Author Topic: [TO DO] ReCrypt Privacy Policy  (Read 1813 times)

HJLBX

  • Active Testers
  • Sr. Member
  • *****
  • Posts: 496
[TO DO] ReCrypt Privacy Policy
« on: April 10, 2016, 06:38:59 am »
This is as good a time to mention this as any...

ReCrypt should develop a privacy policy and link it to forum and perhaps even in the installer.  Quite honestly, I didn't review the EULA - so if it is all in there, then I apologize.

Since I actively participate on some security forums, I can tell you with absolute certainty that the fact that ReCrypt is a Russia-based company, there are those that will bring up user privacy.

The issue of ReHIPS connecting to a server has already been brought up at MalwareTips.


User asked what data you collect, how you collect it, and why.

"Why ReHIPS connect to Russian server ?  Why need RulesPack ?  Russian server unsafe.  FSB makes Russian software firm plant backdoors !"

My reply was "It's a well thought-out feature designed to prevent ReHIPS from smashing your system upon installation dumb-ass.  You don't know what you're talking about."

Unfortunately, you will have to face such nonsense.


* * * * *

Adguard, for example, has been slammed by The Guardian. 

Russian-based firm, FSB, Vladimir Putin, Eugene Kaspersky... blah, blah, blah, blah, blah, blah.  By extension it applies to all Russian IT security firms. 

It's ridiculous.

Best way to minimize it is to be transparent about ReCrypt data collection - if any.
« Last Edit: April 10, 2016, 03:08:13 pm by HJLBX »

Umbra

  • Active Testers
  • Hero Member
  • *****
  • Posts: 604
  • Beta tester
Re: ReCrypt Privacy Policy
« Reply #1 on: April 10, 2016, 07:24:43 am »
Russian & Chinese softs are quite targeted lately; a well made transparent Privacy Policy will be required.

I admit , first time i heard about ReHIPS , i made some investigations to be sure it wasn't a rogue software  :P

HJLBX

  • Active Testers
  • Sr. Member
  • *****
  • Posts: 496
Re: ReCrypt Privacy Policy
« Reply #2 on: April 10, 2016, 07:26:19 am »
Russian & Chinese softs are quite targeted lately; a well made transparent Privacy Policy will be required.

I admit , first time i heard about ReHIPS , i made some investigations to be sure it wasn't a rogue software  :P

LOL... I asked Umbra about it myself.   ;D

But now users know I am beta testing ReHIPS and I'm starting to get ridiculously stupid PMs.

fixer

  • Administrator
  • Hero Member
  • *****
  • Posts: 1520
Re: ReCrypt Privacy Policy
« Reply #3 on: April 10, 2016, 10:36:47 am »
Official privacy policy is a good idea, thanks for suggestion.
I checked with other devs and as core developer and whole project architect will full responsibility state that ReHIPS doesn't make any outside connections. From the beginning it was designed as a completely offline and standalone solution without any outside connections, without any telemetry and without any data gathering. It has a thin client architecture, the GUI connects to the Service. In earlier versions this was based on pipes, from this version we moved to sockets. But sockets are open for local connection only. There are two features that may require external connection: online version update (you can't do it without online connection, but it hasn't been implemented yet and it'll be only with user's consent) and remote connection for ReHIPS centralized management (for corporate domain edition only, must also be enabled in options, so no worries about home version).
« Last Edit: April 10, 2016, 11:20:00 am by fixer »

HJLBX

  • Active Testers
  • Sr. Member
  • *****
  • Posts: 496
Re: ReCrypt Privacy Policy
« Reply #4 on: April 10, 2016, 11:02:23 am »
Official privacy policy is a good idea, thanks for suggestion.
I checked with other devs and as core developer and whole project architect will full responsibility state that ReHIPS doesn't make any outside connections. From the beginning it was designed as a completely offline and standalone solution without any outside connections, without any telemetry and without any data gathering. It has a thin client architecture, the GUI connects to the service. In earlier versions this was based on pipes, from this version we moved to sockets. But sockets are open for local connection only. There are two features that may require external connection: online version update (you can't do it without online connection, but it hasn't been implemented yet and it'll be only with user consent) and remote connection to ReHIPS centralized management (for corporate domain edition only, must also be enabled in options, so no worries about home version).

I checked it.  That's why I told the person "You don't know what you're talking about."