is coco z logging ur data?

no its not lol

the HWID is also hashed with sha512, so we cant reverse it

and the anti http debugger was so that people cant reverse the key sys

only thing coco is logging is an HWID made from different things that make it unique, then hashed using sha512

we dont just use b64

the only wrong thing coco did was to not have a privacy policy :( but it will have one soon

other than that this thread is very misleading

Speaking literally, any software that is not open source cannot be confirmed as safe without extensive reverse engineering.

The thread is misleading, but at the same time, it does raise some concerns, such as the reason why the PC's HWID is being logged, or what form it is sent and stored in. The only acceptable variant would be if it was hashed locally, and even then I have to disagree with Wabz's assurance that it cannot be reversed, as something as trivial as an HWID can be reversed quite easily using a specific brute-force attack to make a hashed HWID rainbow table (although this heavily relies on what actual information is being hashed, this is only effective for when the information that goes into the HWID hash is common, such as a combination of processor, memory, motherboard, graphics processor). HWID is not a secure form of authentication, so I'm not sure why that's being used in the first place.

Coco Z developers should definitely have at least a basic privacy policy regarding to what data is being sent to their servers, how it is stored and attributed, and perhaps a way to remotely erase that information in compliance with GDPR.

(serious talk, so i'm wabz)

@Texas You are right about the fact that you can't trust any closed source software without reverse engineering it. The problem is that Coco Z relies on security by obscurity at the moment, so we can't reveal too much about how it works (i hope that wasn't the case). The HWID is generated using a custom function, so to be able to reverse it using a rainbow table, you would need to know how the HWID is generated (which we can't reveal due to fears that HWID could be spoofed if we ever decide to add a blacklist). We only use the HWID for the key system, as we want it to be for individual computers, so an HWID is the best way we found to do it, however, if you have better ways of doing it, please DM me about it (Wabz#0001).

You are also right about the fact that we should have added a way to remotely erase that information, and i did that just today (key.cocotechnology.tech/dataremoval), and the privacy policy should be done now.