Eraser accessing the web?!

Burlax

New Member
Hi!

I just switched to Win 7 64bit and with that to Eraser 6.0.6. I'll update to the current version after this post. Besides the few issues about the new 6 series discussed here I was quite shocked to notice that Eraser did some Internet requests when I wanted it to erase a file or directory for the first few times. At first I thought it was some kind of update check, so I had a look at the options to get rid of it since I don't fancy automatic updates anyway. But there is no such option.

Now I had a closer look at those online activities and found that it's contacting either of two IPs -- 213.222.193.191 or 213.222.201.178 which both seem to belong to some certification service.

What does Eraser have to do with these sites? Why is it not asking permission before going online? That's definitely not the behaviour I expect from a privacy enhancing tool and no version 5 ever did that.

Regards, Chris.
 

DavidHB

Active Member
Strictly speaking, it's not Eraser doing the connecting, but Windows. The root certificates of the Eraser plugins are being authenticated by Windows. It's to make sure that rogue plugins are not added to Eraser, not something any of us would want. For more information, see this thread.

David
 

Burlax

New Member
Thanks for the info and sorry for the doubly asked question. I tried the search before posting but obviously with the wrong keywords.

This whole "I want to talk to some 3rd party server"-issue kind of adds to my dislike of the new 6 series though :-/
 

Joel

Active Member
It's not us, it's Windows. In any case, it's for your security, since Eraser does plugins and you don't want a malicious plugin to load. The connecting to the internet verifies that the certificate attached to a plugin is valid.
 

DavidHB

Active Member
Burlax said:
Thanks for the info and sorry for the doubly asked question. I tried the search before posting but obviously with the wrong keywords.
No problem. I think you'd have to know your way around to discover the thread; I searched on 'certificates', which I don't suppose would have been your first thought.

Burlax said:
This whole "I want to talk to some 3rd party server"-issue kind of adds to my dislike of the new 6 series though :-/
I understand the irritation, but respectfully suggest that it is misdirected. As Joel says, Eraser has to live in the Windows ecosystem, and live with whatever security constraints Windows imposes. Anyone who has followed the Windows Genuine Advantage (!) saga over the years will know of the increasing propensity of the OS to call home as a means of enforcing compliance. That is what is happening in this case, and the circumstances of the case are in fact more user-friendly than they are in the case of WGA. Root certificates are part of the Windows security model, and it is Windows that is imposing that model and Windows that is dialling home, not Eraser. Did the new Eraser have to conform to the model, when the old one didn't? Yes, it did; that was one of the major reasons for writing it in the first place. It was, I am sure, only a matter of time before Eraser 5 became totally unusable with the newer versions of the OS.

David
 
Top