1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How do I know I can trust a tool with my password?

Discussion in 'Black Hat SEO Tools' started by sgaubhag, May 23, 2013.

  1. sgaubhag

    sgaubhag Newbie

    Joined:
    May 16, 2013
    Messages:
    1
    Likes Received:
    0
    Sorry if this is a newbie question, but I searched the forum and couldn't find an answer.

    I'm thinking about purchasing a tool like Tweet Demon. Once I put an account name and password into the tool, how can I be sure that the creator of the tool won't steal my account?

    It seems like a pretty easy thing to do to silently "backup" users accounts and passwords to a central server, and if Twitter/Instagram/etc find a way to shut down the tool, having access to a number of very valuable accounts seems like an tempting way to make some extra money. Since no one even knows who the creators of some of these tools are, it doesn't even seem like some creators have any "reputation" to protect.
     
  2. mrblackjack

    mrblackjack Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 6, 2011
    Messages:
    960
    Likes Received:
    553
    Occupation:
    I live alone, I work alone, I make money alone
    Location:
    G00gle LaNd
    You should ask the same question regarding hosting companies. How can you be positive that they wont steal your website leads, emails DB, ideas, bla bla assuming you have a super earning website ?

    The answer is: You can't really tell. This is why you should look first for recommendations, testimonials, ask around etc. same as with purchasing any product, even offline.
     
  3. john1444

    john1444 Elite Member

    Joined:
    Mar 27, 2012
    Messages:
    2,559
    Likes Received:
    755
    Gender:
    Male
    Occupation:
    Marketer
    Location:
    Miami, FL
    Home Page:
    Check for positive reviews and referrals. If others enjoy using the tool then it's possibly very good and reliable. You can also monitor from your ends from time to time, if you notice any weird change investigate and act quickly.
     
  4. lancis

    lancis Elite Member

    Joined:
    Jul 31, 2010
    Messages:
    1,632
    Likes Received:
    2,384
    Occupation:
    Entrepreneur
    Location:
    Milky Way
    Home Page:
    In this world its best not to trust anyone, just change the password once you are done with the tool.
     
  5. innozemec

    innozemec Jr. VIP Jr. VIP

    Joined:
    Aug 19, 2011
    Messages:
    5,290
    Likes Received:
    1,799
    Location:
    www.Indexification.com
    Home Page:
    How can you be sure that Microsoft is not stealing all your data by using Windows as an OS? You can't..

    Just use tools from established and reputable companies! Also try to avoid cracked stuff as most times it is infected
     
  6. FuryKyle

    FuryKyle Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 19, 2010
    Messages:
    2,401
    Likes Received:
    1,369
    Are you referring to social media tools? You NEVER EVER use your real\personal account on those tools. Most accounts used on those tools are created by bots. Also, check if the developer(s) is legit and has a good standing reputation. Most of the time the money they earn from the software is a deterrent enough to prevent such small hacking activities from occurring.
     
  7. CodingAndStuff

    CodingAndStuff Regular Member

    Joined:
    May 6, 2012
    Messages:
    236
    Likes Received:
    84
    Occupation:
    Swagstronaut
    Location:
    You can't have my bots. Sorry :'(
    Aside from the obvious responses in this thread that lean more towards the developer/their reputation, I'd say you're much better off looking at the code itself.

    I've noticed most people on this site whip up quick little apps using .NET, which means you can usually just decompile the binary and view the raw source code (or the interpreted bytecode). Sometimes they obfuscate the source before deployment, but a little debugging goes a long way.

    What I'd personally do in your situation is purchase the application, debug/analyze it, and run a packet sniffing tool like Wireshark to capture and log all outgoing requests said application makes.