Can someone tell me why this program always calls home when you launch it? The reason I ask is that on all my computers, the program won't launch until the program "times out", or "gives up" trying to access the internet. It can't make it through my firewall, so it just hangs until it gives up, and then it finally launches.
I have Recuva options set to NOT check for updates, so I have no idea why it constantly has to seek out the Piriform website. Both CurrPorts and TCPView confirms Recuva trying to access (although, no Remote Address is given).
I have installed/uninstalled numerous versions of Recuva and all act the same. I have also run the program in "debug" mode and it also acts the same although it does launch a "check for updates error" window sooner than in non-debug mode.
Can someone explain why the program calls home, or how to disable it constantly checking for updates regardless of the option settings?
I love the program, but uhhhh... frustrating as all heck, as you might gather!
I allowed internet access to Recuva and monitored who exactly it calls. It calls Verisign. Looks like the "check for updates error" is not really said error but a guise in lieu of stating that contact to Verisign had been denied. In any case, after it talks to Verisign, the program runs as expected and no longer delays as it opens or attempts to call again. Since I can't find any new registry entries under any Recuva/Piriform keys, I suspect a change has happened somewhere else in the registry or elsewhere in the system.
Note that prior to allowing access, even a portable Recuva app run off a USB drive would cause the same delay and subsequent call. Once internet access had been allowed for the computer installed app (not for the USB app), the delay never happened again even when the app was run from the USB drive. I found this interesting. Yup, I would have to surmise that something definitely gets written to the system once Verisign has been contacted.
I hold a Tech badge on a well known self-help computer forum (under a different user name) and undisclosed internet contact by applications are generally viewed as not very nice (to put it nicely!). Not accusing Recuva of being underhanded, but nowhere in the EULA or Privacy statement is it stated that a 3rd party will be contacted when the app is first launched. The only mention of Verisign I see is their badge... unless I missed something somewhere. I am unsure of the exact relationship Piriform has with Verisign, but disclosing that contact would be made either with them, or through them, would have been nice to know... then, I wouldn't have spent all that time trying to figure out why I was getting that bogus check for updates error.
If I wanted to make it sound "nefarious" I would have used another word describing what I described "nicely". I've been using CCleaner since 2005 (or thereabouts) so I'm aware of the good people behind it. All I'm doing is reporting what I found. Please understand that security and privacy are pet peeves of mine and undisclosed contact with any website, server, etc gets my attention very quickly. Beyond that, the fact that I installed/reinstalled various versions of the Recuva application, numerous times, on several machines, all with the same result, threw me for a very long time before I even joined this forum and posted my inquiry.
hazelnut may be onto something with the cert. Still, I don't see any reason Verisign has to be contacted during an install... much less later, after installation is completed... it would be too late by then, correct? Many (many) apps on my desktop have never been allowed internet access and none of them have ever attempted to continually verify their cert during or after an install. A lot of them use Verisign so I don't know what's going on with Recuva. When I think about it, I don't know of a single app I use that has done this.
In any case, my major gripes are with non-disclosure of contact and the fact that a "check for updates error" was displayed rather than what was really going on... if in fact it was a "cert verification error", or something. People should be notified (via EULA maybe) so they know what to expect.
hazelnut... 22 days and no response from the devs?
I just installed Recuva on a brand new reload of an older T42 Thinkpad getting it ready for my friends daughter. Recuva did the same thing and tried to access the web and would always stall until I granted it. Now it loads fast.
Is Piriform monitoring/counting it's users? Looks that way to me. Of course without a response from the devs, what would you have me think? What information is being sent to Verisign? What information is being collected?
I love the apps, but nothing peeves me more than apps making undisclosed connections to the internet.
I use apps portably a lot, & I can't afford to have every app checking for a web connection.
* Although you can use a registry compare function to locate the registry key that gets added, or even via hunch to locate the settings, then export the key for re-entry before launching the app to ensure it doesn't repeat the action, I think that is far too much trouble.
Would be more better (Did I just say more better? ) if the apps simply did not connect at all.
Thanks for the support Super Fast. I was beginning to think someone was going to label me a troll soon.
I tried running the app as a portable but it didn't matter. The app won't run correctly until the "computer" it's been run on has reported to Verisign.
I run a lot of apps on my various computers and this is the only one that "breaks" if it doesn't call out. Very unsettling and not good practice.
The devs need to answer this inquiry as it's a possible privacy issue.
There's this in the docs for CCleaner, but not for Recuva. I'm sure that they share some code...
'When you try to run CCleaner, you see a warning dialog box from ZoneAlarm firewall.
ZoneAlarm is a common security program. It checks for suspicious program behavior and alerts you if an unknown program starts to ask for access to system files or the Internet.
If you run CCleaner for the first time when you have ZoneAlarm installed on your computer, you may see an alert from ZoneAlarm. You may also see an alert when CCleaner checks for an update. Click Allow in the alert to let CCleaner continue.
To avoid seeing any more alerts from ZoneAlarm about CCleaner, select Apply this setting to all suspicious behaviors exhibited by this application, and then click Allow.
Note: CCleaner contains no spyware or adware.'
I read that as CC attempting some connection to the internet on first start. Maybe Recuva does the same, and it's something we have to live with when using Piriform's products. Don't say why, I don't know.
P.S. The devs don't offer any support here. They may occasionally respond, but if you insist on support you have to pay for it.
I understand how ZA works.??I run it and it's the program that flagged Recuva.
If a user "unchecks" check for update in the program options, then Recuva should "not" check for an update and should not require internet access.??Don't you agree?
The problem is that regardless of how the options are set, Recuva attempts internet access directly after first being run.??The troublesome part is that Recuva is not actually contacting Piriform for an update, but rather Verisign for an undisclosed reason.??This in itself is very suspicious and leads me to think information is being collected.
Here is what I did...
1) I installed Recuva and launched it.??It remained broken (slow to load) until I allowed it internet access.??I traced it and it contacted Verisign.??After contacting Verisign, the program hence forth loads faster because it no longer attempts internet access.??Note that the options for updates were disabled.
2) I then allowed Recuva to check for an update and traced it.??Not surprisingly, it contacted the Piriform website.??It didn't contact Verisign like it did the first time.
Your remedy of allowing CCleaner or Recuva through a firewall simply to "avoid seeing any more alerts" is not a good answer to the problem that privacy issues may be present.
Your answer to "pay for it" is not good either to skirt this issue.
Whether the moderators here, or the devs want to hear it or not, if there is undisclosed information being collected from users, it's considered Spyware by many in the community.??
All Piriform needs to do is disclose what information may be collected (EULA), and then let people decide for themselves if they want to use the program and allow that collection.??
I realize I'm coming across strongly here.??But this is a privacy issue and Piriform should be concerned enough to address it.??After all, there's nothing to hide, right?
This forum is run by moderators who are users like yourself.
Piriform devs do read the posts and sometimes comment.
If you want to talk to Piriform directly about this because you feel unhappy about your issue then you would have to buy support which entitles you to direct contact with them.
Whether the moderators here, or the devs want to hear it or not, if there is undisclosed information being collected from users, it's considered Spyware by many in the community.
All Piriform needs to do is disclose what information may be collected (EULA), and then let people decide for themselves if they want to use the program and allow that collection.
I realize I'm coming across strongly here. But this is a privacy issue and Piriform should be concerned enough to address it. After all, there's nothing to hide, right?
If you think your privacy is being invaded via untrustworthy behavior that depends upon Verisign collecting your data,
perhaps you should refrain from any financial transactions that also involve Verisign authentication,
and also perhaps complain to Symantec which bought out Verisign.
You are either missing the entire issue or you can't understand it. Why do you believe in any way that financial transactions dealing with Verisign has anything to do with what the real issue is? Why even suggest I complain to Symantec? Do you even realize how silly that sounds? Whether it be Verisign, Google, Timbuctoo, or Venus ... it doesn't matter who Recuva is calling.
The issue is Recuva is calling out to an "undisclosed" entity without notification to it's users. Beyond that, if contact fails, not only is the program's operation hindered, but the error that is displayed to the user is a "Check for Updates" error, even when the update option is disabled. The mere fact that the displayed error is obviously a deception when Recuva cannot contact Verisign does not bode well with me.
In the future, try to keep the real issue in mind.