I wanted to post this post for information , distribution and the receiving of.
Recently (both matching the date of install) I noticed a hitchhiker on my system. It seems PACE Anti-Piracy Software http://www.paceap.com/ popped up very conveniently whilst installing a Unity 2.~ something trial.
I was never asked specifically if I agreed to that, or wanted to just plain say no. Maybe it’s hidden in the 9 million legal pages I don’t know and frankly don’t care. I’m quite unhappy with this quite hard to uninstall kernel level hitchhiker and wanted to post this thread just to inform people that it will come along if you choose to install “aforementioned” trial.
Reason motivation or my opinion aside, asking for something is proper manors for users.
More information here so you can formulate your own opinion and decision:
Well whatever you want to say or think about it , I find it a disturbing situation and will keep looking for clarification. So far I’m not happy about it.
You can say plain simply no, in that case unity will just plain simply say no to you too, to the install and the activation and it has been for a long time and never was a problem.
Pace is unity licensing system, either you install it with unity or you don’t use unity. Trivial as it is, if you don’t like it you will just not use unity at all
Actually, as i understand, we don’t use that “kernel level hitchhiker” that is described in links you posted. I mean, yes, we use PACE, but not in “install-at-kernel-level” mode.
It’s not just a part of unity, other software has the same thing.
And how can you say no if you aren’t asked? It’s the prinicipal that bothers me. And don’t tell me you read all your license agreements in full.
can you further argument and explain this ? Or would you prefer to keep the statement as it is.
Also I may need to tell you that was a quote, it’s something I found floating around and I’d like to hear and read about views on it from all sides. If it’s total BS , then it is. But it’s no detail if it is true.
Total bullshit: potentially, hard to say.
But I can tell you that none of my security softwares and rootkit surveilance tools has brought up a single warning or information bubble on it, as such I’m with alexey on this, it does not deep root itself. (there are other factors that clearly indicate this too which are rather unpleasant for UT I guess ;))
If I understand correctly then you say your detection methods do not detect anything malicious?
Is lack of detection a good argument here? In my eyes it kinda is in between the line of Good Program/Bad Program if it’s not detected. So what I’d hope to understand with this question is: " What is the worst and best case scenario for a program that behaves on the level of rooting that you just described? (Surface level)"
Ok, to add to discussion - i had once bug with unity activation - in the process of resolving i was able to completely remove PACE from my system without much hassle. So i think it should be qualified as additional licensing software - FAR from rootkit or something
Given that my software detects even rootkits and give that I’m not using Norton or mcaffee trash that only serves as false detection, it is a clear indication that nothing too fishy is going on.
Especially as such malicious stuff has quite a bit more work on my end as DEP protects os stuff while VT support is disabled (so no stealth rooties at all)
But I’m naturally aware that mathematically speaking, the absence of something does not proof anything.
But it gives an indication on the state as it hasn’t shown anything for over 2 years, neither on windows nor on osx and sophos is rather brutal at finding bullshit and so is Nod32
We can naturally continue doing the paranoia game here, but if you want to be paranoid about software, your only protection is pulling out the LAN cable and destroying your router, right away.
Anything else would be inacceptable if you don’t want to see the bad in any software you touch as its 2010 and there is more data collected on the anonymous you than ever before, which to me personally is 100 times worse than what pace could do at all
Well paranoia might be a to strong word here, I’d say it’s just healthy questioning.
What about DLL hooking then? Can you detect that aswell with your setup?
Thanks for all the replies. I’ll continue looking around and look for more info on the topic. If I find something more I’ll be sure to post a link here to it of the findings on it’s own.
i reiterate - we use PACE in “do-not-touch-kernel” mode. I can’t say anything for other products. And once again - removing it was easier then some other software. Even more - leaving something related to licensing is considered ok nowadays (ask pirates why) - especially since it DO NOT touch your system (apart from leaving traces in user folder - but it is recommended place to leave temp files/configs etc).
About dll hooking (or injection) - i can assure i can write app that doing just that and IS normal software that goes unnoticed by antivir. As pointed out already - the best defence is turn off your computer or stop being paranoid
And yes that is a very valid argument, those are placed in folders for that purpose and are easily found.
The best defense is not being a target , not even a random one. Paranoia is weakness, not a tool or defensive measure what-so-ever. All the effects it has are highly circumstancial and prone to error.
