I am currently trialing Freedome & noticed something a bit concerning.
As Freedome blocks a website, it is added the blocked site counter. Well, at one point the counter was 53 blocked websites. I happened to restore my computer to an older backup image from a few days ago (when the blocked website count was around 40). As soon as my computer powered back on after the restore, the blocked site count jumped from 40 to 53. I didn't visit any websites or even open my web browser. This leads me to believe that Freedome somehow keeps a record of the blocked site number, either through keycode or some unique device identifier. While I suppose this isn't an outright "security risk", it is a bit concerning since F-Secure states they do not log. Clearly there is some sort of record, since the old backup of my computer showed the higher block count even though, at the time of the backup, the count was only 40; clearly Freedome communicated with F-Secure's servers and got the updated count.
Any light shed on this would be appreciated.
It is likely that when you did the system restore it loaded Freedome but there was an issue with Freedome's cache and it wasn't loaded initially so it went to the cache it had the from point of restoation. Once the machine powered back up the cache loaded properly and counter returned to how it was. It isn't really a log as no record of what the sites are is kept just a counter that is saved locally on the machine.
I think probably there counter can not be saved locally. Such as.. it's looks like counter (or trigger for changes about counters) comes from server-side?! Probably client can not to work with counters (to interpreter it, save it or other things).
It's probably same for traffic-counter, counter for blocked websites and block-counter for tracking things.
And probably it's have "sync"-meanings about current counters (which can be created per installation (?!) about current installation or something other, but not really logging the user - just as part of "common" statistics about "one of" installations) after UI opening. It's mean changes/refreshing will be comes from server-side.
And maybe it's not possible.. if server have "more fresh records"...... get "previous one information". It will be updated to latest known one (as sync/cloud revision work with server-side). And it's not saved locally (?!).
Sorry for my reply.
And sorry if your words about cache and other... was about same "points".
Will be nice if F-Secure Freedome team can to create something as explanation about.
Hi Tefcae & Ukko,
I do believe Ukko is more along the lines of what is going on here, as being some sort of server side counter. The reason I say this is because it wasn't a "System Restore" backup, it was an Acronis True Image backup, that completely erases the hard disk & returns it to the "imaged" backup state. If there were some local counter it would have no way of seeing the higher counter, as it was not backed up to the "clone" image file. Also, several times I have restored the system to the Acronis backup & each time it updates with the new count... the restored "images" as Acronis calls them, have no way of seeing any "cache" or files that were there before the restore took place. i.e. if Freedome stores the number "63 blocked sites" locally, when the image was replaced that storage/cached count file would have been completely wiped, thus the backup would have no way of "updating" with the locally saved cache of 63 counts.
I do hope I am making sense.
"we collect statistics and break down your traffic to give you a view of your browsing history via the services, but we do not connect this information to you."
This still isn't an outright confirmation of my theory that Freedome associates the tracking attempts blocked & blocked site count with the keycode or device. Would be nice to have an F-Secure employee take a look at this thread? @Ben maybe you can helps us?
We do store the counters and of course we have to tie them to an identifier. However we cannot tie an identifier to the user. Therefore we just store the counter and not any further info such as "what that blocked threat was" or "what was the address from which it came from".
Thank you @Ben.
Can you specify what kind of identifier it is tied to? Is it tied to my device through some UID or is it tied to the keycode, or both? (When I use the same keycode on two different devices, the second devices shows different stats than the first device, so it clearly differentiates the stats per device). Regarding "However we cannot tie an identifier to the user." Surely the activation server recognizes my device when I enter the keycode & recognizes my actual location via the software, so couldn't it be used to trace to me? I.E. The activation server sees the device "ABC-PC" located in [someplace, some country] being registered with my keycode, thus knowing "who/where" I am through the software activation? Even with the websites I visit & traffic not being logged, it still is able to identify that the device "ABC-PC" has had x blocked websites, even if it doesn't know what those sites were, yes?
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support agents and get answers to your questions