Sign in to follow this  
peppeddu

Spyware?

Recommended Posts

Paint.net v2.5 worked without a problem for quite some time.

The other day I've upgraded to Paint.net v2.6, during the installation I've opted out not to go online for anything (just like v2.5)

Paint.net v2.5 never tried to connect to the 'net,

however I just found out that when I start Paint.net v2.6 it tries 5 times (first PaintDotNet.exe, then WIAPROXY32.EXE) to connect to 202.232.140.20

Why?

Share this post


Link to post
Share on other sites

No, Paint.NET is not spyware.

We digitally sign our executables and DLL's, and some systems for some reason are configured to do extra verification of these signatures. This verification is done in-process and thus makes it appear as though Paint.NET is contacting other Internet sites. We did not sign our exe's and dll's in v2.5.

202.232.140.20 resolves to akamaitechnologies.com .

Or, you have other spyware on your system that is causing this by way of injecting threads into Paint.NET or WiaProxy32's process. The only network code in Paint.NET is related to our updates system, and it will only ever contact http://www.eecs.wsu.edu .

See my posts in this thread here, http://paintdotnet.12.forumer.com/viewtopic.php?t=1021 .

Share this post


Link to post
Share on other sites

If that's the case, I don't understand why other digitally signed software doesn't have this behaviour.

The EULA should also include the fact that Paint.NET may indeed try connect to the Internet.

Share this post


Link to post
Share on other sites

The update checker is something you can easily opt-out of during setup, or while the program is running.

And like I said, those other connections you are seeing are not Paint.NET. We sign the actual EXE's and DLL's that get installed to Program Files. Most applications just sign their setup packages that you download from their website.

Share this post


Link to post
Share on other sites

The update checker has always been disabled (it was never enabled).

I understand you explanation "those other connections are not Paint.NET" , but from my point of view the situation is:

- Paint.NET EULA doesn't say it connects to the 'NET without my approval.

- I install Paint.NET

- Paint.NET tries to connect to the 'Net without my approval.

The EULA needs to be updated to explain this behaviour, or remove the unauthorized 'Net connection functionality from the signed DLL.

Otherwise you may get a lot of complains from users like me who actually reads the EULA before installing anything.

Share this post


Link to post
Share on other sites

Let me reiterate: Paint.NET does not connect to the Internet if you disable the update checking. The signature verification is being done by other software or configuration settings on your system and is not something we enable. Please read the post that I linked to above for more details. This verification is done in-process and is thus attributed to Paint.NET by your firewall software.

I don't know how I can make this any clearer.

Share this post


Link to post
Share on other sites

I just happened to stumble upon this earlier. Hopefully this will put to rest all the spyware claims.

For all you that insist on NOT taking Rick's good word on the matter...

NoSpyware.png

Now stop worrying about Paint.NET and start having fun with it! :D

Share this post


Link to post
Share on other sites
let's not use them as a (anti-)spyware authority or reference.

You're right and I wasn't making them about to be... or at least didn't mean to. Perhaps I should have included in my above post that Softpedia is only claiming and promising that the Paint.NET application available for download off of their site will be clean.

Sorry.

Share this post


Link to post
Share on other sites

Oh, I wasn't trying to reprimand you, don't get that impression. I'm just trying to make sure that we not set a precedent by leaning on Softpedia's claim in order to verify that Paint.NET is indeed spyware free. (although, in this case they are correct: Paint.NET is not spyware, nor does it come bundled with any)

Share this post


Link to post
Share on other sites

I'm working with such stuff nearly every day (malware/spyware) and i can assure everyone that Paint.NET doesn't contain any kind of malicious software or such being attached to it. So stop buzzing and enjoy this excellent pieace of software :)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this