It's something that i have been aware of for years, but a recent Facebook post made by Bitdefender has prompted me to make a post in here for some chat on the matter. I think we all know that our AV products spy on us on some form. But i think it's also a step too far when your AV is actually "Boasting" that it's working with government agencies. AV's are meant to protect your privacy and offer security , when they are in fact acting like "State sponsored policeman" on your computer. Then actually charge you money for spying on you for the state. Talk about conflict of interest ?? I don't agree with the content of either of these sites, what i do disagree with is that we are actually paying to install something that is actually giving us "less" privacy, not more. By doing this and announcing it publicly is also suicidal as most of the replies to their post was that people were actually going to remove their AV. Bitdefender (Feeling Proud) i very much doubt it ...........
If Privacy is a Major Concern There are Other Options "Emsisoft: Quite Possibly The Most Privacy Conscious Anti-Malware Around..." http://blog.emsisoft.com/2014/06/17...e-most-privacy-conscious-anti-malware-around/
So I wonder just how they helped. Their press release[0] doesn't offer any more specifics. I wonder whether anyone was dumb enough to run Bitdefender on a machine associated with those darknet markets. 0) https://www.bitdefender.com/news/bi...-in-takedown-of-global-dark-markets-3347.html
This is the second time today I read that a security software product took another route to shout to the public about its bad self. I don't know what the "average" Facebook reader's characteristics are but it is likely the Bitdefender poster was talking to that one. More gullible, not as security-savvy, more easily impressed, combined with a shot of Bitdefender advertising.
It's hard to tell how they helped agencies - with data or just expertise with no data of their own included.
Bitdefender's bragging about this may be a misguided marketing ploy vs Kaspersky, e.g., "Hey Y'all. The FBI and The US Dept. of Justice trusts us -- not like those other guys."
@hawki , yes there are alternatives but sadly every one has a price and can be bought ..... or if that does not work they pass some sort of legislation to enforce the data is handed over @Minimalist probably from their 500 million userbase they tout on their home page And why Kaspersky has been targeted in the west. It's all fine if you are handing your data back to your own state, just not another state.
IMHO Emsisoft can not be bought. Emsisoft is a collaboration of 40 dedicated professionals scattered around the world, connected electronically, who justly take pride in their work. It's personal for them. Emsisoft does not store any type of user data that would be of interest to LEOs. There is little, if anything, to subpoena.
I'm not into "Tin Foil Hat" stuff , but there is a pattern here. 1. Fear the world with WannaCry, by worldwide media coverage. 2. More people install AV Products from plenty of different vendors 3. Within weeks , sites start getting "Found & Shutdown" 4. Make of it "As you will"
I don't think it's "tinfoil hat" material at all! It's disturbing. It's another piece of evidence that your trusty, and highly touted antivirus that you paid good money for has the potentially narc-worthy capability of collecting and using your browser actions, and then bragging about it on social media for its benefit. Yuck! I see that now too, that article was very vague as to what Bitdefender's contribution was. The telemetry from the browser extension? Or is there some legal constraint given the nature of the take-down? Who knows.
@plat1098 Also highlights that agencies like the NSA/GCHQ need AV vendors help, regardless of what level that may be at.
It's not likely "how they helped" will ever be intentionally disclosed. Would be a tip-off on proprietary information that could possibly result in methods to defeat it. So now: Kaspersky works with The FSB to capture crooks Bitdefender works with The FBI to capture crooks So will Russia ban Bitdefender because of its association with The FBI as The US has, in effect, banned Federal Government use of Kaspersky because of it's feared "association" with The FSB
@4L3X hawki does not say that your concerns about Bitdefender are unfounded or unreasonable. Frankly speaking, hawki believes that Bitdefender has unwittingly shot itself in the foot in the home consumer market by its publicly bragging about this. (But perhaps Bitdefender has done so to make a play for whatever US Federal Government market share that Kaspersky has now been locked out of.) Rather, hawki is merely suggesting that there may be safer options for your choice of a security solution. Even if not perfect -- definitely safer.
Well, just who the bloody hell is Bitdefender, that the FBI would need their technical expertise to take down a darknet market? Are they such awesome experts on Tor etc? I doubt it. What they have, it seems pretty clear, is lots of information about their users: browsing, files, email, etc. And so it's most likely that they pwned someone with admin access to that darknet market. So yes, Bitdefender has admitted that it pwns its users to the FBI. That's pretty funny, in a way. I've long been suspicious about Microsoft, but it was Bitdefender that went and did it
The tinfoil hat stuff is no longer tinfoil hat stuff, it is reality. My personal opinion. It is all about Windows 10. There is something about Windows 10, I think more than just the telemetry we are aware of. I think that was the reason for Microsoft's departure from their usual marketing practices which were more than successful, to persue a policy of forcing it on their customers. Then the NSA is supposedly hacked and their malware which can be used to attack all the computers that didn't upgrade to W10 is released...
@hawki What i have written below is a bit off topic, but how the online security and privacy world is getting smellier by the day Security has been something that i have been watching and actively taking part in since the early 90's. Things have changed a lot in that time in regards to users privacy. If you look at the latest charts on AV-Comparatives (Real World Protection Chart), i think there is a lot more info that's missing from that report other than "Viruses Blocked". I know that userbase will play a massive part in finding samples, but i also feel that companies who are scoring badly/worse are the ones that are less likely to be getting their info from outside/sinister sources. There's obviously a 2 way street of communication somewhere along the lines. If any vendor can detect a ridiculously high percentage of threats on a closed(on the spot) and supposedly non biased test then there must be a reason for that. 1, They have users with bad online habits, and using telemetry to get their signatures/detection 2, Userbase 3, They are privileged to external information 4, (Old Theory and not one of mine) AV Vendors are coding malware themselves that bypass other vendors On top of that, you then need to factor in "Chance". The chances of any "Average" web user landing on 400 malware samples per month over a 5 month period totaling 1955 samples is impossible. Even for your most "Dodgy" of web users wont achieve that. Security is now being sold for silly amounts of money worldwide, only to be found guilty or "feeling proud" of "handing" your privacy away. To be handing away your privacy must come with some incentive, be it financially or privileged to information for detection routines/methods.
So Bitdefender sells out its customer base and only loses maybe 200 sales of BitDefender Total Security to savy followers of Security Forums who would otherwise have bought it.
Just a matter of time before the first corporate tech generation reaches retirement age and some of them start spilling the beans about the real origins of the virus and malware that have plagued windows users for the past 2 decades.
I take it that discerning users (as we imagine ourselves to be) - will be well advised to consider that it's in fact better to purchase and use AV products that are in some sense "owned" by Big Powers who are unfriendly to our local jurisdiction. The logic being that our local jurisdictions appear to be unconstitutionally bent on mass surveillance of their own citizens and are able to put one in jail under specious laws and false positives, whereas (say), the FSB are not, and are unlikely to be interested in your data unless you work for the government or a utility company(!) - nor are they able to lock you up. I'm considering the proposition that the bad-press push against Kapersky may in fact be because some jurisdictions can't strong-arm them. Open source client AV is weak, so that leaves a gap in terms of how to scan files which are "incoming" to your local systems. Does anyone have experience of HAVP on pfSense? In any case, I'm intending to abandon AV on the client altogether as part of a partitioning on a set of VMs, where internet facing VMs have no access to my real data.
Well, it was said the right way the first time: Antivirus is in the very best position possible to collect this kind of information, just shut up about it. I see the FBI also has a Facebook page but I don't see any "wow, I just love me" stuff on there. Some things are much better left unsaid. I'm sure EULAs have some kind of vaguely worded provision for telemetry but who reads them?-- and most of us cling to our security software more than ever. I agree, that was a dumb move, but it probably won't affect Bitdefender the way some of us really want it to. Grrrrrr. What will surface next? The end of net-neutrality is a very, very bad thing.
Yes, though sometimes these people are brainwashed into thinking they are doing Good Things (to avoid cognitive dissonance). Reading some govt information that has been unsealed after the specified time (absurdly long) often makes tawdry reading, and there's no indication that behaviors have improved, the opposite really. Agree with your assessment of W10, and it's certainly cemented my relegation of that OS strictly to VMs which are isolated in suitable ways from everything else. Of course that leaves dedicated gaming machines, but they're also relegated to the untrusted category on my internal networks.
