How do the latest revelations about US gov spying affect your choice of AV ?

Discussion in 'other security issues & news' started by Fly, Jun 14, 2013.

Thread Status:
Not open for further replies.
  1. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    NSA, Google, Microsoft etc.

    If you use the Windows platform like most of us it may be a moot point.

    I'd be wary about companies like McAfee, Symantec.

    Basically, there are two ways to buy an AV: anonymous and registered (box in shop vs. online).

    Now, it seems unlikely that an AV like Kaspersky is eager to please the US government by cooperating.

    What about other AVs/suites, like Eset, Avira, F-Prot ?

    We don't know what/if there is really coorporation between the AV companies and the US gov. Although there have been reports about certain vendors not detecting certain government malware.

    And 'metadata' is not always as anonymous as believed, I think there is a thread or post about that somewhere on this forum.

    Thoughts, ideas, plans ?
     
  2. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    Actually, I use my AV to check for infected files, but I will never expect it to find government rootkits/trojans/etc. So in my case, I didn't feel like changing my AV because of the NSA scandal.
     
  3. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,780
    Might as well ask how it affects your choice of underwear...
     
  4. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    I was thinking about sharing of information and spying.
     
  5. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,780
    I know... I was just joking... At this point, I don't think there's any way of knowing, and I don't think there's anything that can be done anyhow... we'll probably never know what is and isn't gathered, looked at, shared and so on..
     
  6. wtsinnc

    wtsinnc Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    943
    I don't believe there's any way to prevent government intrusion; if they want in, they will get in no matter what the user does.
    I feel very sure intelligence agencies (domestic and foreign) have the capability to spy on anyone and to trace e-mails, browsing history, downloads- pretty much anything and everything one does via a computer/tablet or smart phone.

    Forget about anonymity; we have none.
     
  7. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    Only through leaks, and they always come too late. I wouldn't concern myself with which AV to avoid on a subject like this. I'd be much more worried about email services, services like DropBox/SkyDrive, social networks, VPN services and that sort of thing. These are the real danger areas.
     
  8. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    Prior to these latest revelations, I was running Vba32 for a little while. During that time, the thought crossed my mind that Vba32 might do a better job at detecting this type of malware after reading that they were the first to detect Stuxnet. Realistically I don't think it will affect my choice of AV, but it is an interesting question. I think a good HIPS/firewall combination may be the best defense.
     
  9. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    These recent revelations reinforce concerns that have been expressed, here and elsewhere, before. Namely, that the information (about a user's devices, OS, files they download, the software they run, the sites and URLs they visit, folder and filenames, account names, etc, etc, etc) flowing out of their device(s) and into AV companies could fall into the hands of others and/or be used in ways which are deemed unacceptable to those who would be affected. At this moment I'm not sure what more can be said about this except that I think it would be extremely helpful if all AV testing organizations also assessed products from the "information being sent to the AV company" POV.

    Simply purchasing AV software with cash won't eliminate all the potential issues but it might be reasonable to award a product extra points if it is available in retail outlets and can be purchased with cash. It would certainly be reasonable to assign points based on how much information is required to get the product up and running (including registration, whether online accounts are mandatory, etc) and keep it active (online license checks that send info, metrics, etc). Then, of course, there is the extremely important issue of how much information... and what specific types of information... the product phones home during use, what configuration options there are to control that, and so forth.
     
  10. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    I do think such issues that you bring up are worthy of discussion and thought over. I just think there are other issues such as what I outlined above that trump the concern over AV companies. Now, web shields and such things as MBAM's IP blocker are both something to look into more, as they basically have to know where you are visiting in order for them to do their jobs. They have to scan IPs, scan links, etc.
     
  11. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Doesn't affect me at all, it's been there all this time and nothing has happened with me or my computer (that I know of), and it doesn't affect me now after we have found out about it either, since I can't do much, or anything at all about it.

    I have other things to worry about, it's just data, and even if they collect data about or from me there's nothing interesting in my data that they have any use for.
     
  12. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    I'm not so sure vba32 was the first to discover Stuxnet. There is a post on this forum somewhere stating that Webroot discovered it earlier than that. It definitely could be a possibility since WSA is purely a cloud antivirus. Before Webroot obtained Prevx is was always known for discovering many threats before other AV's knew about them. It also comes at a cost though. It's hard not to have lots of false positives when the cloud is analyzing Millions to Billions of files per day. Webroot has gotten much better over the past several months. They don't have nearly as many false positives as last year when third party vendors began testing them. Their product just keeps getting better. As long as there are no compatibility issues I prefer using WSA along beside another AV on powerful Desktop computers. I prefer to run a lighter setup on my Laptop.
     
  13. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    None, who can you trust anyways? If there's a good open-source AV by a reputable company from a pro-privacy foreign country that you can compile yourself, then that may be the best bet. Or you can just use none and have just one less software (including the OS) to be worrying about. Doubt it's worthwhile, seeing all the other ways they can track you.
     
  14. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    I wasn't so sure either, but recalled hearing something about it - most likely right here in these forums. That is why I found a reference to link to before posting. It doesn't really matter though in the context of this thread. My point was that using AVs from companies located outside the influence of the empire might be a better choice to detect malware generated by said empire.
     
  15. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi

    Yes i also remember a similar toppic
    https://www.wilderssecurity.com/showthread.php?t=333380

    Regarding AV and law enforcement trojans/policewares
    http://news.cnet.com/Will-security-firms-detect-police-spyware/2100-7348_3-6197020.html
    http://kevtownsend.wordpress.com/2011/05/04/fbi-cipav-spyware-and-the-anti-virus-companies/
    http://it.slashdot.org/story/13/05/...-wont-co-operate-with-pc-hacking-dutch-police

    Of course, most US based security campanies are known for their collaboration with Gvt agencies, and in our case, Norton/Symantec is-for my concern-the most untrusted AV editor.

    As things are not always white, not always black, but often grey, then what and who should we trust?
    Using technology with constant privacy cautions could tend to the paranoia, even by using a kind of Bible of privacy like the EFF SSD project
    https://ssd.eff.org/bg/book/export/html/14

    Rgds
     
  16. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    Agreed. When you consider they have their "cloud" databases they must have a list of all of the files that exist on your pc. o_O
     
  17. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Using an AV based in a country that's not aligned with your own might help with detecting older versions of official malware, but they're unlikely to help with the current stuff. Domestic AVs are in a no-win position when it comes to government malware. I'd be willing to bet that they've been given NSLs regarding government malware.

    Unless you're being specifically targeted, it's unlikely that you'll ever see government malware outside of that which may already exist in Windows. Most of the time, they'd have no need to use it. They already have access to everything sent over the internet by your system. The exception to this would be if they don't know where you are and want to locate you.

    If for some reason you believe that they are targeting you, don't count on any detection program to identify such malware. The typical malware writer knows how to make their code evade detection. The NSA definitely would know how. The only realistic defense would be based on a default-deny policy with only those executables needed for normal operations whitelisted, and very close attention paid to the details.
     
  18. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,696
    How is the choice of AV related to alleged NSA spying?
    They supposedly copied data directly from inside data centers.
    Nothing to do with your client protection, or lack thereof.
    As to AV: none.
    Mrk
     
  19. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    Same here. I don't like that it's taking place, everyone values their privacy, but I understand why they're doing it. They're up against a group of people that do not care to set off a bomb that kills or maims innocent children, women, or men. These people are in our midst, and they play by no rules. If the NSA is collecting data on my family and scrutinizing it...well, they're in for a pretty boring time. They'll see my wife doing her Facebook thing, or talking to her Aunt Mae, or her sisters, or me visiting Wilders, or downloading some just released application, or me cussing out some telemarketer. But as long as it leads to our streets, homes, and lives being safer then so be it.

    Later...

     
  20. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    Unless of course one is using AV or some other "client protection" software or feature (URL checker, hostname checker, IP Address checker, whatever) that is sending information off their machine and into affected data centers, companies, etc.

    The above may not apply to your machines, but it surely applies to huge and probably growing numbers of individuals and companies. So even if one's own machines are robustly secured against information leakage, said individual and/or company can still be affected if a company they do business with doesn't robustly secure their machines. It is these later points that we should draw attention to and encourage people to think about. Not simply because of government sector datamining/spying but also because of commercial sector datamining/spying.
     
  21. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    My feelings. :D
     
  22. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    Didn't read all, sorry.

    But my AV, OS, browser, pgp etc. imo doesn't make any difference. My paranoid delusions from when I was a teenager have all been proven true. I have to add I don't have anything to hide from any of 3 letter agencies. One of my suspicions was that any effort to encrypt data that goes through the cloud just makes me seem more suspicious. Besides having nothing to hide being lazy helped me from implementing said such. Certainly an AV makes no difference.
     
  23. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Wait, so when I said I don't trust Chinese AVs, since their government is communist, has a history of hacking the US, and disregards intellectual property rights, I was called paranoid. Yet, you guys are paranoid about non-Chinese AVs? A little hypocritical.
     
  24. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    Whoa there. I wouldn't put a Chinese AV on a pc either.

    My point is if these home grown agencies want info they can get it.
     
    Last edited: Jun 29, 2013
  25. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Since when did the discussion about not trusting US AV's become non-Chinese AV's? I haven't even seen the word China or Chinese before Brandonn2010 just had to change the topic. At least link to whatever thread of relevance before those empty words.

    Anyways, even though some governments are exposed to be anti-privacy, I wouldn't base my AV choices on simply those blacklists.
     
Loading...
Thread Status:
Not open for further replies.