DivX plugin phoning home?
Wednesday, 22. February 2006, 16:48:48
DivX, Inc recently published a DivX browser plugin, called DivX Web Player.
After installing that plugin I noticed some strange requests when visiting a site embedding DivX files. Operas status bar showed that it tried to connect to "hints.netflame.cc". So I double checked in Firefox and Proxomitrons log window and found this:
So the plugin makes the browser connect to [url]http://hints.netflame.cc/service/hint?fceid=pluginlaunchwin&host=www.divx.com which sends a 1x1px gif.
netflame.cc is registered to
I couldn't figure out how that site is related to DivX, but all this doesn't look very trustworthy.
After installing that plugin I noticed some strange requests when visiting a site embedding DivX files. Operas status bar showed that it tried to connect to "hints.netflame.cc". So I double checked in Firefox and Proxomitrons log window and found this:
+++GET 17557+++ GET /service/hint?fceid=pluginlaunchwin&host=www.divx.com HTTP/1.1 Host: hints.netflame.cc User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9a1) Gecko/20051220 Firefox/1.6a1 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive +++RESP 17557+++ HTTP/1.1 200 OK Content-Type: image/gif Content-Length: 34 Expires: 0 Date: Wed, 22 Feb 2006 16:34:11 GMT Server: Apache Tomcat/4.1.30 (HTTP/1.1 Connector) FcHSHash: 1637308464 Cache-Control: private,no-cache,must-revalidate +++CLOSE 17557+++
So the plugin makes the browser connect to [url]http://hints.netflame.cc/service/hint?fceid=pluginlaunchwin&host=www.divx.com which sends a 1x1px gif.
netflame.cc is registered to
Digital River
Brian Eitrem ********@digitalriver.com)
9625 West 76th Street Suite 150
Eden Prairie, MN 55344
US
952-253-1234
I couldn't figure out how that site is related to DivX, but all this doesn't look very trustworthy.
WIDGETIZE
roy204 # 22. February 2006, 18:45
This is roy204 from DivX,Inc - main developper of the DivX Web Player.
This is just an anonymous ping to fireclick (a simple counter system owned by Digital River indeed) that we use to count how many time our plugin is used everyday.
It's not spying on anything as nothing is recorded at all. It's just a number being incremented. We will actually remove this ping in the future. For now it helps us see how this product is adopted and prioritize our next efforts.
DivX doesn't do spyware
Cheers.
larskl # 22. February 2006, 19:06
The license agreement, as usual, was written by lawyers for layers. No normal person would interpret these lines as the software pinging a rather dubious site (as it doesn't have any information about what it is doing).
Software should ask the user before phoning home in any way, even if it's just a ping. And the user should be able to disable that!
roy204 # 23. February 2006, 12:51
I agree with you that it should be off by default and possible to disable it. I will work on something like that for a future update. These are temporary. Thanks!
Vojvoda # 10. May 2006, 13:00
qicai02 # 13. June 2006, 18:47
BankiPolskie # 15. July 2006, 10:25
Medium # 16. October 2006, 22:58
AJordan # 17. January 2007, 14:16
Thanks.
Tcube # 27. September 2007, 07:40
"This is roy204 from DivX,Inc - main developper of the DivX Web Player."
... agree with you that it should be off by default and possible to disable it. I will work on something like that for a future update. These are temporary. Thanks!
By roy204, # 23. February 2006, 12:51:16"
yeah yeah .... still connecting a year later ... kiss my ass good old boy Roy.
TCube