Does Etrecheck have the blessing/approval of Apple itself?

you have to apply your administrator password to infect yourself

********
[Edited by Host]

HunterBD wrote:

Accordingly, will you please tell me HOW I can report my concerns to "product-security"?

Contact Apple About Security Issues - Apple Support

why don't you do that yourself ?

these forums are user helping other users with tech questions

nobody here would be more or less suited then yourself to request that of the developer

I work in IT. We are blocked from EtreCheck, but ironically we are blocked from most things.

Do I wish I could use it, feel it's safe, and would I though, if I weren't blocked?

Yes, yes, and yes.

I could really use it right now too *sigh*

Kurt Lang wrote:

If you want, you can download the entire source code for EtreCheck from GitHub and read through it yourself.

That is not a suggestion that I would have made in this context. 🙂

In any case, that statement is no longer true. When I switched from donation support to a traditional software license, I could no longer publish the entire source code on Github. Otherwise, people could just generate their own licenses. Even without the source, people are actively attempting to reverse-engineer the license code and are posting cracked versions on the Internet. I'm holding my own for now, but I could sure do without distractions like this thread.

liv0123 wrote:

I work in IT. We are blocked from EtreCheck, but ironically we are blocked from most things.

Do I wish I could use it, feel it's safe, and would I though, if I weren't blocked?

How are you blocked? A number of people have reported problems purchasing a license. I don't know what they are doing with their corporate firewalls that prevents an app from connecting to a standard web server on a standard web port. It is a constant battle against software pirates. I can't risk a public release of a version that can be activated without a secure exchange of tokens with my license server.

But even if you can't purchase a license, you can still use EtreCheck to diagnose problems. It will run 5 times without a license. That should be enough to identify a problem, troubleshoot it, and show that it is resolved. I also plan to reset that 5 run limit periodically so that people who have tried EtreCheck in the past can use it again in the future.

Oh, it's nothing on your end. It's our IT guy but mostly our head of security. I checked my so-called admin settings out of curiosity, bc I still tried knowing how insanely strict they are.

He's got them set up to appear to us as though we are administrators, just like anyone else who has those privileges.

Nope. He actually has us as managed users but has it display to us that we are listed as admin, not just upon login, but t/out settings. I looked around a bit though , thus, how I found out. Sneaky & well, just unnecessary .... just list us as standard users? We know we don't have root access but no admin? Bit ironic....

Worse, I can fix basic computer issues such as how my issue began. That's what I do. But, am I allowed to on my own iMac? Nope. Now, my iMac has gotten to the point where it's shot. I'm agitated bc I know I could've prevented it from becoming unusable. I now have to use someone else's. Grrrr....quite inconvenient & if I dare try to change the security settings whatsoever or any others for that matter to still try to fix it via privileges I need for certain tools, I'd get fired straight away. Soooooo, I have to deal for now & wait on IT to appear which will be??

Regardless, once they get mine back to me, I'm asking about etresoft though. We have tools, but I find your program log more user friendly & easier on the eyes, and I know my associates & clients would find it to be so too. I'd like to use it along with our diagnostic log too as desired for clarification on things or simply to have as an additional form of documentation that I feel is safe and credible.

Anyways.... time will tell

HunterBD wrote:

Is there a simple reason?

Apple uses a single authentication system for any Apple site that requires Apple ID authentication. This authentication system requires you to log in with an Apple ID that has access to the requested resource.

If your Apple ID doesn't have access to the requested site, then you will be taken to a landing page where you may be able to request access. If your Apple ID does have access to the site, you will be immediately redirected into the site.

If you attempt to access a deep link into a site that requires authentication, then you may bypass that landing page and not have an opportunity to request access. That is what happened in this case. About 18 months ago, Apple re-designed the bug reporter to have a more modern web interface circa 2006. As part of that, it now redirects users into the "/web/" subdirectory. If you login to the bug reporter and copy the URL from the address bar, you are going to get the "/web/" subdirectory.

I manually removed the "/web/" subdirectory before I pasted my URL. I manually edit pretty much every Apple URL I post because they all have some funky redirection scheme. So yes, there was most definitely some "doctoring" of URLs. I "doctored" the URL I posted. Sometimes I doctor Apple URLs to ensure that users hit the proper landing page. Other times, I doctor Apple URLs to ensure that the user will be redirected to a version of a page more appropriate for their language and region instead of mine.

Now, is that a "simple" reason? The answer is yes. The simple reason is that you are automatically assuming conspiracy and malicious intent where there is none. Everyone who answers questions in this forum does so because they are trying to help people. As this is the public internet, there are always some scammers or bad actors with malicious intent. But in most cases, those people are spotted and reported right away. Then Apple's moderation team quickly removes their posts. But if a Level 6, like LACAllen with 16,295 points, posts a link, you can safely click on it. That's why we have the points and the levels.

Everybody here is always learning and trying to do their best. In fact, most people are always learning and trying to do their best. Maybe they write an antivirus apps like ClamXAV. Maybe it reports a false positive one day. Someone files a bug report about it and they fix it. They do better next time. Does that mean they deserve to be incessantly hounded across the internet for that one mistake years ago?

Sometimes people make mistakes. But they learn, try to do better, and eventually develop a good reputation. Other people never learn from their mistakes. They repeat them and develop a bad reputation. Which group do you want to be in?