Security as the Principle of TLauncher
Internet security is a very sensitive issue, as every software that runs on your PC modifies and adds files. Therefore, the trust on which the interaction with the program is based is the basis of working at a PC. But not all files and programs should be trusted, as well as information about the program distributed on the Internet.
In this article, we describe the easiest ways to check the reliability of the developer in relation to your PC, as well as examples based on our software – TLauncher.
Contents:
3. Website and Social Networks Activity
Anti-Virus Scanning
Some users trust their antivirus very much, but although it can block most known viruses, it does not protect 100%. Therefore, downloading a file from unknown site use, for example, VirusTotal. This site checks the file with approximately 60 antivirus software at once, it's really more impressive than your soft.
You can check out our launcher on the same service after downloading from the main page. The following are the results for TLauncher 2.66: Installer for Windows; File for Windows, File for Linux/OS X;
Digital Signature
A digital signature is a special mark in a file, which indicates that the latter is received from a certain developer and no one has modified it. All popular software is signed with this signature, you can see it for yourself on the example of the following products: Yandex Browser, Opera, Google Chrome, Nvidia and many others.
The lack of a signature in the file (Unknown developer), does not itself indicate the harmfulness of the software. But it indicates that no one is responsible for this file if it turns out to be malicious. Our recommendation is to use only those programs that have a digital signature! Our TLauncher is of course signed with such signature (you can check the signature of the file by right-click on it - > Properties - > "Digital Signatures" tab).
Website and Social Networks Activity
Any serious software has a lot of web pages on the site (and not just the home page with only Download button). Usually programs have a help file, own registration and authorization, a lot of additional content for the product, and possibly more than one product!
Personally, we have not only several products (for example, TLauncher PE), but also help (with answers to the questions related not only to the launcher), plus a lot of additional game content.
Considerable importance has the activity on social networks, reputable software has a page on almost all such sites. As ours has: VK.com, Twitter, Facebook, OK.ru (by the way, don't forget to subscribe).
Partners
Major publishers have many partners, direct or secret. The direct ones include those recommended by the developers themselves. The secret ones include those whom developers help without public demonstration of this. Therefore, if the software has a lot of partners, it can indicate trust in these developers (not to be confused with banal advertising for money).
TLauncher has quite a lot of partners, both direct and secret. One example is our cooperation with Yandex, the largest search engine in the CIS. We recommend their free products (because they are worth using), they help us in turn in many other respects, such as advertising and security. Yandex carefully selects the partners, so it also means their trust in our products.
Fake Information
The larger the product, the more actively competitors are trying to conduct a negative campaigning against it, spending a lot of money. Therefore, you should not believe the words and alleged evidence that YOU CANNOT CHECK FOR YOURSELF. The typical features of negative campaigning are:
1) Spreading of negative information about certain software within a short time frame, especially from sources that sell advertising.
2) Amid a negative campaigning against a specific program, there is an advertising of a completely similar product (it immediately reveals that the source is bought).
3) Facts that cannot be verified, including: screenshots that are easy to fake, screenshots of correspondences and so on.
4) The absence of facts as such and just a "what a bad program" reasoning (empty talk).
Account Security
And no matter which account we are talking about, Mojang license account or TLauncher account, you should always follow these recommendations, they completely eliminate the theft of your password:
1) Strong password. The most important and simple is to use not less than 13 characters, among which there are letters (in lower- and uppercase), numbers and special symbols. If you use the donation system on the servers, you become a vulnerable target! Therefore, it is necessary to use a complex password.
According to a study by Deloitte Canada analyst company, the average time computer users spend trying to come up with a password today is significantly less than that required for its selection: more than 90% of passwords can be hacked in seconds.
2) You should use two-factor email authentication. All popular free email services (Yandex, GMail and others) allow you to set up additional protection in just a couple of minutes: authorization by SMS or code from the application. This method will protect your email, even if the password was hacked! TLauncher recommends!
3) Use a different strong password for each Minecraft server. Using the same password everywhere, you will not even be able to know the hacking source! You should never use the same password!
If you do not use neither of these recommendations, your account is at risk, perhaps right now someone is trying to crack the password to it!
Open Source
It is also important whether the source code of the program is open. If it is completely closed and serious attempts are made to hide it, you need to think twice about the integrity of the developers in the absence of a digital signature (and other security tokens)...
МWe don't publish our source codes, but they are open enough to any Java developer could check out the highlights of TLauncher's work. We have nothing to hide in it, so this is one of our integrity guarantees.
Frequently Asked Questions
In our opinion, such questions about ensuring their network security may arise from our users:
Question: Take any arbitrary password, for example, "2456253462", is it difficult to crack it?
Answer: It is possible to check the password strength on any website like this. As you can see, such a password can be hacked very quickly.
We recommend using the password generators to select a really strong password.
Question: I bought a Mojang account for $XX , but it stopped working, how can this be?
Answer: Buying an account, you should understand that it already belongs to someone. Would you like it if someone played under your account? Probably not, so as soon as the owner notices, he or she will change the password and you will lose access. The safest option is to create your own account on Mojang, buy a license and use the recommendations for password and email protection (then no one can steal it) .
Question: Is it necessary to enable two-factor email authentication?
Answer: Yes. Email is one of the ways to recover your password on many sites, so you need to take care of the security of your mailbox. But precisely this method of protection is a serious guarantee not to lose an email. To enable this protection, type in the search, say, Yandex the following: "how to enable two-factor authentication of Yandex-mail" (here can be your mail service instead of Yandex).
Question: What steps do you take to protect your TLauncher account and Mojang accounts?
Answer: All registered TLauncher accounts are stored in a secure place (for users from the CIS, in the Moscow Russian Data Center). For users of the EU and other countries embraced by the European Data Center), due to the restriction of the rights of employees to use certain company data (especially, TLauncher accounts), leakage does not take place.
We do not save or store any Mojang accounts data, all authorization requests are directed to Mojang servers. The program on your PC does not store the password in clear text.
Passwords that you enter on the servers are also not saved in any way. The program has no technical opportunities for this, any can analyze the code and check this.
Question: I faced an outright lie about the program that I have been using for a long time, what should I do?
Answer: Depending on the source location, you can take the following steps: if it is a public platform (for example, YouTube), you can send a complaint on the video and leave a comment about the fraud to other users.
Comments