Skip to main content

⚠️ Please note that this topic or post has been archived. The information contained here may no longer be accurate or up-to-date. ⚠️

Resource Hup does not work since edge is forced on us

Comments

7 comments

  • Propheticus

    Capture One does not use a full (Edge) browser, it uses Webview2. It's the Chromium based (Edge) web engine packaged as a runtime that app developers can use to embed web content in their applications.

    Webview2 is included with Windows 11 and has to be separately installed on Windows 7,8 or 10. This happens during C1 installation.

    The connections to MS you see could very well be the baked in update feature, they call this "evergreen distribution"; always kept up to date with the latest features and security patches. Depending on your OS settings it can also be telemetry.

    In short: the resource hub is using neither Firefox, Edge or Chrome browser, it's embedded web content using a runtime providing the (Edge) Chromium web engine. Capture One being a .NET application it makes perfect sense to use Edge Web View for this purpose.

    That said. What personal data are you afraid of leaking via the Resource Hub? Clicking on any of the tutorial links in my case opens a page in my browser of choice (Firefox at the moment) and I don't enter / see any privacy sensitive data in the Hub. It's only content pushed from Capture One's side.

    Microsoft considers Webview2 to be an OS component and telemetry preferences can be changed in the Windows Diagnostic Setting.

    0
  • Keith R
    Top Commenter

    The Hub is working fine for me here, using Opera.

    0
  • Alexander Herzig

    Keith R: Thank you for the hint. I will try it.

    Alexander

    0
  • Alexander Herzig
     
    Propheticus : Yes I can use any Browser for the help link but not for resource hub and also not for the shop link in the help menu in C1 when the Defender prevents the access of the Microsoft Servers. It seems Microsoft Edge webengin2 must have the Microsoft Servers to function. And perhaps the web engin get managed from there or is partly there. I have allowed all Webview2 executable s in the C1 program folder and in the Win10 system folders in the Win10 Defender. What else have I to allow outgoing? In Wireshark I can see what Microsoft Servers at the start of the resource hub are called. But I don't know exact which library or program call it.
    Is there no web engin that not "call home" during the start and stop of C1? That's not just to check for updates. Updates could be done with Windows Update on other times as the start of C1.
    You asked me "What personal data are you afraid of leaking" I will explain it with an example: It is like someone mount a camera over my desk and after a year he says:" Oh look! Mr. x from y town always work from 20:00 to 22:00 in his home on address z. During the day he seems to be away. But not this week. This week he use C1 from 8:00 to 10:00. It seems he has free this week." And this is not all. Since I can be exactly identified with the Hardware ID and the UserID of the OS this can be combined with the data that are collected anywhere in the Internet to analyses and classify me. Then the data can be sold and follow me for the next 20 years in the internet and elsewhere. Has this to be so? Big Tech company's do this all the time. But a decent company does this not. I understand that C1 want to communicate with there users, but third party company's (Microsoft) should not have the opportunity to collect data from C1 users.

    Alexander

    0
  • Propheticus

    You've apparently chosen a very strict (manual) whitelisting approach and by default block every outgoing connection (?)
    By default Defender / Windows firewall does not block outgoing connections. If you decide to change to a very strict block all + explicit allow rules setup, you can expect some things to break and work to be done on your end to find out what needs to be opened.

    Looking at my PC I see the resource hub starts "P1.WebView.exe" (from Capture one installation folder) which in turn starts several instances of "msedgewebview2.exe" (from C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52) with connections to Amazon AWS, Cloudfront, Akamai; cloud services and content delivery networks.  This is as far as I'm going.

    Again, data collection is governed on OS level since the WebView2 runtime is seen as an OS component.
    You can configure this via the Windows diagnostic settings. This is a Microsoft/Windows issue and not so much a Capture One issue. "Developer currently has no control over this, similar to the Windows APIs you use."

    0
  • Propheticus

    It is a runtime. Like Java, .NET, Visual C++, etc. These are either already installed by Windows update or get installed as pre-requisite when you install an application that needs them. All without your permission (or knowledge).
    I really don't get all the fuss...and if you don't need the resource hub, indeed you're free to uninstall it.
    However, that does not save you much space and still leaves Edge itself installed; almost all of the WebView2 files are hard-links to the already present Edge Browsers' files. The Edge browser can't be uninstalled from Windows 10/11 unless doing so forcefully and potentially breaking functionality.

    0
  • Alexander Herzig

    Propheticus: Just look in the output of Wireshark then you know why the people are concerned. Not only microsoft servers receive date, google to spies extensively. I have figured out how to allow or disallow the Resource Hub and the unwanted web traffic that goes with the microsoft webwiew2 library. I have done it so: In Windows Defender set the default policy incoming and outgoing to block. Only one rule is necessary in the incoming section. Allow udp 53 for DNS resolve. In the outgoing section allow also udp 53. For C1 the C1 exe in the c: programs folder. For the Recource Hub the webview exe in the C1 folder and in the Windows System folder. Also allow the web browser exe in the programs folder. For Windwos update allow in the outgoing section   %SystemRoot%\System32\svchost.exe.

    The path for webviw2 is %ProgramFiles% (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe (the programm version can differ in your system) and in the C1 folder:%ProgramFiles%\Capture One\Capture One 22\P1.WebView.exe.

    By the way: Do you know why google analytics gets date when I log in on the capture one forum or user account here? Why has google to know when I log in here?

    In Defender it is easy to enable or disable the rules. So you can switch it on or off like you want.

    Greetings Alexander

    0

Please sign in to leave a comment.