The purpose and wishes for this thread: Discuss the business and/or background reasons for Security Software Products (SSW) being possible security problems themselves. There are 3 wishes for the thread. (1) Omit all vendor X versus vendor Y posts. Example: vendor x forces it’s users to accept secret phone homes and vendor Y doesn’t. (2) Post the rationale for WHY (in your opinion) these causes are occurring. An example would be valuable. Please, no fear, uncertainly, and doubt (FUD) or wild unproven accusations. Let’s keep this at a level one rung up from tools versus tool (3) Avoid the political / government policy / legal/ issues These political issues are already actively covered in this forum and are outside the scope of this thread. The Business and Background Reasons (incomplete!) This issue of security lapses within security software has become more visible. Besides the problems of buggy and bloated software, there is the privacy issue of organizations public and private, collecting and in some cases selling collective data about their customers to other businesses. ALL of these companies are in business to make money. Utilizing information about their customers to market other software or other things to them is one way to make money. The online behaviour of large groups of people is valuable data for companies that want to market products, collecting massive data for companies who want to pay for it is already a big business. Any software company who can discretely sell information to these companies can make big bucks. There are security software companies that distribute “free” software and some paid software that also sell collective (not individual) data about their customers. When the profits dry up from subscriptions don’t underestimate the creativeness of the security software companies to find other ways to make money from their business. It is only fair to point out that computer software companies are not alone in doing this. Many companies (banks, credit card companies, subscription cable and satellite TV services, and most major ISPs) sell collective information about their customer base. It is a way of life and although they say it isn’t personal data about you it is personal data about a collective group. This is still bad business practice. The fine printed agreements that we always click “yes” to are just the tip of an ice burg. Most service agreements that we think of as harmless we accept without reading or understanding are infested with fine print that gives up the collective privacy of groups of people. The problem with this type of business thinking is that it is NOT in the best interest of the customers and when the customers find out (and they will) then its damage control time. All of the above raises questions please add to this list as you see fit and suggest answers. 1.What dangers can this issue create for your personal information privacy? 2. Do some/all firms only care about making more money? 3. Are some firms thinking they can get away with it and there is a potential to make a big profit then doing it? 4. If they don’t now, will they at some time in the future? 5. Will the ones that don’t end up going out of business unless they do what their competitors are doing? 5.1 Since the additional question I put to everybody is 6. How and Can we identify the "white list" of vendors who don't carry out these practices?