 2016 21:37
If you want total privacy for PDVD16, here's the list of items to block from accessing the internet. The tools that operate the help menu is not included, so that still works. Also, if you download patches from the website the manual downloader is not in the below list, so that also works.

Also, if you use the app mostly as a basic movie viewer and would like to limit some features from loading, do the following:
Go to Program Files (86)>Cyberlink>PowerDVD16
Change PowerDVD16Agent.exe to NO_PowerDVD16Agent.exe. Do the same, create NO_PowerDVD16ML.exe

Go to Program Files (86)>Cyberlink>PowerDVD16>Movie
Change PowerDVDMovie.exe file name to NO_PowerDVDMovie

""""PDVD16"""

PowerDVD 16.0 above is actually file named PowerDVDMovie.exe
PowerDVD 16 is file named PowerDVDUtil.exe
PowerDVD 16 (with the icon logo) is PowerDVD.exe

This message was edited 3 times. Last update was at Jun 29. 2016 21:40

zmarty [Avatar]
Newbie Joined: Sep 16, 2015 01:01 Messages: 8 Offline
[Post New] Jun 30, 2016 00:33
Thank you so much, this is very useful.
MadManMarkAu [Avatar]
Newbie Joined: Jun 18, 2016 04:09 Messages: 3 Offline
[Post New] Jul 06, 2016 09:20
Just a quick update on this.

I am currently in discussion with CypberLink on the anonymity of the metrics they are collecting.

They've been very helpful so far, even going so far as to send me a personal reminder that my initial query had been answered. They seem to be really good guys over in the tech support department.

We're currently discussing whether the information collected by PowerDVD is truely anonymous, as per the EULA.

I'll keep this thread updated as thing happen.

Edit: formatting.

This message was edited 1 time. Last update was at Jul 06. 2016 09:20

BJ12 [Avatar]
Newbie Location: Arizon USA Joined: Aug 11, 2011 13:40 Messages: 16 Offline
[Post New] Jul 12, 2016 17:15
MadMan,

I did similar back in 2013, even tracking IP's of where the data was going down to the actual business entitiy, and exposing some of these busines arrangements in the forum. From the looks of things back then the data was possibly being sold. The thread was removed a few months later. My point back then was that even though you deactivate things liek MoovieLive, and I think there was even an opt out during install, the data was still flowing to 3rd parties. It was as if the deactivation was just for show. Good Luck and keep us posted.
MadManMarkAu [Avatar]
Newbie Joined: Jun 18, 2016 04:09 Messages: 3 Offline
[Post New] Jul 14, 2016 07:38
Update.

I just got a reply from CyberLinktelling me the computer/user/domain names in the signals were not supposed to be populated. Apparently they didn't realize they were still being filled in until I sent them logs.

I'm told they are working on an update to completely stop logging this info, and "An update version will be released in the near future."

In my opinion, removing the computer/user/domain name information from the reported data will satisfy the anonymity issue in the EULA. Without this information, I don't see a way for the collected metrics to be tied back to a real identity.

So, a great outcome so far. Mad props to CyberLink for listening.

I'm eager to see if the next version has this issue fixed.
zmarty [Avatar]
Newbie Joined: Sep 16, 2015 01:01 Messages: 8 Offline
[Post New] Jul 14, 2016 15:34
Thanks for the updates on this serious privacy issue.
My1 [Avatar]
Newbie Joined: Sep 19, 2016 05:15 Messages: 6 Offline
[Post New] Sep 19, 2016 06:04
Quote: Just a quick update on this.

I am currently in discussion with CypberLink on the anonymity of the metrics they are collecting.

They've been very helpful so far, even going so far as to send me a personal reminder that my initial query had been answered. They seem to be really good guys over in the tech support department.

We're currently discussing whether the information collected by PowerDVD is truely anonymous, as per the EULA.

I'll keep this thread updated as thing happen.

Edit: formatting.


well if they also colect IPs they could easily see from the activation IP and then put together the other logs it wouldnt be hard to even put the data down to the real life entity in case of a version bought here at cyberlink.



Update.

I just got a reply from CyberLinktelling me the
computer/user/domain names in the signals were not supposed to be
populated. Apparently they didn't realize they were still being filled
in until I sent them logs.

I'm told they are working on an update to completely stop logging
this info, and "An update version will be released in the near future."

In my opinion, removing the computer/user/domain name information
from the reported data will satisfy the anonymity issue in the EULA.
Without this information, I don't see a way for the collected metrics to
be tied back to a real identity.

So, a great outcome so far. Mad props to CyberLink for listening.

I'm eager to see if the next version has this issue fixed.



I hope they dont wait iuntil the next version but fix it on the patch level because with 100€ powerdvd is expensive enough to grant the user privacy.

but still if they also put out an activation identifier each time they send out their logs they can still keep you on track and even connect your real life entity if you bought from here.

but I dont know what they logs so I keep that part as a theory. they still should make it possible to normally disable logging although I will let glasswire keep an eye on PDVD and probably block it as soon as I activated it.

This message was edited 1 time. Last update was at Sep 19. 2016 06:06

Powered by JForum 2.1.8 © JForum Team