AV-Comparatives - Data transmission in Internet security products

That's.... not good.
Based on the above reply from ESET it looks like this report didn't necessarily gets its information directly from the vendors, so info like SSL, hashing and signed files probably would need to come directly from inquiries to the vendors. I think this report stirred up too much speculation since I assumed that all of the vendors responded, at least partially, when that now appears to not be the case.

 

@mrtwolman

Many thanks for the answer and explaning it all.

 

[applause] F-Secure

 

So it seems that most AV software in the US collects basically everything.

 

This report got me to thinking about trying Forticlient again. I remember it was a bit heavy a couple of years ago. After running Roboscan, and Immunet the past two years, I'm surprised that Forticlient feels just as light now as those two do.

 

So the main conclusion is: do not trust anything made (based) in USA. Obviously, customer privacy is not especially valued in the States.

 

Avast transmit local IP addresses too ...

 

That's what I have been saying for quite some time. Plus the overseas products are usually better anyway.

 

So? Without your IP address being transmitted, you wouldn't be able to use Google, this forum, avast! itself being able to even update itself in the most basic way. Without IP you can't communicate with the internet "world". Refusing to share IP is like expecting a postal package being delivered to your house without an exact home address. It's just not possible.

 

i think you somehow missed the 'local' part.'local ip address' is different from actual/wan ip address & is not required for any critical or even important task.though for a single system behind a router i wouldn't call it a personal info but in case of multi-system setup behind a router it certainly qualifies as a personal information.

 

Yes, exactly. Your public IP is visible to everyone but the local one has to be specifically queried and uploaded for someone to collect it and it necessary for pretty much nothing other than to more specifically identify you.

 

fortinet is my second option again

my first is still panda, but I would like for some explanation from them

 

I may have misunderstood your answer. But IMO local IP is needed. Local, LAN, behind the router, IP is part of the transit path and is necessary for the router to deliver stuff to the correct computer.

 

Your router needs to know your local IP for that. The recipient of your connection does not.

-http://www.auditmypc.com/internal-ip-address.asp
This explains it somewhat, though I think they exaggerate a bit as you have to have Java installed (I do not) to get your local IP, plus I have found that Kaspersky firewall will block them from getting it as well.

That said, it is an extremely deliberate act for them to collect it, and there is no valid reason for them to do so.

 

Hmmm , never really thought about this subject.

And I´m not that paranoid when it comes to privacy, but still I´m glad I´m not using any of these products.

 

ESET !

I wouldn't go juming up & down about ESET's reply. Check the PDF again, because they refuse to answer this CRUCIAL question.

Are special updates delivered to users with specific IDs?

 

They didn't answer ANY question. Hence the following:
"First of all, we want to set the record straight: we did not answer any question in the AV-Comparatives questionnaire."

 

@ xxJackxx

Well spotted ! I wonder how many vendors would answer that "specific" question ?

 

Well, nobody answered it yes. Originally the lack of an answer was interpreted as avoiding the question, with an assumed answer of yes. However, since ESET's posting we have reason to doubt the level of vendor response at all. I suspect that Symantec responded as every question was answered and extra details were given on a couple of them with footnotes included. Anyone else's level of participation is left to speculation.

 

By local IP address do we the typical 192.168.x.x or 10.x.x.x? These IP ranges are assigned by every home router using default DHCP/NAT and are meaningless in terms of identifying the users behind the router. The IP address which actually serves to identify the user is the one assigned by the ISP to the broadband modem and that IP is always "internet facing". Am I missing something?

 

Exactly . Another million user aside me will have my same IP... so what? Lol

 

Combining local IP with public IP can identify individual computer in multi system networks. Router can "hide" individual computers on network, but not if local IP is transmitted to 3rd party.

 

Exactly. This is about being able to identify you behind a router. Combine this with any "cloud based detection" and they know which machine behind a router visited what website and what files you have on your machine. If they combine this with retrieving your logon username if gives them a very detailed view of what you are doing. Information that can be requested by any authorities. Regardless of whether or not you have anything to hide, the capability is disturbing, and the fact that they are collecting this data is even more so.

 

I just saw this thread and was shocked.
So what do you do, practically?
Can we just quit using AV software?
Guess not, but what else can we do?

 

And, again, so what? They identify the machine not me. There nothing personal in a local IP and often this IP will anyway change. On top before been able to spoof it you need more than just the two IPs