Firetrust Support Forums

Hi Rusticdog et al,

I've used MWP since ... well, maybe from the first version? Lots of years anyway ... and I know MWP is by far the best product of its type on the market because I have paid for and tried quite a few others.

Just noticed that the 2010 version of MWP is out. Thanks heaps for continuing to work on this brilliant product.

I *think* the annual subscription for First Alert goes to MWP (Firetrust?) and is used in part to support the company and product development. I've bleated on occasion about my concerns regarding the (relatively) low annual fee for First Alert because MWP is just so valuable to me that I need you (Firetrust / MWP) to be financially viable and survive without needing to do regular cake sales.

I noticed some negative comments about the annual $10 subscription fee for the new version. If I shake my head any harder it will fall off. $10 works out to 3 cents per day. No-one gets internet access for 3 cents per day - WTF!

One single malicious email can cost tens of thousands of dollars in real money through scammers (if you are lucky), and hundreds of hours of time fixing damage done to your system - not to mention the hassle of replacing lost data (if it's possible). My comments are not an exaggeration but based upon personal experience. You see, I am one of many professional scambaiters who deliberately (and safely) go after scammers by pretending to be 'victims'. Scamming is HUGE business affecting millions - losses are estimated in the $ US billions. Victims are often passed around gangs and get hit repeatedly - often months and years later. I know of a real world case where an educated professional woman lost millions, caused her family and friends to lose their homes - and even when confronted by the fraudster in person, was so badly damaged that she simply refused to accept it was all a scam and promptly went on to phone 'friends' for more money. She lost everything, including her sanity, and now sleeps on an old physiotherapy couch that was once part of her thriving multimillion dollar business.

Not all scams are as easy to spot as "I represent the Nigerian Minister for xxx, and you have been nominated to collect $$$'. Sometimes scammers bide their time, always learning from everything you say and do. Then you might be passed onto another person (seemingly unrelated to the first one). Victims are not stupid people - they are ordinary people. Sometimes their kindness (not greed) is what leads to their downfall.

Secondary victims include family and friends - because often primary victims use them to get more money to feed the scammers. MANY victims (exact numbers unknown) become increasingly desperate, some commit real world crimes (to feed the scammers) and many suicide. Scammers feed off real world tragedies (nothing is beneath them) - and every time their is a real world disaster (like Haiti), they come out in droves to steal millions away from people who desperately need help. People are becoming more aware (not nearly as much as I would like) and respond by assuming all genuine requests for aid (like Haiti) are scams and so they stop donating. I guess disaster victims are tertiary victims of scammers - wholly innocent and doubly victimised.

Anyone, including me, can become a scam victim given the right circumstances. Recent research (I can publish the link to an excellent recent formal study) found that often the most vulnerable are people who have some knowledge or better awareness than average. Scammers, criminals, continually adapt and always hone their skills at highly sophisticated social engineering (applied psychology) methods to get victims. While lots come from the usual places (Nigeria, Ghana etc), sadly all countries have plenty of scammers - including Australia, the USA and NZ. Scammers at networked - I tracked one across at least 15 countries all over the world.

I'm also active within the Norton community - and can confirm increasingly sophisticated criminal techniques to steal your identity and money. All you need do is pass by a web page and your system gets hit by variations of drive-by bots and other code. You may not see the page because it can happen very quickly - and, unless you have solid security measures (which must include responsibility for personal actions), then every single internet user is a potential victim in waiting. Some bots (code) might turn your PC into a kiddy porn server - or worse - without you ever knowing. Antivirus tools and software firewalls (especially free ones) are deliberately targetted by these crooks (called lads / vlads) so that their criminal code is never detected.

IMHO - Norton Internet Security 2010 - has proven to be the most effective and robust tool available. I've paid for and field tested others - NIS is streets ahead and has saved me far too many times to count. Each 'save' represents hundreds of hours of my time SAVED because I did not have to undo the damage.

MWP is the ONLY spam filter product I recommend because it works as designed.

My point is simple, Firetrust is a commercial company that must make sufficient profit to continue product development in a rapidly evolving criminal environment. $10 a year seems to me to be too low for them to fund their lifesaving work. I'd be happy to pay more if that meant it kept MWP going. As for anyone whining about a piddling annual fee - well, best of luck to you. You can always pretend none of the nasty stuff exists and hopefully you might not get burned. Pardon my vulgarity - but I guess there will always be those who whinge about the cost of a condom (BTW - a lot more expensive than MWP).

Sorry RusticDog if I broke any forum rules here ... PLEASE keep up the great work!

Mike (Australia)

I'm about to install MWP 2010 (fingers crossed) and hope it goes as smoothly as has been my experience from earlier versions.

Thanks Mike, appreciate your comments

We've always said not everyone will agree, and we can appreciate those who have arguments on the other side of the coin. MailWashers value to some is clearly greater than others, and we hope at least we've found that right balance.

It is not so much the fee that upsets some of us. Like you, I am happy to pay that much, more even, each year.

It is the way in which it has been presented.

The latest newsletter from Firetrust, for example, obscures this by talking of a "purchase fee". It isn't, it is an annual subscription.

Many people discover only after they have paid up that they have to renew annually to keep the software working.

If I buy other software on a subscription basis – anti virus for example – it continues to work after the year is up, but I cannot update it.

mcullet wrote:I noticed some negative comments about the annual $10 subscription fee for the new version. If I shake my head any harder it will fall off. $10 works out to 3 cents per day.

As others have stated, it's not just the money. For me there are a number of issues:

First; it's not $10, but it's $30 per year for me. I have three PCs (all used by me alone) meaning I have to pay for three separate licenses, so I'm up for $30 in yearly subscriptions.
Second;, I believe people have been offered $10 upgrades with a free second copy. Two points here; I've never been offered any upgrades at any price and I'll have to pay full price for the third copy. If I were not in these news groups and hadn't contributed to the beta testing I wouldn't even know MWP2010 existed.
Third; I already pay for Norton for AV/anti-spam and MWP is just a second line of safety for me. I can buy a three license copy of Norton for the $30 yearly renewal for MWP.
Fourth (and most important); If I decide not to renew my copy of Norton it will not stop working after a year. MWP 2010 will. This is probably the main decider for me and will be the thing that makes me go back to MWP 6.

My feeling is that I am being held to ransom... pay the money or the software gets it! No one else that I know of does that.

I have a copy of TreeSize Pro. They switched to a yearly subscription, I objected, they said tough and i didn't sign up. I CAN STILL USE MY COPY even though it is out of date. It does what I want. I don't try to get support for it because it was my decision not to pay the ransom. I do not ask for upgrades because I chose not to pay the ransom. That's MY decision. FireTrust are taking that freedom away from me.


Steve

For what it's worth the License policy has just been changed to two installs

I’m not one of these people who have a problem with the idea of paying the $10/yr. for MWP because I find it to be an invaluable piece of software. Is it ridiculous that the program doesn’t work unless you renew? Most believe yes, but because I’m already willing to spend the $$$ each year who cares if it expires. Expiration becomes a moot point for anyone willing to pay the yearly subscription.

All my accounts are setup, my filters are in place and functioning properly, and the new grouping feature really helps to streamline everything into an orderly user experience. However my dilemma is I’ve got 7 days left before my trial expires and I’m not sure I’m ready to buy MWP yet. MWP clearly wasn’t ready to be delivered to the marketplace even with all the beta testing that was done. Since the initial install I’ve done 3 updates in 3 weeks. While that tells me the programmers are doing their best to work out the bugs it also screams “unstable” or at the very least “erratic”. At this moment why would I buy something that still has many problems and doesn’t allow me to use the full arsenal of capabilities the program has without running into issues? This version 1.0.6 is much slower, still gives me (random) errors when checking mail, and doesn’t allow me to use Firstalert or Pipelining because it makes MWP hang or crash. While there are others these are my main reasons for being hesitant on purchasing right now.

As much as I love the new interface I think after the trial expires I will abandon ship and come back to it in a few months with hopes that all these problems are solved.

Why not go the other direction, buy MW 2010, help support faster/further development and give them feedback and logs on your problems. That would insure that they did address your problems instead of just the ones the beta crew or other users run into.

You don't have to run it every day if it is glitchy, start it up once a week when you have some spare time and grab the latest update, beat on it for a couple hours and let the programmers know how you feel.

Keep your v6 installed and use for your day to day needs and wait to transition over to 2010 until you are happy with it. I have 2010 and v5 on the same computer and they run together with no issues, v6 will do the same so you give up nothing but your $10 in the deal.

Besides the upgrade cheap offer may not last forever and you could pay 2 years maintenance fee with what you save by getting in on the upgrade price plus you get the free copy to share.

rusticdog wrote:For what it's worth the License policy has just been changed to two installs

Doesn't change the fact that I will have to pay twice for the same piece of software and that I have to keep paying double year on year. Make it a per-user license and I'll stay. I've never objected to $10 per year, just to having to pay multiple times when I'm the only user.

Right now, the plan is to see what happens by the end of August and, if nothing has changed, to uninstall and walk away.

Most of the spam I get is easily identified from the subject matter, so is easily removed. I don't need complex analysis of my email. I like MailWasher because it allows me to screen my email. It's ability to detect spam is a bonus for me. Ver 6 will do me fine until I can get around to writing something to retrieve email headers.

rusticdog wrote:For what it's worth the License policy has just been changed to two installs

I wish the developer good luck with the new version and I value the benefits I have received. But I will stick with version 6 until it no longer functions; unless/until the new license policy changes, when I will happily cough up the $10 again.

Hi all,

Firstly, please forgive me if something I write causes offence to anyone. I have a dry sense of humour and humour (in general) does not always do well cross culturally. I respect alternate views, especially when argued well and are not 'personal'. And I accept lots of people might have valid reasons for disagreeing with my own views.

Such is life.

BTW - I am not associated in any way with Firetrust nor anyone from Firetrust: just a happy customer.

@ michaelkenward" - I missed the newsletter (must have done something wrong) But if I understand your correctly, you are NOT annoyed about the fee per se, but annoyed (too strong?) about how the pricing model was announced. I'll use the term 'deceptive' - you didn't - an annual fee to continue using the upgraded (way excellent) product which stops working if the fee isn't paid. You cited an example of AV (anti-virus) software as an example where, if you don't pay the annual subscription fee then you can still use it but can't update virus / bug definitions. There are plenty of other examples (diminishing every year) eg: MS Office.

The internet is becoming an increasingly high risk environment every day. I barely touched on this in my original post - if I get motivated I might go into this issue in a lot more detail because: (a) most people don't have a clue about such things; (b) lots of people mistakenly believe there is little that they can do to minimise their personal risk exposure; (c) a lot of people think the problem is overstated; and (d) lots of people don't care.

My personal opinion about how the pricing model was announced is to give Firetrust a bit of credit. I'd bet my left testicle that there was no intention (ever) to deceive loyal paying customers. We both agree the fee is not the issue - I'd call it trivial, others might be less inclined to do so. Maybe Firetrust might have made the pricing model more clear but respectfully, I would much rather the company were bleeding edge competent developers than journalists or spin doctors.

Your example about AV software is one I had hoped someone might make. Just because you can use an out of date AV program doesn't mean you are safe - the reverse is true: you are increasingly at greater risk for each week you continue to do so. Crooks love it when people don't update their AV definitions (even those with current subscriptions) because their chances of succeeding grow higher the longer AV definitions are out of date. We have to work hard to stop them ALL the time - they need to be successful just once. Heaps of people still use old (sometimes very old) versions of MS Office - often because the cost of upgrading lots of copies is considered too high. I concede some don't because later versions have steep learning curves. But crooks count on people using old versions so they can use them to infect systems - and it's as common as dirt.

Firetrust (any commercial software development company) have an absolute right to change their pricing model to mazimise profits. Developing software is nothing like building a house or plumbing. It takes years of study and experience just to get to the point where you can commence the research into what crooks are doing - and that is before a single line of code is written. Because this is security product, it also has to be written to resist efforts by crooks to tamper with it - and that is no small task. We have all grown used to software product development cycles of about 12 months. What most don't know is that there is a product development cycle which is really a loop (feedback) - continuous development with periodic releases. Also, someone has to research and back-engineer the crooks code and methods. This is no small task and requires a whole other level of skill.

Firetrust COULD have chosen to let customers use the upgraded product past the paid subscription date - but only if by doing so, the product functioned properly. From the little that I can tell, it appears to have been rewritten from the ground up. I doubt it works like the old version. But suppose they did let this happen. I suspect it might give their loyal customers a completely false sense of security because it would not have the very latest means of spam detection / cure. All it takes to kill a product's reputation is for a few people to get badly burned - and it could cripple the company into bankruptcy.

IMHO, their decision is the ONLY responsible one to take.

I have no idea how useful the old version of MWP will be if someone doesn't pay the FirstAlert! fee ... kinda doubt it will be anywhere near as useful. A techo from Firetrust might be able to help clear this up for us??? (hint hint)

@ sabarnett - I'm sorry but I don't understand your point about paying multiple upgrade fees for multiple copies of MWP. That's normal practice so far as I'm aware.
HOWEVER, Firetrust might do well to consider altering their pricing model to allow multiple licence purchases in much the same way that Symantec does with Norton Internet Security. For a bit more, I can legally install NIS 2010 on 3 different machines. But I buy a new box set each year (3 licences) because it is loads cheaper than upgrading online. I suspect mutiple licence purchases (with discounts) would be popular among customers and might increase the legal user base.

Any comments RusticDog?

@ Digital Drummer - to upgrade or not? If I understand you correctly, your concerns resolve to the effort (time cost) of shifting from the old to the new version. That is a legitimate concern worth a response from Firetrust. I'm not qualified to comment about what might be involved in the process or even if it's possible or desirable given the differences between versions. All I can say is that this upgrade is excellent (always a work in progress) and IMHO, far superior to it's replacement.

If it's technically possible (and safe) would Firetrust consider releasing a migration tool for free or a small fee? RusticDog??

sabarnett wrote:..... snip ...

Right now, the plan is to see what happens by the end of August and, if nothing has changed, to uninstall and walk away.

Most of the spam I get is easily identified from the subject matter, so is easily removed. I don't need complex analysis of my email. [my emphasis] I like MailWasher because it allows me to screen my email. It's ability to detect spam is a bonus for me. Ver 6 will do me fine until I can get around to writing something to retrieve email headers.

Sorry Sabarnett but your comments about spam are really dead wrong. I'm a scambaiter at 419EATER. Lots of victims get emails from people they know because scammers hijacked their accounts. Criminals do this to lower the target's resistance - and because it works a treat. These dodgy emails pass casual inspection and many pass inspection by those who can interpret headers (which are becoming increasingly less useful). By the time you get the fraud-mail into your inbox, the damage is done - too late - and you might never ever know. If anyone is interested, I can post links to sites that do accurate header analysis - so long as everyone realises many free email accounts (GMAIL) for example, won't give you the correct sender's IP and header spoofing is less of an issue when you get mail from the hijacked account of a friend.

I have some skill at detecting scammer mail (the really really nasty ones) and I assure you that it's not always easy to pick the truly nasty emails even when I use loads of tools to analyse them. Crooks keep evolving and it's a chore trying to keep up.

MWP is the single best security tool (used in conjunction with B9 - Benign) for email security and you don't need to be a rocket scientist to use it. I will not download any mail without MWP / B9 because I am aware of the risks and know from sad experience about the time cost involved in correcting damage.

End Rant.

Mike

mcullet wrote:@ sabarnett - I'm sorry but I don't understand your point about paying multiple upgrade fees for multiple copies of MWP. That's normal practice so far as I'm aware.

I actually have three licenses for mwp6 that I use. I don't pay for multiple upgrades EVERY YEAR. As a "loyal" user, I felt it was right to pay for the licenses I use (as I do for everything else I run). If I remember righty, I wasn't required to buy these licenses. It was on a per-user basis, not, as now, a per-machine.

mcullet wrote:Sorry Sabarnett but your comments about spam are really dead wrong. I'm a scambaiter at...

Actually, I am dead right about MY circumstances. I get vey little spam. Most of it seems to be mopped up by my ISP and what little I get coming through is very easily identified. I know who I am expecting email from and the kind of email they are going to send me. I won't open attachments that I an not expecting and won't download email that is in any way suspicious. I agree that there is a lot of dangerous stuff out there, which is why I run tools such as Norton (up to date!), MWP and B9. It's why I also do regular scans of my PC with Norton rather than assuming it's blocking everything so I must be Ok.

Personally, I don't need FirstAlert, which is why I never subscribed to it before. My reading of this situation is that I am now being forced to subscribe via the back door.

Steve

I have just taken another look at the overview promoting the new mailwasher and I can't see anywhere where it says the program will stop working after one year and the obvious assumption is it won't because the old version didn't. If it is such good value for money then why not be up front about the true cost. Even at the point of sale there is no mention of the words "annual subsription".

I'll ask The Big Cheese to make amendments as he feels appropriate.

sabarnett wrote:.... snip ...

mcullet wrote:Sorry Sabarnett but your comments about spam are really dead wrong. I'm a scambaiter at...

Actually, I am dead right about MY circumstances. I get vey little spam. Most of it seems to be mopped up by my ISP and what little I get coming through is very easily identified. I know who I am expecting email from and the kind of email they are going to send me. I won't open attachments that I an not expecting and won't download email that is in any way suspicious. I agree that there is a lot of dangerous stuff out there, which is why I run tools such as Norton (up to date!), MWP and B9. It's why I also do regular scans of my PC with Norton rather than assuming it's blocking everything so I must be Ok.

Personally, I don't need FirstAlert, which is why I never subscribed to it before. My reading of this situation is that I am now being forced to subscribe via the back door.

Steve

Hi Steve,

I *think* I understand the point you were trying to make about your circumstances. And kudos if your ISP kills off most spam before your mail gets to you - that's great to hear.

Maybe I could have chosen my words more carefully than "... really dead wrong." I'll mull it over. But I meant no disrespect to you in any way. That said, everyone is free to determine how best to manage their risks - and at the end of the day, we are talking about risk management. The term 'spam' often means different things to different people - generally speaking, it refers to unwanted / unrequested emails. They come in lots of forms that most of us might be familiar with - "Nigerian Gold", "Dying Widow" ... through to the ever popular penis enlargement (my personal favourite). I respect the fact that you believe you have taken reasonable and sufficient steps to protect yourself and it is not for me to pass judgment about anything you (or anyone) does.

However, novices read forums like this one and to a large degree this is why I try to be cautious and explain myself. And while you may feel perfectly happy and safe with your system of security, I respectfully believe it is unsafe and unsound for general consumption. It is quite incorrect and not safe advice for novices (or anyone). Although I concede you are very happy and your approach works for you. Novices / and experts need evidence based best practice and sound advice. I won't pretend to agree with something I know to be wrong (based on years of experience - including going head to head with real scammer criminals). And I cannot support practices that expose people (especially novices) to high risks of harm. It's wrong. Sorry mate.

If anyone is interested in the subject then perhaps you might like to read the Exeter University Study (commissioned by the UK Office of Fair Trading): "The psychology of scams: Provoking and committing errors of judgement (sic)" (I've read it [200 pages] - and a few others to better understand the problem and be a better 'baiter'). The Executive Summary is not all that long and relatively easy to digest.

Exeter Report 2009 - Executive Summary 1.8 wrote:Another counter-intuitive finding is that scam victims often have better than average background knowledge in the area of the scam content. For example, it seems that people with experience of playing legitimate prize draws and lotteries are more likely to fall for a scam in this area than people with less knowledge and experience in this field. This also applies to those with some knowledge of investments. Such knowledge can increase rather than decrease the risk of becoming a victim.

The authors go on to say that anyone, given the right circumstances, will be a victim of internet fraud.

No single product or suite of products offers perfect protection from ourselves. We (me, you - anyone) are the weak link in the security issue. From what you disclosed, you have far higher awareness and security than most - kudos. My system is like 'Fort Knox' ... and yet one of my kids happily turned lots of stuff off so they could get a download from someone they just met on Facebook. Sigh.

We have a difference of opinion - it happens. I truly hope you continue to remain safe.

MWP is not perfect and does not claim to be so. There are technical reasons (explained on the Firetrust site) that limit it's ability to access certain web-based mail systems (like Yahoo etc). But one of it's greatest strengths is that dodgy emails are killed on the mail server at the user's ISP. In practice, this means your AV system has less work to do ... My point is that MWP, B9, Norton (insert any AV product) and hardware firewall - all have vital roles to play and even though there is some cross-overs in terms of function, none can replace any of the others.

Cheers all.

Mike - end of rant and I do mean end

mcullet wrote:But I meant no disrespect to you in any way.

None taken.

mcullet wrote:The term 'spam' often means different things to different people - generally speaking, it refers to unwanted / unrequested emails. They come in lots of forms that most of us might be familiar with - "Nigerian Gold", "Dying Widow" ... through to the ever popular penis enlargement (my personal favourite). I respect the fact that you believe you have taken reasonable and sufficient steps to protect yourself and it is not for me to pass judgment about anything you (or anyone) does.

If I took up all the offers, I wouldn't be able to sit down. Spam is anything I didn't ask for from people I don't know. Mine tends to be banks that I don't bank with telling me my non-existant account will be suspended unless I enter my life story. That's the negative side. I also get a lot of invites to IT seminars that I don't want to attend but am sent beause I subscribe to Computer Weekly. Not strictly spam, but unwanted none the less.

It's this kind of stuff that MWP is excellent at managing for me. I get to preview the first few lines of the message and delete it without it ever seeing my machine if I don't want it. Big tick in the box for MWP.

mcullet wrote:I respectfully believe it is unsafe and unsound for general consumption.

I'm not trying to be a security guru for anyone except me and the dozen or so people I try to help out. 10 years as IT manager for a company where my directors are "users" of computers and have no interest in security means that I have been able to put in place a simple set of tools (including MWP) and a set of simple rules. They follow the rules, they don't get infected. My rules work for the people I support. They might not work anywhere else. I'm not actively promoting my rules in these forums or anywhere else.

I'm unsure what you find so unsafe about my procedures (not all of which is mentioned here - that would be a stupid thing to do).

mcullet wrote: and yet one of my kids happily turned lots of stuff off so they could get a download from someone they just met on Facebook. Sigh.

My biggest security hole if 'the mother' Strange how age doesn't make some people wiser!

mcullet wrote:We have a difference of opinion - it happens. I truly hope you continue to remain safe.

I don't think we're that different. I'm not sure what it is you do that is any more effective than what I do. I'm obviously missing something in these posts. We both seem to take security seriously and we both take precautions. We just seem to take different precautions.

All the best
Steve