How do the latest revelations about US gov spying affect your choice of AV ?

No offense meant. I believe concerning all countries the government are not the people.

But I do count my blessings I wake up in the US everyday.

And might you've meant opposed instead of exposed?

 

Is that based on negative experiences living in other countries or because of American exceptionalism? I'm not trying to provoke anything, but I hear this from fellow Americans all the time who have only lived in America. I wonder how they can be so certain it's better to live in the US.

 

What info are you considering here can not be obtained by the use of another method?

 

That is a good question, but it is difficult to answer precisely without delving into various context specific variables. Just because there is some other method doesn't mean the adversary in question has used or will use that other method. Successful use of the other method may pose additional challenges... technical, legal, monetary, secrecy, practical... which may cause the other method not to be used or to be used only very sparingly.

Privileged software running on an individual's device, a corporate device, or even a not well secured government device... particularly when the device is operating within their private network... is in a unique position to gather information. Including before encryption and/or after decryption. It has the potential to gather information about software usage, URL activity, and various other things that wouldn't be visible to the outside world. Internally developed or privately acquired software, URL activity within a private/corporate network, etc, etc. AFAIK, the NSA (for example) isn't penetrating, searching via warrant, breaking-into, etc the private computers and networks of all individuals, companies, and governments to gain access to information that way.

Even in cases where information is externally exposed, the NSA (for example) may not be gaining access to all of it. I'm inclined to doubt that it is capturing and decrypting all SSL traffic on the Internet. I'm also inclined to doubt that it has access to the logs/records of all Internet servers with which one might communicate or exchange files via SSL. Let alone all the IP Address assignment and other information that could be required in some cases to connect the dots.

I think the NSA (for example) could effectively and efficiently increase its coverage by gaining access to those large companies which receive massive amounts of phoned home information. Cloud AV companies would be one good choice IMO, because there is a case where most users install software that has privileged access... they usually allow it to freely phone home information about software usage, URL activity, etc... and it just hums away in the background with very little if any monitoring by those who are using it. Note that when I say "I think the NSA could..." I'm actually saying "I think the NSA would be trying to...".

Gathering information directly from end user machines and datamining that information isn't only useful to government agencies though. Corporations, of all different sorts, want to do the same thing. Which compounds the threat, and makes it that much more important to try to limit the information that is phoned home from one's devices(s).

 

Yes, certainly not all of the people or even the average.

I meant exposed, because who know what else they're hiding, even the seemingly innocuous ones.

 

Interesting thread. Honestly, I don't know.

TheWindBringeth brought out good points but I can't bring myself to go down that path. If I do, I guess I'd be paranoid. For now, I choose not to bother. I'm already using services which may possibly be more susceptible to having the US gov spying through it. To let this affect my choice of AV (if I were to choose that is) just adds to cognitive burden - so no thanks.