EHT is safe

TheImperfect

My antivirus (which I am not going to name) incorrectly flagged up EHT community update files as malware and deleted them thus preventing me from using them.
I sent the files to them for analysis and they have said it is a false positive and the files are perfectly safe. The antivirus now no longer sees the files as a threat.
I am just posting to reassure anyone else who might have had similar issues.

dagrdagaz_5912

Had the same issue.
I could have tried adding the EHT file to the exceptions / white list in my Anti-virus.
But i did not, cos i did not like the file in question wants to auto-run on Windows start-up.

Chryseia

@dagrdagaz_5912 it only runs on windows start-up to make it easier for people who don't want to remember to open the client before launching ESO (like you do with TTC, for example, if you use that). If you don't want it to run on start-up, simply disable it in your start-up tab of task manager, and then pin a shortcut of the .exe EHT community file on your desktop or start menu (or anywhere convenient, really). You can simply launch the .exe right before you launch ESO.

dagrdagaz_5912

@Chryseia, didnt think about that. The EHT Housing Community file being an .exe i could launch seperately!

Raideen

seems fishy to me.

Is it not true that the addon collects and shares your data about your builds?

Chryseia

@Raideen The community .exe file only shares the information about your builds that you decide to publish to it. There is an in-game pop-up that happens after you click the publish button, so its hardly "fishy" since is pretty obvious that you are deciding to publish it.

However, while it is running it does give you access to the information that others have published (again... that they very obviously chose to publish). It basically acts as a cloud information hub that allows builders to share their FX more easily with anyone who wants to receive it, and it also allows users to share information about which homes they consider an "open house" that is finished and ready for visitors. Also... the "data" we are talking about is FX, which is little planes of UI elements that a builder chooses to share with other people so the other people can ALSO see the little UI elements, to give the illusion of various things in the home that aren't really there. There is literally no point in using them unless you want to share them... because they literally won't be there for anyone else unless you do. I fail to see your issue here.

@R_K flagging you in case you need to correct me or have anything else to add.

Raideen

Chryseia wrote: »

@Raideen The community .exe file only shares the information about your builds that you decide to publish to it. There is an in-game pop-up that happens after you click the publish button, so its hardly "fishy" since is pretty obvious that you are deciding to publish it.

However, while it is running it does give you access to the information that others have published (again... that they very obviously chose to publish). It basically acts as a cloud information hub that allows builders to share their FX more easily with anyone who wants to receive it, and it also allows users to share information about which homes they consider an "open house" that is finished and ready for visitors. Also... the "data" we are talking about is FX, which is little planes of UI elements that a builder chooses to share with other people so the other people can ALSO see the little UI elements, to give the illusion of various things in the home that aren't really there. There is literally no point in using them unless you want to share them... because they literally won't be there for anyone else unless you do. I fail to see your issue here.

@R_K flagging you in case you need to correct me or have anything else to add.

Lets just say I don't trust addons who collect my data from 3rd party people. I value security and you may and probably are 100% correct that this addon is innocent, but do we KNOW that for a fact, or is it just trust?

StabbityDoom

Raideen wrote: »

Chryseia wrote: »

@Raideen The community .exe file only shares the information about your builds that you decide to publish to it. There is an in-game pop-up that happens after you click the publish button, so its hardly "fishy" since is pretty obvious that you are deciding to publish it.

However, while it is running it does give you access to the information that others have published (again... that they very obviously chose to publish). It basically acts as a cloud information hub that allows builders to share their FX more easily with anyone who wants to receive it, and it also allows users to share information about which homes they consider an "open house" that is finished and ready for visitors. Also... the "data" we are talking about is FX, which is little planes of UI elements that a builder chooses to share with other people so the other people can ALSO see the little UI elements, to give the illusion of various things in the home that aren't really there. There is literally no point in using them unless you want to share them... because they literally won't be there for anyone else unless you do. I fail to see your issue here.

@R_K flagging you in case you need to correct me or have anything else to add.

Lets just say I don't trust addons who collect my data from 3rd party people. I value security and you may and probably are 100% correct that this addon is innocent, but do we KNOW that for a fact, or is it just trust?

@R_K works for ZOS. Do you think he'd risk his job putting out something unsafe? Secondly, he's about the best person I know. I'd bank on it.

Chryseia

@Raideen I know and trust Cardi.

But irrelevant of that, what you said is true of literally anything you do on a computer. Unless you are technologically sophisticated enough to monitor and review every data packet that goes in and out of your machine on your own, on some level, there is always trust involved when downloading and running an application. And even large "trusted" companies occasionally do bad things with data, or have data breaches. If you really don't trust this particular app, rather than spread conspiracy theories, why don't you investigate your concerns and point to something to back it up, as the OP did:

mrsrobot wrote: »

I sent the files to them for analysis and they have said it is a false positive and the files are perfectly safe. The antivirus now no longer sees the files as a threat.

As for myself, I believe we volunteer far more sensitive information via social media and just general internet traffic (unless you literally disable all cookies and only ever use private browsing modes) than could possibly be collected by an .exe that enables the sharing of game UI code. An anti-virus will make sure its not downloading viruses to your computer (unless you don't trust those either? They do far more monitoring of what you do on your computer after all.).

Raideen

Chryseia wrote: »

@Raideen I know and trust Cardi.

But irrelevant of that, what you said is true of literally anything you do on a computer. Unless you are technologically sophisticated enough to monitor and review every data packet that goes in and out of your machine on your own, on some level, there is always trust involved when downloading and running an application. And even large "trusted" companies occasionally do bad things with data, or have data breaches. If you really don't trust this particular app, rather than spread conspiracy theories, why don't you investigate your concerns and point to something to back it up, as the OP did:

mrsrobot wrote: »

I sent the files to them for analysis and they have said it is a false positive and the files are perfectly safe. The antivirus now no longer sees the files as a threat.

As for myself, I believe we volunteer far more sensitive information via social media and just general internet traffic (unless you literally disable all cookies and only ever use private browsing modes) than could possibly be collected by an .exe that enables the sharing of game UI code. An anti-virus will make sure its not downloading viruses to your computer (unless you don't trust those either? They do far more monitoring of what you do on your computer after all.).

Whoah easy on the defamatory labeling. I love how you people use "conspiracy theory" to shut up an argument you cant win.

Also, nice deflection on the "trust" of PC programs. The hard cold fact is that any given day a person is much safer going with a large company with security measures (and some measures of their own) than some random person who is making addons for a game with an executable. I mean most companies will not even allow executables with addons. The fact that Zo$ does is questionable.

Nestor

@Raideen

If your concerned about third parties gathering information about you and your activities, get off the internet, throw away your smart phone, quit using credit cards, and stay away from any store or street that has CCTV cameras. Also, don't buy anything like a car or house or on credit.

Using EHT to share information about virtual homes and virtual characters that you opt to share is the least of your concerns about information farming.

Raideen

Nestor wrote: »

@Raideen

If your concerned about third parties gathering information about you and your activities, get off the internet, throw away your smart phone, quit using credit cards, and stay away from any store or street that has CCTV cameras. Also, don't buy anything like a car or house or on credit.

Using EHT to share information about virtual homes and virtual characters that you opt to share is the least of your concerns about information farming.

I'd expect more from a community manager. Your passive aggressive attitude is not welcome, please adjust your tone and act with some professionalism.

Secondly, addressing the task at hand, its been WELL KNOWN in the MMO community to NOT USE ADDONS that have executables in them. Third parties is one thing, fan made addons collecting data from me is another.

THAT BEING SAID. Go reread what I said. I was simply asking if it was true the addon collected data. I had some back and forth and I said " I value security and you may and probably are 100% correct that this addon is innocent, but do we KNOW that for a fact, or is it just trust?".

I was not trying to be a butt in this thread, but the attacks came fast when all I was doing was expressing that I like to play it safe.

Nestor

I have noticed that when I don't fall all over myself agreeing with everyone on the boards, I am a disappointment. I have to admit that Passive Aggressive is a new one.

Raideen

Nestor wrote: »

I have noticed that when I don't fall all over myself agreeing with everyone on the boards, I am a disappointment. I have to admit that Passive Aggressive is a new one.

Hyperbole 2x now.

dagrdagaz_5912

Update;

I am willing to trust R_K, my Anti-virus / Firewall will not.
Even when White-listing the .exe, it keeps getting deleted

LadyAstrum

StabbityDoom wrote: »

Raideen wrote: »

Chryseia wrote: »

@Raideen The community .exe file only shares the information about your builds that you decide to publish to it. There is an in-game pop-up that happens after you click the publish button, so its hardly "fishy" since is pretty obvious that you are deciding to publish it.

However, while it is running it does give you access to the information that others have published (again... that they very obviously chose to publish). It basically acts as a cloud information hub that allows builders to share their FX more easily with anyone who wants to receive it, and it also allows users to share information about which homes they consider an "open house" that is finished and ready for visitors. Also... the "data" we are talking about is FX, which is little planes of UI elements that a builder chooses to share with other people so the other people can ALSO see the little UI elements, to give the illusion of various things in the home that aren't really there. There is literally no point in using them unless you want to share them... because they literally won't be there for anyone else unless you do. I fail to see your issue here.

@R_K flagging you in case you need to correct me or have anything else to add.

Lets just say I don't trust addons who collect my data from 3rd party people. I value security and you may and probably are 100% correct that this addon is innocent, but do we KNOW that for a fact, or is it just trust?

@R_K works for ZOS. Do you think he'd risk his job putting out something unsafe? Secondly, he's about the best person I know. I'd bank on it.

Probably a silly question, but if @R_K works for ZOS why can't ZOS implement these features into the game?

R_K

Hi all. First, thank you so much to everyone who has been helpful in answering legitimate questions about the Community app that is bundled with Essential Housing Tools. I began writing EHT before joining ZOS, but I can assure you that the Community app only sends and receives the following data with my [personally run] Community server:

1. A list of Open Houses that each player chooses to publish; and,
2. FX data for homes that each player chooses to publish; and,
3. Guest book signatures for when you choose to "sign in" while visiting a player's home

I developed the server and the accompanying app for the Housing Community to provide a virtual directory of the homes that we would welcome others to come visit, to offer the ability to sign in when visiting (and see who visited), and to facilitate the sharing of visual FX data. Ultimately, the EHT Community app is about player engagement at its core.

If you are still suspicious of my App, I completely understand; but, with that said, I do hope that you come check out a growing Community that now numbers in the thousands.

Raideen

R_K wrote: »

Hi all. First, thank you so much to everyone who has been helpful in answering legitimate questions about the Community app that is bundled with Essential Housing Tools. I began writing EHT before joining ZOS, but I can assure you that the Community app only sends and receives the following data with my [personally run] Community server:

1. A list of Open Houses that each player chooses to publish; and,
2. FX data for homes that each player chooses to publish; and,
3. Guest book signatures for when you choose to "sign in" while visiting a player's home

I developed the server and the accompanying app for the Housing Community to provide a virtual directory of the homes that we would welcome others to come visit, to offer the ability to sign in when visiting (and see who visited), and to facilitate the sharing of visual FX data. Ultimately, the EHT Community app is about player engagement at its core.

If you are still suspicious of my App, I completely understand; but, with that said, I do hope that you come check out a growing Community that now numbers in the thousands.

Thank you for the post.

Zypheran

@R_K wait WHAT!? You work for ZOS now. I completely missed that news.
Cardi I'm delighted to hear that. I really hope the role works out for you. This was a good move by ZOS.
I know you probably can't tell us, but dies this mean that you will be looking to see what elements of EHT can be integrated into the housing system?

StabbityDoom

He probably can't tell us, but I'm sure Cardi's wonderful ideas will be shared with the ZOS team. I can't imagine he wouldn't bring up our needs when he knows them so well by now!

ZOS has never fully embraced EHT, so I would not expect it to be integrated. However i know he will keep supporting EHT for as long as feasible for him, so I for one will keep using it. I would have ANYWAY, but honestly...

Can we not turn this into a snipe fest? The question was asked and answered, it's safe.

R_K

Zypheran wrote: »

@R_K wait WHAT!? You work for ZOS now. I completely missed that news.
Cardi I'm delighted to hear that. I really hope the role works out for you. This was a good move by ZOS.
I know you probably can't tell us, but dies this mean that you will be looking to see what elements of EHT can be integrated into the housing system?

@Zypheran Thank you so much - I really appreciate it. (also, as you probably could guess, @StabbityDoom is correct about saying things&stuff though. I hope you can understand. )

Emathides

OP, telling everyone that an executable addon is safe based on your personal experience is really disingenuous, and the hostility directed towards those that have expressed concern over running such an addon is disappointing to see. Raising such questions is absolutely not sniping, nor is it spreading conspiracy theories, it is exercising basic caution in IT security and engaging in discourse.

With all love to Cardi and EHT, I do not run the EHT community app, due to my personal security concerns. While I know and trust Cardi, the concerns are too great for me to personally run the app.

My concerns are around malicious third-party interference. The file Cardi uploads to a website for us to download could be interfered with before we download it. The file that OP has run past her Anti-Virus company could be a completely different file to the file that the next person downloads.

So, anyone reading, please don’t bypass your Anti-virus alerts based on what someone else had experienced and said in this thread, because it is really bad security advice. It is best to make your own decision on whether you would like to take such a risk, or seek advice from your Anti-Virus company as OP did.

Aliyavana

Why not get a ZOS_RK forum account?

TheImperfect

Emathides wrote: »

OP, telling everyone that an executable addon is safe based on your personal experience is really disingenuous, and the hostility directed towards those that have expressed concern over running such an addon is disappointing to see. Raising such questions is absolutely not sniping, nor is it spreading conspiracy theories, it is exercising basic caution in IT security and engaging in discourse.

With all love to Cardi and EHT, I do not run the EHT community app, due to my personal security concerns. While I know and trust Cardi, the concerns are too great for me to personally run the app.

My concerns are around malicious third-party interference. The file Cardi uploads to a website for us to download could be interfered with before we download it. The file that OP has run past her Anti-Virus company could be a completely different file to the file that the next person downloads.

So, anyone reading, please don’t bypass your Anti-virus alerts based on what someone else had experienced and said in this thread, because it is really bad security advice. It is best to make your own decision on whether you would like to take such a risk, or seek advice from your Anti-Virus company as OP did.

I agree everybody should be security conscious. Yes I have only ran the current version of the file by the antivirus makers and yes you only have my word for that. I think Cardi has answered well on here and personally I feel OK using the community file now but if other people don't want to that's their choice too. I didn't use it when my antivirus complained and others can check with their own antivirus providers if they like.

StabbityDoom

Aliyavana wrote: »

Why not get a ZOS_RK forum account?

Since he hasn't answered yet, my guess is because he is not answering this stuff in an official capacity but instead discussing his own program.

R_K

StabbityDoom wrote: »

Aliyavana wrote: »

Why not get a ZOS_RK forum account?

Since he hasn't answered yet, my guess is because he is not answering this stuff in an official capacity but instead discussing his own program.

^
^
^