Shady practices of free download servers

Shady practices of free download servers:

https://blog.avast.com/2013/07/09/shady-practices-of-free-download-servers/

 

Good read thanks for the share.

 

It's a bit ironic coming from Avast. While I like Avast, you have to be careful during the setup process if you don't want Chrome installed along with it.

 

not only that, the Avast "Free" edition actually compiles profiling data on you last i heard.

 

What?

 

You heard wrong.

 

eh not as reputable as i had recalled but.....

http://www.rationallyparanoid.com/articles/avast-windows.html



i dont trust this free stuff anymore. once they get a large enough userbase on their free products it makes economic sense for them to spy on the users.

btw i see in one of the forum posts over there they claim Avast has 180 million users, so what is that maybe 30 million pay and 150 million free users(just guessing) thats a lot of data being collected and even if its only worth 1 cent/year per user or 10 cents/year per user it gets into the millions of dollars in value. Are they really not selling this data or as has been the case over and over and over again in internet business that these large companies take liberties with the users privacy when there is money to be made and we only find out about it later.

 

I have no problem with Avast collecting that data, as it is being used to increase detection rates.

I don't think you have anything to worry about - they are highly respected security company, not some shady marketing company.

 

i wish that were the case but i don't buy it. i don't trust Comodo either with their stupid twitter and facebook buttons in their last paid ISS version that i used. And both Comodo and Avast kept sending up lots of data - what for? i had disabled all of these upload to the cloud nonsense. If i have an AV or an ISS all i want are definition updates and nothing else.

 

To help them identify new threats.

 

Plus the cloud servers have more infrastructure to detect malware through different methods (like behaviour analyzing). Their rules/signatures are real-time as well.

If all you want are definitions for blacklists, then you'll never be ahead of malware, even with heuristics.

 

We would fail 0day testing if that were actually true. It may not be easy but predictive defs can be created.

 

Sure it'll be not easy with plenty of FP's (and extremely difficult w/o), but I stated malware as a whole, not just the usual related ones. Logically you can't expect blacklists to be anything but catching up overall.

 

Well, even though I am an Avast user, I have issues with their product connecting to their server even when I specifically disallowed it. The only way to stop this behaviour was to configure my firewall to stop it. I just hope it's bad programming, not tracking...

 

You don't quite understand how it works. A definition is not just based on what you have seen, it can also be based on likely mutations to come. Mutations have patterns and you can predict them.

The vast majority of the malware we detect we have never seen before. A good deal of new malware we detect was defined as much as a week ago. There have even been cases where 6 months of mutations were detected by the very first definition.

We are not the only ones either. There are quite a few AVs that are good at predictive definitions, they stand out in 0hour testing. At 0hour when VT shows less than 10 hits the group of AVs that does hit is relatively static. There is a reason for this.

The notion of an effective static definition is dead, I will give you that. That was the reason adaptive signatures were created.

 

And that's why I said overall. You can't predict something that will be created by someone else with 100% accuracy. In the case of malware, I doubt it's anywhere near that percentage over a good period of time, unless we stop caring about FP's altogether and try every PUP rule possible.

 

yeah, but they don't have my permission for that. i used paid Avast ISS about a year and half ago and it was the same thing, all this stuff being uploaded. they don't understand the word "no" apparently and just like the gov't we're supposed to "trust them"? well i don't. i've been burned enough times before and i see how little regard is given to people's privacy on the internet. if there's a nickel to be made they'll post your email address, your street address, your Cell Phone number, your SSI, whatever they want - to say nothing of just your browsing profile. and there seems to be plenty of money to be made on all of this tracking data because acc to Ghostery there are over 600 diff companies involved in it.

 

I really do not believe that one of leading antivirus companies would sell personal information.

 

i do. and it might happen with limited, less-indentifiable data at first (whatever they can get away with) and they sell to some unknown company that later conveniently happens to get bought by google, etc.

if there are currently over 600 different companies in the business of tracking and profiling people on the internet, what do you think is going to happen? the larger companies will buy the smaller ones until there are maybe 10 huge companies left and all that data will be consolidated.

 

first snoop3 if you fully read the tos you would know that technically they do have the permissions (normally) to do this. most people just click i accept without actually reading the whole thing in its entirety. so if you install it (again normally this is included right in the tos you click accept to during the install) they may very well have the permission to do so unless you opt out of that inside the program. like during the install of eset you can opt out of the community part and then it will not send data. this is true for only some. many av's if you install them you have no option to opt out of this type of data collection.

second as far as the free servers, yes if you are not familiar with them you can easily get a lot of junk. i know people who use them though ALL the time and they know where to click to avoid the extra fake downloads etc, im not saying i support the use of them but if you are careful in their use you can avoid having issues. for the novice though they can be a total nightmare.

 

The danger of downloading free software.

 

All cloud Antivirus need to upload executable behavior to the cloud. It really does help to detect / discover a lot of new threats.

 

It's very easy to mislead users into downloading other software instead of the wanted ones. Nasty tricks!

 

KMPlayer downloaded from Download.com or "Softonic.com" will flag a PUA. Link obfuscated: -http://www.kmpmedia.net/-

 

Those are quite obvious downloaders bundled with crapware CNET implemented a while ago and Softonic had for as long as I remember.