Begin a recording session, open ES File Explorer, attempt to log in to Dropbox using a dummy account, not your own.
Go immediately back to Network Connection and explore where ES went.
Last I checked, that password - in fact the entire login screen - was a product of the ES Chinese servers.
Stop recording, add ES to your firewall blacklist.
This is great info and I appreciate earlymon for sharing it. If they present a login screen that looks like Dropbox but really comes from China, that is a real smoking gun. And showing us how to check it is like teaching us to fish rather than just giving us a single fish.
I have zero doubt about the veracity of earlymon’s account. I did try to recreate it while screen recording since I thought it would be cool to have hard evidence.
The result was unsuccessful as shown screen recording here:
0:03 - I highlight the time as 11:20 (so we can check it when we view the logs)
0:06 – I start recording in Network Connections
0:12 – I show ES File Explorer Privacy Policy
0:19 – I attempt to connect dropbox using madeup email and password
0:51 – Unscuccsful Login
1:06 – Pull downward on list to refresh list of connections in Network connections. There are four connections for ES File Explorer after the video started. I tap on them them one at a time to show the associated websites:
Google
Dropbox
Google
Amazon
I can think of at least two explanations why my results don't match earlymon's
1 – Maybe I did something wrong? It's been known to happen.
2 – Maybe ES File Explorer people are smart enough to watch the internet dialogue and respond to cover their tracks. Perhaps ES File explorer now checks to see if there is a security app or process running that might detect it’s activities and does things properly when it thinks someone is watching. Since probably no more than 5% of the people have such apps/process running they can still do what they want for the other 95%.
What do you guys think?
Possibly unrelated subject. I was doing routine moving files around with ES File Explorer on 3/30/15 when ES File Explorer popped up asking for ROOT access. I immediately pressed DENY. I didn’t get a screenshot of their request but I captured the ES File Explorer message where they seemed to be “explaining” why they would need root access (attached) as well as screenshot of su log. The screenshot shows their silly explanation
"Your system forbis ES from writing on external SD card (check https//code.google.....) so ES can only write on it after rooted". I realize sd card permissions are tricky depending on os version (I have 4.4.4 with some xposed tweaks that may affect sd card btw) but this seems out in left field. I have done all kinds of moving files around in ES since and successfuly moved back and forth between internal and external storage without any further error messages. It’s fishy to me… as if they were trying to trick me into granting root access by intermittently showing an error message. At least I did capture the error message on screenshot though.
