Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

NTFS for Mac - privacy issue?

carbontune

carbontune

macrumors member
Original poster
Sep 11, 2018
89
17
United Kingdom
Does anyone know how to turn off data analytics collection in Paragon NTFS for Mac? As the software has low-level access to your Mac and everything on your hard drive and all external drives, I think it's a bit of a concern that it is able to collect 'analytics data' and I cannot see a way of disabling this data collection.
 
You could try www.obdev.at little snitch to intercept outgoing traffic or other tools.

But I do not understand why you use this piece of crap software in the first place?
 
vivo said:
But I do not understand why you use this piece of crap software in the first place?
Click to expand...

Uh, to read and write to NTFS volumes? Is another reason necessary?
[doublepost=1545841373][/doublepost]
carbontune said:
Does anyone know how to turn off data analytics collection in Paragon NTFS for Mac?
Click to expand...

Besides clearing the checkbox, apparently, same as most applications? Or are you implying with no evidence that turning it off via the checkbox doesn't actually turn it off?

(source... am Paragon NTFS owner, am looking right at checkbox in application Preferences)
 
Last edited:
I contacted Paragon and they sent a reply about extended logging which wasn't the issue that I enquired about. I enquired specifically about data analytics collection. Apparently they need extended logging to debug customer issues with the driver, but that's a separate thing.

My issue is that data analytics (separate from extended logging) is collected by default and there is no option DURING the installation to turn that off that I could find. I have since found it in the application Preferences. Unless you knew where to look and where to turn it off, it would stay on by default.

Most of the software that I use will ask me during the installation whether or not I want to send analytics data back to the manufacturer or not.

In my opinion, whether or not to collect data analytics should be part of the installation and an option selectable by the end user. Moreover, I have been unable to find exactly what the NTFS for Mac driver is sending back to the manufacturer under the umbrella of 'data analytics collection'.
 
Ok I admit it was a bit of a rude comment. I used it some time ago and it corrupted my ntfs drive due to very small files. It could not handle the amount. Maybe it's improved for the better. But using a closed source reversed engineered filesystem like this on a mac is eh? questionable. You could use a vm but then you cannot mount it as writable volume ok.

Still I do not understand the need to write to an ntfs volume on a mac, or I am mistaken. Or maybe use Fat64/ExFat.
 
Alternatively, you could use NTFS 3G with Fuse.

https://github.com/osxfuse/osxfuse/wiki/NTFS-3G

No analytics going anywhere (let alone Russia), and done in userspace, so eliminates the risk of loading a kernel extension. And open source. Dunno how performance compares.

I used the Paragon products many years ago, nothing against them. Just haven't had any need any more.
 
posguy99 said:
Being open source is SO far down the totem pole that it isn't even a consideration.
Click to expand...

Because it's so unimportant - from a security standpoint - that experts have had a chance to openly vet the code...

Don't you think OP should decide what is important?

I'm offering an alternative that prove-ably doesn't send analytics anywhere.
 
Last edited:
AVonGauss said:
Just because a piece of software is open source and others have an opportunity to review the source doesn't mean anyone actually has reviewed the source. I know that sounds rhetorical, but the point I'm making is open source isn't by itself more secure than closed source code.
Click to expand...

Agreed. But it least then there is the opportunity. There is not when it is closed-source.

If it is a popular product, it will be subject to intense scrutiny. Security researchers derive their reputations from their finds. For a popular product, they will be all over it, like web designers are all over the latest silly animated UI trend. ;)

Admittedly, a NTFS filesystem extension for macOS is not a popular product.

It doesn't take a very high level of expertise to uncover "phone home" code in software that has no legitimate need to phone home.

Further, open source software seldom includes any analytics. There is not the incentive. While there might be some curiosity about number of installations and use cases, collaborators (when multiple collaborators) would almost certainly throw a fit over it.
 
jtara said:
Further, open source software seldom includes any analytics. There is not the incentive. While there might be some curiosity about number of installations and use cases, collaborators (when multiple collaborators) would almost certainly throw a fit over it.
Click to expand...

I think you actually believe this. Search around and find the history behind Atom's telemetry, and the absolutely *entitled* attitude the developers had about it. It took a lawyer to convince Github they could not make the telemetry mandatory.
 
posguy99 said:
I think you actually believe this. Search around and find the history behind Atom's telemetry, and the absolutely *entitled* attitude the developers had about it. It took a lawyer to convince Github they could not make the telemetry mandatory.
Click to expand...

"seldom" does not mean "never".

I was unfamiliar with either Atom or the history of its telemetry. (I use Sublime.)

I did some quick searches.

There was a robust discussion of it in GitHub Issues for the project.

https://github.com/atom/atom/issues/4966

(And others).

Seems to me open source worked the way open source is supposed to work. Public distribution of the source, open discussion. Issues of concern are exposed through publication and discussion. One is free to use the product or not, or to modify it to suit one's own needs, or to create a splinter project that addresses areas of concern.

(Depending, of course, on the license. I do realize that open source doesn't always come with the right to redistribute modified copies.)

Anyway, I suggested one solution that is an alternative for OP. OP can go read the source code for that solution (if so inclined and able) and can read Github issues looking for concerns, and search for additional discussion.

With commercial closed-source software, that vetting is not possible. There is no publication of the source code. There is (usually) no public discussion of the source code or of decisions made around it's creation.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back