Jump to content
lock

Firewall Rules

Recommended Posts

On 10/20/2018 at 2:37 AM, dcollins said:

...the article doesn't go extremely in-depth stating exactly what is happening on each connection, we also have to make sure we're not giving out information that can be used to hinder our product and potentially leave customers in a vulnerable state...

That is a common sense approach.

If some users are so paranoid about what you do, they simply should not be using the product. How anyone can install something on their PC yet then not have trust, is beyond me.

DON'T TRUST A PRODUCT = DO NOT INSTALL THE PRODUCT IN THE FIRST PLACE!

I trust Malwarebytes to do a good job to protect my PCs and in so doing fully realise they need data from my PCs to be able to do their job. That's why their product is installed on my PC. Being in the EU, I then have trust that the GDPR protects me further. Closing down comms for the product is pointless, it may even affect the product, if not today then tomorrow, and it's completely unreasonable to expect Malwarebytes or any other vendor to manage extreme paranoia.

 

Share this post


Link to post
Share on other sites

That is a valid point, because frankly, there are plenty of ways around monitoring utilities and firewalls (malware does it all the time) so when it comes down to it, you have to put some level of trust into the software you are willing to install as there is always the outside possibility of unknown/undocumented/undesirable behavior no matter what sort of software it is (just ask anyone who isn't willing to "upgrade" to Windows 10 due to the telemetry and Automatic Updates issues, including myself).  I trust Malwarebytes because I've used it for so long and have had such a longstanding, close relationship to it, the organization and the people behind it (though I trusted it long before I was ever employed by them, and in fact their high level of integrity and innovative detection/protection methods were the very reason I started hanging out here on the forums years ago and using their products so much to begin with; there's no way I'd spend so much of my time and energy trying to aid a company and a product that I didn't completely trust as that would be silly, if I wasn't confident in this company and this product I would have moved on a LONG time ago because devoting that much of my time and effort to a company that I have no stake in and no faith in would only be a waste of my time, not theirs).

Share this post


Link to post
Share on other sites

When the "support article"  says the the connection to " www.malwarebytes.com:443 " is " used to verify connectivity to the Malwarebytes servers " and  In reality the connection is to "telemetry.malwarebytes.com:443" and is used for telemetry...... the trust is dead.

 

Share this post


Link to post
Share on other sites

telemetry.malwarebytes.com:443 is NOT the same sub-domain as www.malwarebytes.com:443 and given the name of it, I would think its purpose would be pretty clear: it is for telemetry data.  The member of Support who wrote it already addressed this when you first brought it up and already said he would revise it to include it.

Frankly, virtually all of your posts since you first showed up have been negative in some way towards Malwarebytes, yet here you remain, constantly posting more of your arguments and statements about how "inadequate" and "untrustworthy" Malwarebytes is, so I have to wonder why you continue using the product and keep spending so much time and energy here on the official Malwarebytes Support forums if you have such a problem with this product and this organization.  I get that you do sometimes have valid questions and criticisms, and I don't want anyone to think that I or anyone else would discourage that kind of feedback, however anyone who views your posting history can clearly see that there is obviously some other agenda/motive behind the vast majority of your postings here given their nature and tone and how you constantly harp on the same exact thing no matter how many times it is answered by how many authoritative sources.

If you wish to continue using Malwarebytes, then great, please do so, however if you really don't trust them, then don't use their product.  I can't understand anyone being willing to spend so much time and energy on any product/company that they clearly take so many issues with.  If I were you I'd just move on already and find a product/security company that I did trust and find to be adequate according to my own standards rather than wasting so much time and energy harping on every perceived flaw that you can find about this one on their Support forums.

Obviously this is just my opinion, and you're going to do what you like, however I cannot understand at all why you continue to use Malwarebytes and remain here so much given how much you clearly dislike Malwarebytes.  It just makes absolutely no sense to me unless there is some other motivation that we are not aware of behind it all, however if there is some other motive, only you know what it is as I do not believe you've ever shared it on the forums if there is one, but I am curious for sure after so long and so many negative posts.

Share this post


Link to post
Share on other sites

Found this rather interesting article on ZDnet from a few years ago. I tend to mostly agree, I will admit I have only simple telemetry allowed for Windows 10 but for the most part I only install software I feel comfortable with and try to stay away from services and sites that feel dangerous or exploitative. 

I do not see the huge deal with telemetry, for the most part from what I understand the whole process is harmless.

 

Distrust of Telemetry

computer sig.jpg

Share this post


Link to post
Share on other sites

Correct, most software telemetry is quite harmless and is generally used for a valid (and quite anonymous) purpose to actually make their products better and to learn about the wants and needs of their users/customers.  However, the issue that some (including myself) take with what is called "Big Data" (i.e. mass-telemetry collected from multiple sources like that collected by the likes of Microsoft, Google and others from various services and software offerings) is that once it is collected and connected to a single source, which is rather trivial to do, it can then be used to determine much more about a person than that person might realize, including identify exactly who they are, where they live and more, even if no PII (Personally Identifiable Information) is collected, just through the aggregate and cross-referencing of various data collected, especially when things like social media and public postings/comments are included.  They can also use this data to determine much more than what the data itself reveals by using machine learning and data pattern analysis to make mathematical leaps of logic based on what they have collected from you and other users with similar use patterns, which can reveal things about a person that they never actually exposed directly online.  With the rate at which AI and similar technologies are being invested in and developed, it will not be long before this kind of mass data collection rivals straight up full blown government surveillance with regards to the potential risks it may pose to our privacy, exposing everything from our political leanings and beliefs, to our identities, genders, sexual orientations, tastes in everything you could imagine as well as purchasing habits and even make predictions within a high percentage of accuracy about our potential future actions, decisions and of course purchases (one of the things companies are most interested in, which is why they always want your info when you check out at many stores these days).

With that said, I know Malwarebytes, and I know that they are NOT interested in collecting that level of data about their users at all, and if that ever changed, I would no longer be here myself, period, and they know it.  I trust them because I know there are many like-minded individuals high-up in this company who feel very much the way I do about things like privacy, integrity and fair play, and that is why I've stuck around as long as I have.  However, I don't expect anyone to take my word for it, and if they do not trust this company, then there is likely nothing I could say to sway them and that's fine, everyone is entitled to their opinions and must do what they feel is right in protecting their own privacy.

Share this post


Link to post
Share on other sites
14 minutes ago, exile360 said:

telemetry.malwarebytes.com:443 is NOT the same sub-domain as www.malwarebytes.com:443

my firewall did not detect any attempt to connect to www.malwarebytes.com:443  , so my best guess is that the member of support tried to "substitute" telemetry.malwarebytes.com:443  with www.malwarebytes.com:443 for evident reasons.

 

18 minutes ago, exile360 said:

and already said he would revise it to include it.

The revision would take 1 minute, yet nothing changed.

I really do not understand why we need 3 pages on this forum , only to find out what /where /how Malwarebytes sends data from our PCs to outside world. 

Share this post


Link to post
Share on other sites

I think it does actually connect to www.malwarebytes.com to verify connectivity (I believe this is the initial check that occurs when it starts up and tries to check in with the update/licensing servers) and I'm guessing that's what he was referring to.

As for updating it, it takes much longer than 1 minute because every change he submits must go through a review and approval process to make certain it is accurate and acceptable; he's not the one in charge with the final say with regards to public facing official documentation, he's just the one writing it up, just like Developers have to have their code reviewed by their managers prior to submission into the final release build of the product.

I believe he also said he was going on vacation so it could be a while before the update happens, but we will remind him upon his return (I will if you don't) and I'm certain he'll take care of it.

Share this post


Link to post
Share on other sites
24 minutes ago, exile360 said:

telemetry.malwarebytes.com:443 is NOT the same sub-domain as www.malwarebytes.com:443 and given the name of it, I would think its purpose would be pretty clear: it is for telemetry data.  The member of Support who wrote it already addressed this when you first brought it up and already said he would revise it to include it.

Frankly, virtually all of your posts since you first showed up have been negative in some way towards Malwarebytes, yet here you remain, constantly posting more of your arguments and statements about how "inadequate" and "untrustworthy" Malwarebytes is, so I have to wonder why you continue using the product and keep spending so much time and energy here on the official Malwarebytes Support forums if you have such a problem with this product and this organization.  I get that you do sometimes have valid questions and criticisms, and I don't want anyone to think that I or anyone else would discourage that kind of feedback, however anyone who views your posting history can clearly see that there is obviously some other agenda/motive behind the vast majority of your postings here given their nature and tone and how you constantly harp on the same exact thing no matter how many times it is answered by how many authoritative sources.

If you wish to continue using Malwarebytes, then great, please do so, however if you really don't trust them, then don't use their product.  I can't understand anyone being willing to spend so much time and energy on any product/company that they clearly take so many issues with.  If I were you I'd just move on already and find a product/security company that I did trust and find to be adequate according to my own standards rather than wasting so much time and energy harping on every perceived flaw that you can find about this one on their Support forums.

Obviously this is just my opinion, and you're going to do what you like, however I cannot understand at all why you continue to use Malwarebytes and remain here so much given how much you clearly dislike Malwarebytes.  It just makes absolutely no sense to me unless there is some other motivation that we are not aware of behind it all, however if there is some other motive, only you know what it is as I do not believe you've ever shared it on the forums if there is one, but I am curious for sure after so long and so many negative posts.

???

It's called trolling.

I accept that people have concerns or questions and that's what a forum is for, to be able to aks questions, but the complete lack of trust displayed by Lock and his/her final words that "the trust is dead", well, that's the end of that, they won't be using the product any longer and won't be commenting here further. But if they do, when would they do so since " the trust is dead"?

I do understand the genuine concerns that people have following the Snowden and other revelations, but if someone is so concerned, or has such cnfidential data to hide from third parties,  then they shouldn't even be using Windows or Mac in the first place, possibly not even Linux!  I'm not suggesting that MWB has been compromised, just that we can never know when it comes to any commercial sofware.

Share this post


Link to post
Share on other sites
10 minutes ago, exile360 said:

As for updating it, it takes much longer than 1 minute because every change he submits must go through a review and approval process to make certain it is accurate and acceptable

If the process to make sure is accurate and acceptable is so laborious, how come NOBODY involved in this process noticed the missing hot potato, "telemetry"

exile360, you seem a nice knowledgeable guy, but statements like this just add insult to injury...

Share this post


Link to post
Share on other sites
14 minutes ago, lock said:

I really do not understand why we need 3 pages on this forum , only to find out what /where /how Malwarebytes sends data from our PCs to outside world.

A little bit of self reflection might give an answer.

I think your intentions are honourable, but you if really untrust MWB to this extent, if I were you, I would not be using it. Instead, asking more and more questions and sucking up support and mod time and resources from dealing with more urgent queries is really, IMO, quite selfish. If you have a higher level of need or suspicion, remove MWB and go and install Comodo, configure it to completely lock down your PC, so much so that it can't even fart without your permission, and you'll be much happier. Bye.

Share this post


Link to post
Share on other sites
4 minutes ago, lock said:

If the process to make sure is accurate and acceptable is so laborious, how come NOBODY involved in this process noticed the missing hot potato, "telemetry"

It's not a hot potato at all, if it were then they would literally be in hot water with the California legal system as well as GDPR, both of whose policies they are in full compliance with.

OK, let me give you a theory.  Let us suppose you are correct, and the connection referenced as "www.malwarebytes.com" is in fact to "telemetry.malwarebytes.com", then let us suppose that his initial statement in the documentation was accurate, that it is a checkin to verify connectivity.  If that's true, would it not make sense, from a telemetry and connectivity verification perspective, to have every machine checkin with the telemetry server to count the total number of systems where Malwarebytes is installed?  As long as no PII or usage stats are sent (since, as you mentioned, you have that option disabled), it would not be a violation of that policy to assign a unique, anonymous identifier to each installation/machine and have it checkin with the telemetry server every time it goes online/starts up to both count the total number of Malwarebytes users/installations as well as verify connectivity so this would make a lot of sense, wouldn't it?

Give it some thought.  This is just my hypothesis, but I bet I'm not far off from the truth.  I guess we'll just have to wait and see when dcollins returns, but I suspect we might hear a familiar sounding explanation when he does.

Share this post


Link to post
Share on other sites
On 10/8/2018 at 7:23 AM, lock said:

What about :

C:\Program Files\Malwarebytes\Anti-malware\Mbam.exe

 

TCP 443 to    www.malwarebytes.com

I missed telemetry and used www because you listed www as the subdomain in question in the quoted post above. I have submitted an article revision to include telemetry and hubble that i originally missed, but I'm on vacation and the articles need to be reviewed and then approved by our support knowledge team.

Share this post


Link to post
Share on other sites
48 minutes ago, exile360 said:

However, the issue that some (including myself) take with what is called "Big Data" (i.e. mass-telemetry collected from multiple sources like that collected by the likes of Microsoft, Google and others from various services and software offerings) is that once it is collected and connected to a single source, which is rather trivial to do, it can then be used to determine much more about a person than that person might realize, including identify exactly who they are, where they live and more, even if no PII (Personally Identifiable Information) is collected, just through the aggregate and cross-referencing of various data collected, especially when things like social media and public postings/comments are included.  They can also use this data to determine much more than what the data itself reveals by using machine learning and data pattern analysis to make mathematical leaps of logic based on what they have collected from you and other users with similar use patterns, which can reveal things about a person that they never actually exposed directly online.  With the rate at which AI and similar technologies are being invested in and developed, it will not be long before this kind of mass data collection rivals straight up full blown government surveillance with regards to the potential risks it may pose to our privacy, exposing everything from our political leanings and beliefs, to our identities, genders, sexual orientations, tastes in everything you could imagine as well as purchasing habits and even make predictions within a high percentage of accuracy about our potential future actions, decisions and of course purchases (one of the things companies are most interested in, which is why they always want your info when you check out at many stores these days).

One thing I will say on this is the following, the big data you are talking about has nothing to do with what the likes of Malware Bytes collects. Big data vendors may try to use multiple sources and dredge up more and more data to develop an all encompassing picture of a unique user. These data sets are then shared among certain related companies and they manage to know your wife is pregnant before she does and know your favorite ice cream flavor, etc.

These things however are not the fault of software telemetry, not even Microsoft's or Google's software telemetry, those things are tiny data blips amid the noise that the big data companies are sorting and collating that makes their predictions so accurate. Most of the problem data is coming from cookies, social media posts, store loyalty cards, news letters, web searches and public records like home purchases or tax rolls. 

Software telemetry seems like an insignificant fish in a sea of blue fin tuna and giant marlin.

computer sig.jpg

Share this post


Link to post
Share on other sites
3 hours ago, kliebor said:

One thing I will say on this is the following, the big data you are talking about has nothing to do with what the likes of Malware Bytes collects. Big data vendors may try to use multiple sources and dredge up more and more data to develop an all encompassing picture of a unique user. These data sets are then shared among certain related companies and they manage to know your wife is pregnant before she does and know your favorite ice cream flavor, etc.

These things however are not the fault of software telemetry, not even Microsoft's or Google's software telemetry, those things are tiny data blips amid the noise that the big data companies are sorting and collating that makes their predictions so accurate. Most of the problem data is coming from cookies, social media posts, store loyalty cards, news letters, web searches and public records like home purchases or tax rolls. 

Software telemetry seems like an insignificant fish in a sea of blue fin tuna and giant marlin.

Yes, you are 100% correct, and no, Malwarebytes isn't collecting anywhere near that level of data/info, nor would they desire to (it would be creepy and ethically wrong in their eyes; I know as a former high level employee within the organization who helped shape the product and many of their other offerings for many years).

3 hours ago, dcollins said:

Please note, this thread is about Malwarebytes firewall requirements, not data collection. If you have questions about our data collection, you can read our Privacy Policy at https://www.malwarebytes.com/privacy or email privacy@malwarebytes.com

Yep, sorry we got a bit off track.  I was just trying to make it clear that regardless of the URL it may be connecting to, that it is not violating any of the policies/practices/standards or laws that Malwarebytes is subject to and have created for themselves, including what's in that policy as well as GDPR and the California codes/laws regarding privacy and data collection, which are pretty much the two strictest regions on Earth when it comes to protecting consumer and individual privacy.

Share this post


Link to post
Share on other sites
22 hours ago, dcollins said:

Please note, this thread is about Malwarebytes firewall requirements, not data collection. If you have questions about our data collection, you can read our Privacy Policy at https://www.malwarebytes.com/privacy or email privacy@malwarebytes.com

That's an extremely transparent data collection / privacy  statement, well done guys.

Thanks to the EU GDPR regulations it's great to see this high level of transparency which benefits everyone worldwide not just those in the EU. I'm not sure how similar or different it is to the California one, but it's all many steps in the right direction. I won't continue and risk going off-topic, just here to say good work guys.

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.