Added by bigstar,
We have brought this matter to everyones attention in a previous thread. We have nothing to hide.
http://forum.flashfxp.com/showthread...&threadid=2026
Original post below
Today i found this
so if this is really true i ain't wanna buy it anymore.
WARNING FLASH FXP 2.0.900 IS A TROJAN
And all previous build before and most likely all to come. I implore every use of this software to be weary and on guard! I would have a good firewall with a drop all, allow exception rule set, ethereal, windump/[tcpdump on *nix], and a pcap lib, or use sniffer, and get ready to watch this thing with hawk eyes. Given the author's tradition of reporting usage, selling information to marketing companies, and revoking registrations without cause, we must be prepared for his latest Trojan horse. The program is delightful, irresistible, for it is feature laden, stable. But its target is warez users, and I strongly feel this warez-centric program serves to report to the government the biggest abuses. Remember, that the information he claims is benign is encrypted, so you will never see the payload of this machinations and undesired packets. He also uses port 80 to send information out on, so please be using an application firewall such as Kerio. I would not trust Charles unless he releases source code. We are already help hostage by a closed source MSCVRT, and other runtime libraries, any of which could perform undocumented tasks with encrypted packets, you might see packets but the nature of the payload is occluded. I strongly recommend that nobody trusts outgoing packets they cannot decrypt. Anyways, for the technically savvy, one should peruse through the packets this thing produces, and ask yourself, do you really trust some man who will not end these perpetual and consistent accusations by revealing some of the source code to allay the growing fears he is part of a dragnet cabal to capture people determined to be felon software pirates. He is a party to your own demise, the "Robin Hood" loopholes are closed, and Charles could make money off you and put you in jail. He makes money off of FlashFXP, he targets the warez community, the program sends packets that are extraneous to file transfers that are encrypted, he has revoked registrations without cause, he sells your information to marketers I have confirmed this through SpamCop, and he is in cahoots with federal authorities to help Trojan and compromise your computer.
FlashFXP is the root of all evil. Not only does this closed source call-home program get huge amounts of attention making all of us wonder if "Charles DeWeese the information thief" is 1) selling your information to marketeers, 2) pretending he can increase profits by threatening, as reported in some cases, paying customers with BSA actions and lawsuits or 3) trojaning your system for other nefarious activities the nature of which you will never be aware because he provides neither source or debugging symbols, and the binary is stripped. One thing is for sure. Be it here on BetaNews, or on Slashdot, or on download.com.com, there is more than a few people calling into question why FlashFXP does what it does, and what is it doing. I would recommend the use of WinPCAP, WinDUMP, and ethereal, along with the free for personal use application firewall, Kerio Personal Firewall (software with nothing to hide, such as KPF, is often free for personal use, and others, like FreeBSD, OpenBSD, OpenSSL (a technology probably stolen by DeWeese and used illegally in FFXP) and Linux/GNU to name a few. With scary legislation in the US empowering copyright holders to DDOS your P2P networks, "root" your boxes in order to delete copyrighted content, and to make circumventing the mechanism by which an MP3 prevents the playing of an MP3 without a digital signature a felony, you can not trust software which calls home in an undocumented, undesirable way. This is the inroad by which these technology fascists will infect your computer with government sanctioned Trojaning devices. FlashFXP, when purchased legitimately, forces your to divulge HUGE amounts of information about yourself. You cant use cash and anonymously buy "shrink." Not only did I buy FFXP, but I excercised my right to fair use on more than one machine, the closed source binary was never run concurrently on more than one CPU at a time, yet my key got blacklisted. I have always been fond of OpenSource, but this and the EULAs for Windows Media Player, which also does various call home undocumented behavior, make not using OpenSource suicidal if you want a life where the government doesn't control and monitor your every keypress. Best of luck in the brave new world, if we continue to support fascists such as Charles DeWeese in his never-ending pursuit to force you to be tithed for non-Novel software which is built upon the stolen intellectual property of others, and prioritized. This is by no means a call for legislated digital communism, but it certainly calls into question the value of something that is not transferable, the seller has not liability of the actions of, the right to fair use is forfeit, and they law claims they copyright holder can root your computer in order to enforce copyright. Software like this I should be paid to use! Not pay for it! Be careful. He has stolen from the public domain technology to implement this secure technology, SSL, then he uses it to hide from you the true nature of his communications with home-base, as he calls home and Jon.Ashkrofts your information. I'm glad I use SmartFTP and NCFTP and run KPF as a start in the line of defense against a Orwellian cabal of software and I.P.
For all the would-be suckers out there, and that is what you would be for soliciting this guy, most of the complaints I have seen here are from older people, clearly, mature (not script kiddie types) that have had their honest to God license revoked without refund. Please be careful. If this man offered a shrink wrap product, there would be no problem - but he does not. He needs more control over you than that. I think he sends marketing data back personally. "If you choose to register FlashFXP, some personal information is required to complete the purchase. Things like your name/company, address, and billing information like your credit card number is collected. " Now with a rash of hackers stealing credit card numbers, and Charles storing all sorts or private information on you, you become VULNERABLE. In his EULA: "The license will terminate automatically and the software unregistered if you fail to comply with any of the above terms and conditions. The license may be terminated by either party at any time and without notice." He can TERMINATE the license for any reason. He could say, you have to stop using this, because you are a good paying customer and I don't care. He has done this. Listen to the huge community of Charles victims before you send him money.
This program started out very good, ambitious. A refreshing rival to Cute, with better reliability and FXP capability. Of late, particularly after the 1.2 builds, this program has started to numerous things I am highly suspect of. This program has corrupted files on transfer, and has called home on me, apparently to "verify registration, check for update." I am confused as to why a paying customer is subjected to cross examination, to me this is a form of abuse. I recently tried a RC3 build, and was surprised that more things are broken than ever before, and reverted back 1.4. I am saddened that I have paid to buy into a crumbling, failing legacy which is bloating up, working less and failing its original design goals so drastically, all the while subjecting paying customers to offensive call home checks.
The Link
http://slashdot.org/comments.pl?sid=...ed&cid=4434853