Page 1 of 1

Arcsoft Exploits and Skulduggery

Posted: Mon Jul 18, 2011 9:46 pm
by siblingshot
Beware if you have recently purchased hardware shipping with Arcsoft software.

This may include Pentax or Panasonic camera equipment, ranging to Printers from HP and Epson.

The installation of said software initially prompts the unwary individual to register the product - note, NOT the hardware, although that is certainly the implication - with repeated requests to submit PII over an unsecured connection.

Worse, under Mac OS the software exploits a security loophole and writes an '"AutoLaunchedApplicationDictionary" entry direct to /Library/Preferences/. As a result, there is no Login Items prefpane to kill the process at Start-Up, and the account user is plagued with 'nags' which may consume up to 5% of CPU.

A similarly cynical exploit is allegedly encountered by users operating Windows. There is no uninstaller bundled with the software, typically on CD-ROM; the only way to purge the offensive software is manually; a laborious and far from simple procedure for unsuspecting users.

Applications such as AppZapper, designed to purge systems of hard to locate scripts and system files, appear to have no effect.



In my opinion, ArcSoft breaches netiquette to the point of illegality. The mechanisms employed have the potential to wreak irreparable damage on core system processes, should the affected user attempt to troubleshoot with little grasp of what has surreptitiously been installed, and where.

This is rogue code. Plain and simple.

It depresses me infinitely that manufactures of the caliber of Pentax, Panasonic, HP, and Epson can be so unheeding of the negative impact on reputation. By careless association. currently enjoys an excellent reputation on WOT, despite much commentary alluding to malpractice, spam, and underhand tactics.

Again, in my opinion, that good reputation is thoroughly undeserved.


While the forum content linked to - for the purpose of anecdotal corroboration - is admittedly 'old hat', the issue is nonetheless ongoing. The equipment I recently purchased was manufactured early in 2011, and the problem is clearly far from being properly resolved.

Interestingly, other users experiencing this issue have felt compelled to raise their concerns directly with arcsoft on their own forum. It would seem even their support team have no idea precisely what is installed, or how to adequately address it:

RE: Arcsoft Exploits and Skulduggery

Posted: Tue Jul 19, 2011 2:18 am
by alphacentauri
Thanks. I looked at the posts on their own forum, and Arcsoft doesn't seem to be too interested in answering all the posts asking for help. Reading all that frustration makes Vundo sound like a Disney program in comparison. And apparently Arcsoft is okay with that.

Here's a more recent thread -- it's still an issue:

It's a good thing to know before buying a product from one of those hardware manufacturers. I wouldn't want this on my computer.


Posted: Tue Jul 19, 2011 10:45 am
by siblingshot
Thank you for rating accordingly, AlphaCentauri.

Reading all that frustration makes Vundo sound like a Disney program in comparison. And apparently Arcsoft is okay with that.

That is the crux of it. Arcsoft appears to have no interest in resolving what is clearly a longstanding cause of concern for consumers of those products it serves. Or regret in tarnishing any of those brands.

While their main site appears at first glance to be adequately designed, they are content to force the back door via software bundled at point of sale. And take measures to keep that door ajar.

The UI on that bundled software is appalling.

Neither do I care for the fact that Arcsoft seems to pursue an inference that registering their product is prerequisite. That failure to do so might in some fashion undermine warranty.

That is not the case.

I intend to use Photoshop for purposes of image editing. Another application entirely to handle the importing of digital files.

If ever I might have been vaguely interested in their software, Arcsoft's attempts to harvest sensitive PII over an unsecured connection immediately dispelled any notion of credibility.

The code exploits their software generates compounds that concern.

Either Arcsoft deliberately pursues an underhand and unethical policy, else it is merely incompetent and woefully unversed in issues of security.

Either way, such practices need to be addressed.

Since Arcsoft apparently chooses to ignore direct appeals from consumers, I think it is entirely justified that those brands it serves so inadequately are alerted as a result.

Arcsoft ? Parksoft.

RE: Arcsoft Exploits and Skulduggery

Posted: Tue Jul 19, 2011 8:38 pm
by alphacentauri
When I read your post, I was thinking I would want to add my rating, but that extraordinary claims require extraordinary proof. But to see it on their own forum, with no response as people ask for help over and over -- that was extraordinary, all right. Though I have not been so unfortunate as to let that program on my computer, I had no hesitation to rate after seeing that.

It has to be a huge security risk to have something like that on so many people's computers, trying to open communication with the internet, unwanted, un-updated, and ready to be exploited.

RE: Arcsoft Exploits and Skulduggery

Posted: Wed Jul 20, 2011 12:43 am
by mentalist3d
I wasn't going to rate the site at first, but I did decide to look further than what has already been posted and the issue is still cropping up. I read quite a few old and new accounts all along the same lines, that part of the software remains on your computer and dials home. So I have added my rating

Off topic, a good program for the Mac is LittleSnitch:

Warns you when something on your system is requesting an internet connection and you can choose to allow or block. The free version works for 3 hours, then pops up a window asking you to buy or continue in free mode, it will then continue working for another 3 hours, and so on. It is reasonably priced if you choose to buy and I personally find it a good tool.

Little Snitch

Posted: Wed Jul 20, 2011 7:54 am
by siblingshot
It was Little Snitch which alerted me to the fact this software was attempting to dial home, in fact.

An indispensable program, agreed. I've relied on it for years.

For good reason, not at all off topic.

I set a rule to deny connections, but then noticed the Arcsoft panel lurking below the menu even as I set about investigating just where the hell this script had embedded itself. Unprompted.

The automatic connection override provokes yet more irritatingly screen nags: "Not Registered. You require an internet connection". Exiting the program from its own sub-menu only delays its reappearance at regular intervals.

I tried to force delete those program files I could locate, but the problem was recurrent after restart. Ultimately, I was compelled to manually delete the file 'loginwindow.plist', not located in a user account as one might reasonably expect, but in the top level directory on my hard drive. Opening that file in text-edit revealed the offending entry string.

Thank you both for rating.


On reflection, I think the heading you filed your comments under - 'Ethical Issues' - is possibly more appropriate. And lest any trolls might pounce, I fully appreciate that comments have no relationship with ratings. As it is, I seldom rate without covering my rating with a comment. To promote transparency, to paraphrase certain politicians. Some of them quite opaque.

I filed my own under 'Malicious Content'. Given that a): the code exploit seems entirely cynical, and b): despite high volume of vocal protest and direct appeal, Arcsoft continues to distribute that code with seeming impunity.

That Arcsoft's WOT reputation continues to bask in the GREEN - no doubt as the result of very numerous anonymous ballots - suggests that too many individuals are content to instal software on blind trust, with no real concept of how the resulting code may compromise the integrity of their OS.

Wrap a turd in silver foil, and any amount of people will gladly swallow it.

RE: Little Snitch

Posted: Wed Jul 20, 2011 11:15 am
by alphacentauri
<quote user="siblingshot">Wrap a turd in silver foil, and any amount of people will gladly swallow it.
Well said!