Glasswire security?

On machines running the glasswire client, what data is being sent back to glasswire.com? I’d like to see a privacy statement on the glasswire.com front page that declares this. Perhaps its there and I missed it.

What defenses are in place to prevent a hacker from inserting a malicious update at Glasswire.com so that it gets downloaded to all machines running glasswire thus creating a giant botnet? I’d like to see a security statement on the glasswire.com front page that declares the glasswire position. In the security statement, I’d like to hear things like development environment is topologically isolated, you have layered defenses, you have a dedicated information security officer, and that you have an independant 3rd party doing pentest and IT audit. I don’t want to end up on the news because my trust in glasswire is misplaced.

Thank you for asking about GlassWire privacy and security along with our updates. Our privacy policy that’s linked from the index page https://www.glasswire.com/privacy/ shows how GlassWire checks for software updates and suspicious host updates. You can block GlassWire through its own software if you want but you won’t know about new updates and your suspicious hosts won’t be updated.

We have several defenses in place to avoid malicious updates. First of all we don’t auto-update through our software. Instead we alert the user to a new software update on our download page. When visiting the download page you can check to see if it’s our download page a couple different ways. First check the SSL certificate in the web page itself to confirm you are really on www.glasswire.com, next click the Symantec certificate to the right of the download button.

The next thing you can do is to check our hash. Scroll down the page and look for the hash then check it against the installer file. If you are using old versions of GlassWire you can check our old releases and their related hashes also.

Another thing you can do is to upload the installer to VirusTotal.com and also scan it with your local antivirus.

We don’t collect any user graph data, we have no mechanism in GlassWire to collect user graph data, and we aren’t in the business of collecting graph data. We plan to have a paid version of our software in the future to fund future development.

We’ll study security statements of other similar products and see how a statement might work for GlassWire. Thanks for your feedback.

I’m encouraged by what I see here
https://www.glasswire.com/privacy/

I’m discouraged that this does not exist
https://www.glasswire.com/SECURITY

I see a large number of people ticked =I am discouraged that this does no exist=security. Do you know 95 % of free download sites including the worst=download.com-c.net are FULL of PUPS . A survey done by How to Geeks on all of them showed up how bad they are not only that one US website actually has a rootkit built into the conditions of acceptance that I came across while trying to update =System Ninja from 3.0.04 to 3.0.05 I refused to accept it . Even now when I went to update Win Patrol (Scotty dog ) which the owner sold the firm that bought it now forces you to download not only the FREE version but the PAID for version -both versions are joined on the same download link also the dog has changed to a sniffer dog - I will stick with Scotty . To me you are doing a dis service to a great program=Glasswire who could easily have charged for it from the beginning but have NOT ! What you seem to want is a "deluxe " version for free . Glass wire hasnt been too long in the market place -give it a chance he is doing his best .I hope none of those that clicked security work for other program makers ??

1 Like