I see that V3 has a bunch of fancy new cloud-based features like how frequently an application shows up among GlassWire users and what amount of traffic it usually uses. However, I would prefer not to share that information, in particular I am concerned about sending the names of executables which I use on my PC to a remote server. I totally get the value in the service, and it would surely be useful sometimes, but I am perfectly happy with not having access to it to not transmit that data. Right now it seems to be possible to disable all the cloud stuff for people like me with an “ancient” perpetual key-based license by just not signing in, but then I am nagged to sign in, which only offers me the option to click “Remind me later” (which I don’t want to be!).
For now I have downgraded back to the latest 2.3 version until there is some more clarity on how all this new cloud stuff will work.
Edit: Seems like the privacy policy might be missing something:
Traffic Data information: We collect counters of traffic data generated by each software application running on your endpoint and the destination / origin IP address such traffic goes to/comes from. For the avoidance of doubt, GlassWire does NOT inspect the data packets going through an endpoint, it just records the quantity of traffic and the IP destination of such traffic to/from the endpoint, in order to make a Subscriber and/or an end user aware of any abnormal or unwanted data patterns occurring on GlassWire monitored machines.
How are executable/process names processed? Are any measures in place that would prevent building a usage profile? Are just exectuable names or also checksums sent?
GlassWire partners and third party developers: We may share deidentified data for research, statistical, and business purposes.
So theoretically our application usage could be sold as a “deidentified” profile of commonly used together applications?
Edit 2: I just realized… the privacy policy specifically says that destination IP is recorded, with the process name also recorded, this could allow for discovery things like SSH servers (ssh.exe connects to X.X.X.X). GlassWire also records local traffic, so this could reveal the location of internal resources to outside parties (yeah, I know security through obscurity is bad, etc. but it still shouldn’t happen!).
I am not very happy with the implications of this new feature, please let us at least turn it off!
Edit 3: Reworded first edit for clarity.