Prevx Home calling home

Hi AShar,

I understand your situation completely. Since I have a choice, I have decided not to let another company monitor my computer and sell the information to third-parties. I am glad I have this choice. But I realize that not anyone has this choice.

If I didn't have the ability to purchase licenses frrom ProcessGuard and RegDefend, I would configure my system like so:

1) KAV 4.5 (hopefully I have the money for one top-notch AV such as KAV 4.5 which also has top-notch AT and AS capibilities).

2) ProcessGuard free to control the execution of programs on my system

3) A2 Personal for background protection

4) Ewido free for on-demand protection

5) Ad-aware, Spybot, SpywareBlaster, SpywareGuard free

6) HijackThis for regular scanning looking for potential problems

7) MS AS as long as it is free and doesn't generate too many FPs

And of course I would be conservative in my browsing as I am now. No P2P, for example.

I would not use Prevx because I feel this is an intrusion in my life, and I would rather not have companies spying on my work. To do so, would not only encourage other companies to do so, it would actually push other companies to do so, because it is a competitive environment and if Company A is getting revenue by spying (e.g. Prevx), the Company B (let's say for example an AT company) would be hard pressed not to do the same thing in order to be able to compete for revenue dollars. No doubt, ZoneAlarm set a precendent which other vendors, very unfortunately, are trying to follow. I really would not want to encourage such trend.

However, I fully respect any person who takes a different perspective and course of action, because people have different opinions on this subject. I am just happy, that forums such as this one and DSLReports exist, so that people such as myself, who have the time and inclination to be informed, can be informed and make informed decisions. I had no idea what Prevx was up to, until another user on DSLReports (who I had recommend Prevx to), detected this behavior and challenged Prevx for it on Prevx's forum. I am a pretty careful and knowledgeable user, and I took Prevx at its word (i.e. only attacks are being reported). From now on, I will be much more careful about even well-known security vendors. Vendors are so hungry for money (actually it is the venture capitalists behind this company) that they are willing to "shade the truth" in order to achieve their goals. What a shame. Bad Karma.

It looks like KAV 6.0 will have excellent Pro-Active protection in its coming releases, so I do not think I will have to compromise my privacy for this added protection. I think most users only need the dollars for one good AV program, such as KAV, and they are actually in excellent shape. So far nothing has gotten past KAV since I swapped out Norton for it, and PG, RegDefend are more than adequate as a back-up line of defense at this point.

Hope this answers you question,
Rich

 

Thanks for that detailed response rich. I have decided that you are right, and will be un-installing Prevx after this reply. As the programme is free I don't want to criticise over much, but I agree that it is a slippery slope. I am pretty sure that the data collected is unlikely to effect me personally, but collectively the data might well get sold to companies I wouldn't approve of. Like you, I would rather pay the license when I can afford it for a programme like PG full who will guard their customer's privacy...a price worth paying.

What clinches it of course is that with full licenses for both McAfee AV and Ewido already, backed up by excellent free products like Processguard Free, Adaware, SS&D and Microsoft AS, I am very well protected in any case. I can always run SS&D Tea Timer to keep an eye on the registry or install WinPatrol. Not as thorough maybe, but not likely to be needed anyway.

Thanks for your input.

EDIT: The clincher for me was the lack of response from anyone at Prevx on their forum to this. After an initial rebuttal, there was no answer to the questions still being posed. Maybe they felt they had said enough but the topic wasn't closed out very effectively IMO. Anyway it is un-installed now.

 

... I'm glad I found this thread ... I posted in what's reputed to be the official Prevx forum at CastleCops, but so far no 'official' prevx response ... I had read all the cautions about prevx free being too 'busy' as it learned your system, but that wasn't an issue for me ... the call-home behavior, however, seems excessive to say the least ... mine was reporting every 15 minutes or so during light use, but they weren't related to any 'events' as their site led me to believe ... and when I finally blocked it with Outpost I recorded 270 attempts in 5 hours, which I felt was absurd ... this pattern of nearly once-a-minute attempts continued all night, even though NO apps were running and there was NO activity on my rig at all ... I realize the 'cost' of some 'free' apps, but since the interface allows for NO settings adjustment and NO user input I felt the only recourse I had was to uninstall ... I see that some people have examined the data being sent and don't see any problem, but the lack of ANY user control at all is troubling to me ... and the link Notok posted was a good read ... I wanted an app that would tell ME what was going on with my rig, not someone else ... sorry if I'm not as trusting as some, but I found this whole circumstance to be unsettling, and I removed Prevx free from my system ... I'm currently using Winpatrol, which doesn't seem to be as feature-rich or thorough as Prevx, but it's MUCH lighter on resources and mercifully mute ...

... I really would have felt better if someone, anyone from Prevx had deigned to reply, but I suppose they had nothing to say ... it does sem odd that they wouldn't give ANY user input into these call-home settings, however - when you consider the alternative for some is to simply block the feature totally, which gives them NO data at all to work with ... a bit foolish, from where I sit ... ...

http://castlecops.com/postt111088.html

 

Did you notice in the castlecops link....That the moderator made no mention
of Prevx selling info to third parties.....kinda swept that part under the rug.

 

I'm using Prevx Home, and for the calling home issue, I just deny internet access to the PXAgent process. So, I don't really see where is the probleme, since you can allow/deny access.

 

... well, let's see, jeremy2 ... you add a program to help you keep your system secure, then you need ANOTHER program to help you protect yourself from a function of the FIRST program ... what's wrong with this picture ? ... of course you CAN block it, but doesn't the fact that you might feel you HAVE to make you wonder ? ...

... if it doesn't, go ahead with what you're doing and be happy ... I made a different decision ...

 

Hi all,

I agree with the general sentiment that has been voiced so far. It seems to me rather bizarre to install a "protection program" and then have to use another "protection progam (e.g. a firewall) to protect me from the protection program. And, I wonder whether I want to participate in this rather peculiar trend.

I feel I am very well protected (as others have offered, I will be looking into WinPatrol), and even more so in the not too distant future with the upcoming KAV 6.0 Pro-Active defense capabilities. So, I think I will not participate in this cyclical game of protecting myself from my protection software.

Rich

 

It seems to me ....Nowadays...you almost need a FW to keep stuff from getting
out.. as you do to keep stuff from getting in.

Think of it this way....when a company has to start dealing in half truths.
ie....how they keep fairly hidden how they sell info to outside parties.

How much are they realy keeping hidden.....I would wager a bet....they
may make as much money...selling the info...as they do from the program.

Am I hearing a duck quacking?

 

I can't understand what all the huff and puff is all about here. I use Prevx and ZoneAlarm and when Prevx tries to "call home" I just block it with ZA and it doesn't ask me again it seems.

Some of you must have a bug in the Prevx software or something if it is asking you for access every few minutes or so, because it never seems to bother me again after I deny it access the first time.

But if it does keep asking you for access to the net you can simply choose to ALWAYS BLOCK anything with your firewall, I thought, at least ZA has this feature, and most other firewalls I have tried have it also, so why not just use it instead of constantly complaining about such a minor problem? Just choose to always block it! How difficult is that?

Prevx is free software so if you don't like, why use it? Just use something else. I like the program and will continue to use it because I can easily block it from calling home with my firewall.

How many more times do I have to see Richrf posting all around the internet about how he feels Prevx is spying on him and he isn't going to use the program anymore? Just remove the program and be done with it.

 

Hi downtime,

I understand where you are coming from, and I certainly think that there are many Prevx users who agree with you. As for myself, I have already removed Prevx Home from my system. But to bring the discussion back to the two primary objections that I have:

1) Do you think it is reasonable for a user to have to use a firewall to protect themselves from security software that is monitoring their system - as you are? I realize that some may feel that have to do this (in order to use Prevx Home), but I am talking more as a generalized state-of-affairs? That is, securing against security software?

2) Do you think that Prevx, adequately disclosed what they are doing on their download page for Prevx Home? I was certainly surprised when I found out that data was being sent every 15 minutes (or so) even when no attacks were present.

"Prevx Home anonymously and automatically sends us threat data each time an attack is made on your PC. We sell this data to organizations such as ISPs and Prevx Enterprise customers. Prevx analyzes this threat data to track the emergence and spread of new security threats. So like our corporate customers, you benefit from the continual improvements made to the security policies that are such an integral part of our security solutions. "

Thanks for your comments.

Rich

 

For me what has disappointed me most wrt Prevx Home has been their official response. They haven't defended their position with any conviction on any of the security forums including their own. It might be a great free product but obviously they don't think it's great enough to bother standing up for on places like this.

 

interesting statement on castlecops

http://castlecops.com/posts111088-15.html

 

Hmmmm ....

"What the product is sending - in Home always, in Pro optionally, is behaviour data of your machine."

Any other vendor interested in monitoring and capturing the "behaviour data of my machine"? The CastleCops reply is, if nothing else, a complete description of what Prevx Home is doing. What is, for me, amazing is that they do not see the irony of it all.

Rich

 

Answer to #1.
I only use my firewall to block Prevx because I'm paranoid. I don't feel anyone has anything to worry about by allowing the data to go through their firewall, and in fact I think your only helping others by letting the data go through your firewall.

Every once in a while I do let Prevx go through my firewall just to be helpful to Prevx. Overall I don't really have a problem with Prevx sending its data because what it is sending is not anything even close to what spyware would be sending and it will not compromise your security or privacy in any way. If you think it does simply uninstall the program and find something else to use that you do trust.

Answer to #2.
Yes. And ONLY on your system does Prevx try to call home every 15 minutes or so. I've been online for over three hours straight now and Prevx has only tried to call home one time. I simply blocked it and it hasn't bothered me again.

I feel that Prevx is a great deal (for free) and anyone who does decide to use it can only benefit from such a decision. But I suppose those who call it spyware probably also feel that their email is being read by the CIA and the FBI is following them around every corner, and I thought I was paranoid.

 

Your exaggerating Richrf. You can't even compare the data Prevx is collecting to letting someone in your house to take notes. If you could make that kind of comparison it would be more like letting a policeman into your front hallway temporarily, but only if you wanted them to, and they only collected a very small amount of safe information that you fully knew about and fully allowed because you had the choice to allow it or not.

note: I see you removed your post before I could respond to it.

 

Hi downtime,

If there was a policeman in my home taking notes all of the time, I would be a little concerned. For one thing, .... why is he taking so much notes, especially if there has been no crime? What the heck is he doing here, and why do I have to put locks on the door to keep him in and stop him from communicating with his superiors??

The more I think about it .... well heck, Prevx can run their business any way they want - as long as they are not involved in my business. downtime, if you want them spying on your system, you are more than welcome. My only concern was that they weren't up front about it, but I would say that there lastest statement on their own website is about as crystal clear as it could be. Any concerns that I have had about them not being forthright in what they are doing has totally vanished. They have ultra clearly stated that they are monitoring behavior in exchange for the use of their product. If you don't want them to monitor your behavior, then don't use their product. Fine. Adults can decide for themselves.

Rich

 

Your starting to go in circles, richrf. This thread was started 8 days ago under the premise of trying to understand what Prevx is doing. Despite all the information pointed out to you, which you by all means SHOULD have read before even downloading it, you continue to insist that it is spyware because you didn't understand before downloading (which, of course, leaves you vulnerable to real spyware.) What I don't understand is how they could have possibly made it any more clear as to exactly what is going on.. the PDF is more concise than any explanation of any security software that I've seen (short of the big guns like Cisco.) The website has a total of 3 layers of detail of what Prevx does (the PDF being the third), and there is more info all over this forum (by myself and others) and CastleCops, if you just do a minimum of research.

Everyone is entitled to their opinion, but you've got to move on at some point. At this point you appear unwilling to do any research on your own or consider any of the information handed to you, and you simply keep reiterating the same opinion repeatedly. I would imagine that your persistance of the same point with an avoidance of the facts has actaully worked against you for anyone reading this thread with an earnest desire for more information on the subject.

 

Hi Notok,

Sorry Notok. I thought I made it clear. I was duped by the declaration on Prevx's homepage that they only monitor "attacks", and I am not ashamed to admit this - and I am also not ashamed to that I didn't read the "fine print". I took, what they said on their home page, at their word. Only later, did I learn that they are actually monitoring all events on my system - e.g. every time my system or program file directory is updated, even when there is no attack.
I believe that their home page should be changed to reflect what they are really doing as described on their CastleCops forum.

BTW, I don't buy the claim at all that they need this information in order to improve their software. I'm not that naive. I just hope that all security authors of free and paid products don't decided to get into the business of collecting and selling data. There are some mighty good free products out there and they too could make the specious argument that they too need to collect data as Prevx Home does in order to make their product better. I for one will put my money and recommendations behind authors of equally strong products (maybe stronger) who do not use monitors in order to collect and resell data to subscribers.

Yes, I agree. It is time to move on. Let forum members make their own decisions.

Rich

 

Doesn't any reputable IPS software do this? I mean, how could an intrusion prevention system protect your system or program file directory if they weren't monitoring them?

 

Prevx Home is, of course, doing more than monitoring. They are capturing events on my machine (all that Prevx Home is monitoring), collecting the data on their own machine, and then reselling the data.

Rich

 

I would have to disagree that it was only on Rich's system that Prevx called home regularly. I too used Prevx Home for awhile and just recently removed it because of the same concerns about so much "phoning home". Here is an excerpt from my firewall log before I removed Prevx.

04/27/2005 00:20:21 Out Application blocked wip8.prevx.com pxagent.exe
04/27/2005 00:20:36 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:20:51 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:26:06 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:26:21 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:26:36 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:31:51 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:32:07 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:32:22 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:37:37 Out Application blocked wip8.prevx.com pxagent.exe
04/27/2005 00:37:52 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:38:07 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:43:22 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:43:37 Out Application blocked eld8.prevx.com pxagent.exe
04/27/2005 00:43:52 Out Application blocked eld8.prevx.com pxagent.exe

Obviously I had it blocked so it couldn't call home but it sure was desperately trying. This was 15 attempts in 23 minutes.

 

Hi Hipgnosis,

On my system, when I tried to block the messages, it was trying to call out about every 5 secs. Without the blocking, it was somewhere between 10 - 15 minutes. I think it has a lot to do with the number of "events" that Prevx is monitoring and how often those events are triggered. The monitoring/collection program is probably designed to send out messages every so many events or every so many minutes, whichever comes first. The collection server, on Prevx's end, is probably consolidating the data and sending it off to subscribers. From what I gather, most users who discussed this issue on Prevx's forum are experiencing fairly frequent calls to the home server.

Rich

 

richrf i think you took the right approach to this Prevx matter.
Even if you have absolutely nothing to hide its a bit unnerving when you know someone is constantly in touch with outside parties...
A few days ago i tried Prevx,but had to uninstall next day as it wouldnt properly install in my system, which is very similar to yours,richrf,with the exception i run BOClean as antitrojan and Antivir resident & AVG Email Scanner and on demand,(Sygate 5.5 PRO).
Well, it seems my already installed software rejected Prevx as something obnoxious to the point of impeding install.
A never-occurred before event by all means for my system.

 

Hi poirot,

To this day, I have not been able to reconcile in my own mind how a product that is suppose to be stopping other products from monitoring my behavior, is monitoring my behavior and selling the info to third-parties. It is bizarre. I guess Prevx believes they are entitled.

Rich

 

Give it a rest. We all know your beef with Prevx. Everyone seems to have one ,some hate KAV because of the ads stream, others hate Sygate because of the localhost problem....

THIRD PARTIES?