Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Sunday, March 17, 2013

Registration Common with Free Software

One screen WinPatrol users will now see during install is a registration screen. Over the years many friends in the industry have wondered why I never asked for any kind of registration info. This year they convinced me why it was beneficial for both WinPatrol and its users. Aside from a handful of Emails most everyone seems to think it's a normal request. Even my most privacy conscious users aren't concerned because they realize you can always say you're Mickey Mouse and WinPatrol will continue to install.

regscreen

WinPatrol remains free as it always has. It's important for the future of WinPatrol to know how many users are installing  new versions. I can now tell if an install was successful and how soon after an announcement or promotion most installations occur. I have a better idea how many free versions are used versus PLUS memberships. Even with fake names or emails I can estimate the average number of installs by a single download.

When a user enters real information it provides even more value for everyone involved and there’s less risk than most forms you’ll ever fill in.. I've had access to plenty of Email addresses and personal info over many years and you won't find anyone complain about their data has been sold or misused. I consider all information a trust that I take seriously. 

When someone requires support it may be useful to know what version they last installed and especially if they recently undated. Registration look up will be an extra step for me but it can save an extra email exchange. While I've never had a reason in over15 years, what if some kind of bug or compatibility in a new version turns out to be harmful to your computer? A proper registration will allow me to notify users of a recall.

I won’t deny that registration also allows me the track down systems which are using WinPatrol PLUS illegally. It really isn't the reason behind the registration but it has already encouraged some long time fans to become legit lifetime PLUS members. If I really wanted to stop all illegal users I could, but it would also be a full time job. I’d rather spend my time making improvements to the software.

The benefits of the registration has already helped. The information available on my web stats does not provide accurate count of how many computers use WinPatrol.  Instead of knowing how many downloads we had, I can now know how many machines are protected.  I also never had an accurate count of downloads from alternate websites like CNET, PC World,  MajorGeeks.com, FileHippo.com and dozens of others, many in non-English speaking regions. Some times people download WinPatrol but forget to install it. I’ve even had phone calls from people who don’t remember upgrading to PLUS and wonder who I am and how I got their credit card. Many installed and/or upgraded to WinPatrol PLUS in the middle of the night when they were intoxicated or half-asleep. Having a data trail helps everyone.

I received two Emails from folks who said they no longer planned on using WinPatrol. This makes me sad even if they never planned on upgrading to PLUS. I create this post to address their concerns. I would never want anyone to think I’d sell their information or not keep it secure. I am pleased to report that our new version has still been successfully installed on over 24,000 machines.

Share on Facebook


Tuesday, March 05, 2013

Hackers Steal WinPatrol Data Already Available

What was first thought to be a problem in last week’s Windows Update turned out to be a targeted hacker attack of WinPatrol data files.
The timing of the attack(Tuesday, Feb 26th at 17:44 PM EST)coincided with a new Windows Update. Many who experienced unusual behavior from WinPatrol had also just updated Java and/or Adobe Flash so they were also included in the list of usual suspects.

While the hackers may have been looking for user passwords, Email addresses or credit card numbers they were able to steal statistical data describing which programs remain popular or unpopular on Windows machines. The data is collected when a WinPatrol user decides to keep or remove a program which has been detected in a critical system location. 

The following is an example of data collected by WinPatrol based on decisions made when a particular file, “Adobe PDF Helper” is added to the list of programs loaded with Internet Explorer. The first number represents requests by WinPatrol PLUS members asking “What the heck is this file?”. The 2nd indicates users clicking “Yes, I’ll keep this” when notified the file was added. The 3rd larger number represents how many times WinPatrol users rejected this file and did not want it loaded when they browsed the Internet.  The remaining numbers result from an optional survey doesn’t appear to be a popular since it requires participation.
acroexampleThe goal of this statistical data is to help WinPatrol PLUS member make decisions on if they want to keep a program which in some cases may slow their system down. While this example is from an IE Helper or Brower Helper Object most data relates to programs which are set to always run after the computer starts.

This data is valuable as a whole but is just one feature available by upgrading to WinPatrol PLUS for only $29.95.  While the hackers didn’t find any valuable payload, they did cause the software to crash any time a change occurred worth sharing. While BillP Studios worked long hours providing an immediate solution to those who reported problems we carefully evaluated each report to confirm a permanent solution would be found. Today a new version, WinPatrol 27.0.2013 is now available.

Like many small companies BillP Studios uses 3rd party companies like PayPal who specialize in eCommerce. Even when credit card numbers are included, BillP Studios securely deletes personal data after 30 days. We are required to save some information for the IRS and reports of foreign sales. These files do not include individual data and are stored on a system not connected to the network.

We were prepared for this kind of attack and except for individual software failures our preparation worked.  At no time were any Email addresses, personal addresses or credit name numbers stolen or even at risk. It was still a wake up call and should be for anyone running a small business.

The new WinPatrol 27.0.2013 includes a few new features that were previously in the plans but I also trained  Scotty to behave even more gracefully in case of failure. Future development will continue this trend so in the case of a crash no other programs will be affected.

One long requested feature will come in handy if we have any problems in the future. While I’m not a fan of auto updating software WinPatrol users will now be notified when new versions are released.

upgradenewversion

For more information on the new WinPatrol go to
http://www.winpatrol.com/upgrade.html

 

I’d especially like to thank everyone for their patience and to many who took the time to include screen shots and details with their Emails to support@WinPatrol.com.  This information was critical in keeping me from being distracted by unlikely causes and helped me track down the root of this problem.

Share on Facebook