Privacy Concerns Are Legitimate
Privacy is a big topic these days for many people but for gun collectors it has been a concern for decades if not centuries. When I first started developing gun collector software over 20 years ago there was a fear that my software would somehow release gun owner information to government agents.
In fact, many people were suspicious of my intentions. In those days some people thought my software could be used to upload gun collection data to the ATF without them knowing it. I agree that was possible back then and is even more possible today.
Also, even though the software I write does not intentionally share any of your information, it is built upon other software components that I did not write. Therefore, it is certainly possible that some of that pre-built software could have issues to be concerned about.
Finally, although not directly related to the software I write, I do depend on an ecommerce site to deliver my software over the internet. This ecommerce software does capture and track certain private information in or to make the site run smoother and process orders. I obviously do not have control over how that site manages your private information but it is pretty much standard these days and outlined in the Privacy Policy. This ecommerce site has no connection to my software nor does it have access to any information you enter into your copy of the software.
How to Verify?
I can assure you that the software I write does not violate your privacy but the old adage “Trust, but verify” is certainly appropriate here. There are certainly people more competent in this arena than I am but I do offer some ideas on how you might verify this yourself.
First, you should know, that I have to run the software through a very strict verification process in order for it to run on Macs. It is called the Apple Notarization process (https://appletoolbox.com/everything-you-need-to-know-about-app-notarization-in-macos-catalina/). An excerpt from the link above reads “In the most basic terms possible, app notarization is essentially a way for Apple to vet or check applications and software distributed outside of the App Store.” I deploy the same code that goes through this notarization process to Windows and Linux systems.
Nevertheless, there are ways that you can check it as well. Here are some ideas:
1. Run a virus check after you download the software and before you install or use it. There are many tools out there for this. I happen to use Norton tools.
2. Monitor apps that access the internet. This is a bit more complicated but, again, there are many ways to achieve this. One way to do this on Windows is in Settings -> Network & Internet > “Data usage”. (more details can be found here: https://www.howtogeek.com/224170/how-to-monitor-your-network-usage-in-windows-10/)
3. Use a firewall to limit or block applications that access the internet. There are many firewalls available. Again, I happen to use Norton for that. Here is a nice description of how to do it using Windows Firewall: https://www.howtogeek.com/227093/how-to-block-an-application-from-accessing-the-internet-with-windows-firewall/
Questions? Suggestions?
I am not a cyber security expert but I will be happy to help in any way I can. Please feel free to post your questions to this blog.
Are you a cyber security expert? If so, please post your comments and/or suggestions for others to read.
Thanks!
Some might find it useful if a signed checksum of the software to verify the downloaded software is as intended is available as a separate file.