• AnyStream is having some DRM issues currently, Netflix is not available in HD for the time being.
    Situations like this will always happen with AnyStream: streaming providers are continuously improving their countermeasures while we try to catch up, it's an ongoing cat-and-mouse game. Please be patient and don't flood our support or forum with requests, we are working on it 24/7 to get it resolved. Thank you.

Question Safe to enter Amazon password

J

jgordonwalker

New Member
Thread Starter
Joined
Nov 3, 2023
Messages
4
Likes
0
The trial wants me to log into my Amazon account on a page within your app - what are the security implications of that? Does RedFox see or retain the account details? Does the software have access to make purchases on the account once logged in?
Thanks for any clarification you can offer
 
jgordonwalker said:
Does the software have access to make purchases on the account once logged in?
Click to expand...
You can purchase a movie or season within the app, yes. But it is recommend that you do it in the browser and then open AS after that, only to download your purchase. If you should ever buy something in the browser, then you might need to go back or press F5 in order for AS to detect the unlocked content.

As for the access of AS to your account, it would be a pretty bad thing for their image if they would order things for themselves or something like that, don't you think? They make more money selling licenses than it would be worth the risk of getting arrested for fraud.
 
How would you expect to download movies if you don’t log into your account?
 
Thanks for responding. I agree it would be bad for their image, but I don't know anything about their image. I only heard of them today and took a look at the trial. In addition, it's not only deliberate abuse, if they for any reason capture or cache the password and then suffer a security breach then the details are in the hands of third parties. Hence my question about what is stored and what their policy is.
 
RedFox 1 said:
How would you expect to download movies if you don’t log into your account?
Click to expand...
It's logging into the account through the app that raises the concern - my main browser is logged in and authenticated but I appreciate that it may not be able to use the credentials. However, as soon as I'm putting my credentials into a third party I wonder where it is going, or what they have to do behind the scenes to make it work. Does it require them to cache the login details? If so, how are they secured? Locally on my computer or remotely on theirs? I'm a little surprised that they don't address the questions up front.
 
Read all the posts here in the forum, don't you think no one would be using Amazon if it wasn't safe? Either you have some trust, or you don't. We would never steal anything from anyone. Nothing I can say can give you trust in a new program for you.
 
  • Like
Reactions: DQ
jgordonwalker said:
Thanks for responding. I agree it would be bad for their image, but I don't know anything about their image. I only heard of them today and took a look at the trial. In addition, it's not only deliberate abuse, if they for any reason capture or cache the password and then suffer a security breach then the details are in the hands of third parties. Hence my question about what is stored and what their policy is.
Click to expand...

I would suggest you perform some due diligence and come to a conclusion yourself whether you might trust Redfox or not. That is what it comes down to.

They could show you a 30 page policy on security and tell you that your credentials are stored in a magic cloud that is impenetrable. But what if they lie about that?

Many of us have been around here for years. You don't have to trust them but many folks do and have for a long time.
 
jgordonwalker said:
It's logging into the account through the app that raises the concern - my main browser is logged in and authenticated but I appreciate that it may not be able to use the credentials. However, as soon as I'm putting my credentials into a third party I wonder where it is going, or what they have to do behind the scenes to make it work. Does it require them to cache the login details? If so, how are they secured? Locally on my computer or remotely on theirs? I'm a little surprised that they don't address the questions up front.
Click to expand...
Actually AnyStream is like a browser with a big plug-in that redirect some streams of the browser into mp4 file, so I think the passwords and other things are stored locally like any other browser.
 
DQ said:
I would suggest you perform some due diligence and come to a conclusion yourself whether you might trust Redfox or not. That is what it comes down to.

They could show you a 30 page policy on security and tell you that your credentials are stored in a magic cloud that is impenetrable. But what if they lie about that?

Many of us have been around here for years. You don't have to trust them but many folks do and have for a long time.
Click to expand...
The fact that there is no such policy suggests the company either hasn't thought of it (worrying), don't care about it (even more worrying), or is actually acting badly (worst of all). Security doesn't happen by accident and ill-will isn't necessary for portentially valuable personal data to be exposed. As to due diligence, the fact that, when I ask, no-one on the forum seems to have thought about it, or wondered what happens, is also indicative that security is not a priority. The company's domain name is registered in Algeria, the company seems to be based in Belize, apparently to avoid legal oversight, and so I think I will not pursue the application any further.
Thank you so much for taking the time to discuss the question with me.
 
jgordonwalker said:
The fact that there is no such policy suggests the company either hasn't thought of it (worrying), don't care about it (even more worrying), or is actually acting badly (worst of all). Security doesn't happen by accident and ill-will isn't necessary for portentially valuable personal data to be exposed. As to due diligence, the fact that, when I ask, no-one on the forum seems to have thought about it, or wondered what happens, is also indicative that security is not a priority. The company's domain name is registered in Algeria, the company seems to be based in Belize, apparently to avoid legal oversight, and so I think I will not pursue the application any further.
Thank you so much for taking the time to discuss the question with me.
Click to expand...
If you would do a little research you would actually find all the reasons for everything you just stated. The assumption you are the first person asking such things or investigating them is very incorrect. Feel free to think what you wish and by all means, exercise your right not to buy something but you are doing so based on a lack of information and unanswered questions not actual knowledge.
 
I mentioned this before but you can activate 2FA - 2 factor authentication on Amazon for more security.
You can Google the link for that.

Here an outtake.

Code: 
What is Two-Step Verification?
Two-Step Verification is a feature that adds an extra layer of security to your account log-in.

When you try to log in, Two-Step Verification sends you a unique security code. When you sign up for Two-Step Verification, you can choose to receive the security code by text message or authenticator app.

You need to enter both the code and your password to log in.

To enable Two-Step Verification:
In Your Account, select Login & security.
Select Edit beside Two-Step Verification (2SV) Settings.
Select Get Started.
Follow the on-screen instructions
 
To answer your question:
Yes, AnyStream has to cache your credentials in order to not have you log in every time you start the application.
BUT the credentials are saved on your computer in the Registry:
Code: 
Computer\HKEY_CURRENT_USER\Software\RedFox\AnyStream\Media\prime
If you empty the Data-field there, you will have to log in again.

From what I gathered Redfox has no interest in gathering your credentials and I never saw an indication that they did.

Of course the above test does not mean your credentials could not have been copied elsewhere ... but without a bit of trust ... why do you even use the internet?
 
Last edited:
jgordonwalker said:
The trial wants me to log into my Amazon account on a page within your app - what are the security implications of that?
Click to expand...

Hi jgordonwalker!


I had the exact same question when I first tried AnyStream out and it was explained to me it's only needed and used to allow downloading Prime videos.

I've been using the app probably close to 3 years now and there has been no security issues whatever for me.

I've also never seen any come up on the Forum here, not even a hint of one!


So I would say it's safe.




T
 
You must log in or register to reply here.
Back
Top