Malwarebytes privacy policy sucks

Discussion in 'other anti-malware software' started by Holysmoke, Aug 20, 2015.

  1. Holysmoke

    Holysmoke Registered Member

    Joined:
    Jun 29, 2014
    Posts:
    112
    I think Malwarebytes privacy policy SUCKS

    https://www.malwarebytes.org/privacy/

    and I don't like the following much either:
    Analytics and marketing services


    and this sucks too:

    GeoIP Data
    When we collect data from our client systems, we do not retain the IP address from which the request originates. However, we do use it to gather geographic information on the system calling in:
    • A location item indicating the continent, country, city, and approximate latitude/longitude of the user
    • The type of connection (dialup/broadband/satellite/mobile)
    • The ISP through which the connection is made
    • The organization to which the IP address is licensed, if any

    and YUCK

    Analytics
    Our servers automatically record information about how a person ("User") uses our software or services ("Log Data"). Log Data may include a User's Internet Protocol (IP) address, browser type, operating system, web page that the User was visiting before accessing our server, search terms, and the pages or features of our software or services accessed by the User and the time spent there. We may share Log Data with Google Analytics. Google's privacy policy is available at

    Simply
    Exception #1: We share your information with Google for analytical purposes.
     
  2. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    1,635
    Location:
    Toronto, Canada
    Sadly, a lot of software (including security software, Free AV's, etc.) have some crazy stuff in their EULA's which often includes things that invade privacy, sending data and so on. Most software that is free often is like that. But I wouldn't specifically put this on Malwarebyte's though, since there are so many other software companies with similar policies. That is why users really need to read the EULA first.
     
  3. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    It sucks but your browser, Antivirus/Security suite, ISP and the NSA are probably all logging the same things at the same time, so what's one more?
     
  4. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    665
    Because we trust companies like Malwarebytes to protect our computer and it's privacy, but in turn, they are invading our privacy. Double Standard.
     
  5. Holysmoke

    Holysmoke Registered Member

    Joined:
    Jun 29, 2014
    Posts:
    112
    they use their free software to collect our data then "share" (sell) it to Google, ef that, uninstalled

    they collect the time we spend on each website, our search terms? damn. I have spent 2 years fighting google analytics then I find out my damn system was infected with this spyware
     
  6. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    Unfortunately that pretty much is the new standard. Trust nobody. You can choose to live with it or stop using it, but pretty soon you will be using nothing that doesn't do this.
     
  7. Holysmoke

    Holysmoke Registered Member

    Joined:
    Jun 29, 2014
    Posts:
    112
    I bet MB has our true IP even when using a VPN or TOR and share our "search terms" and time spent on sites etc with google when we think we are anonymous
     
  8. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    665
    Yes true, just bad business, especially for us.
     
  9. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,172
    Location:
    USA
    I think you totally misunderstood the Privacy Policy.

    What this says is that we use google analytics and therefore see the pages you visit *in our website* and the search terms you use *in our website*.

    It does not mean that we monitor all your browsing habits, the webpages you visit and all the searches you do. Only the malwarebytes.org pages you visit and the search terms you search inside of the malwarebytes.org website.
     
  10. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    665
    GeoIP Data
    When we collect data from our client systems, we do not retain the IP address from which the request originates. However, we do use it to gather geographic information on the system calling in
     
  11. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    Thanks for the clarification.
     
  12. Holysmoke

    Holysmoke Registered Member

    Joined:
    Jun 29, 2014
    Posts:
    112
    it is very clear that they are also talking about their software not just their website.

    Our servers automatically record information about how a person ("User") uses our software or services ("Log Data"). Log Data may include a User's Internet Protocol (IP) address, browser type, operating system, web page that the User was visiting before accessing our server, search terms, and the pages or features of our software or services accessed by the User and the time spent there

    it is clearly under the section labeled:


    Software Collection Addendum

    We maintain and use the information we receive via Software Collection in the manner described below:


    Software Collection Addendum
    We maintain and use the information we receive via Software Collection in the manner described below:
    User-Agent String
    Each API communication coming from any of our client software identifies itself with a string that includes information about the software itself:
    • The program and build which is sending the request
    • The current license state (as identified by the product)
    • Which subcomponent of the application triggered this notification
    • The version of the software as well as any subcomponents (currently, databases) that it uses
    Why?
    So we can manage your Malwarebytes product and ensure that it is up to date.
    GeoIP Data
    When we collect data from our client systems, we do not retain the IP address from which the request originates. However, we do use it to gather geographic information on the system calling in:
    • A location item indicating the continent, country, city, and approximate latitude/longitude of the user
    • The type of connection (dialup/broadband/satellite/mobile)
    • The ISP through which the connection is made
    • The organization to which the IP address is licensed, if any
    Why?
    So our malware intelligence team can track malware outbreaks and patterns.
    Client Data
    We collect client data from each program that describe the client environment (i.e., our software and the computer system it is running on.) For this data we identify each system with a unique identifier that is created at install time, so it is possible to track changes to an individual system over time. In this, we collect:
    • The operating system the program is installed on
    • The system language in use on that system
    • The processor architecture (i.e., 32- or 64-bit)
    • The file system in use (i.e., FAT32)
    Why?
    So we can gather performance data around our products and how they operate in relation to different hardware and software environments.
    License Data
    We collect data from products which have a paid or licensed mode reflecting the applicable license. These data also use a unique identifier, but a different one from the client data; as such, we can track license changes over time but cannot correlate a license key to a client data report. In this, we collect:
    • The key or keys used to license the current product
    • If it represents a console system, the number of seats being managed by that installation of the console.
    Why?
    So we can remind you when your Malwarebytes subscription is about to expire.
    Malware Data
    We collect data about the malware that is removed by our products. This information does not use a system identifier; it is not possible to correlate two different malware removals with each other. We collect:
    • The vendor name of the malware removed
    • An encrypted description of which database rule was used to remove the malware in question
    Why?
    So our malware intelligence team can track malware outbreaks and the efficacy of Malwarebytes products.
    Trial Data
    When a client attempts to start a trial, we track it remotely in order to validate that the trial is allowed. For this information we use another unique system identifier. We collect:
    • The client's request for a trial
    • The start date and duration of the trial provided
    • Any attempted conversion/purchase generated by clicking an in-app link, so that it can be correlated with a trial
    Why?
    So we can update your Malwarebytes products accurately and when they need it.
    Exploit Data
    In all Malwarebytes Anti-Exploit products (beginning with the 1.4 release) we collect a complex data object for any exploit process which is blocked by the software. In this data we collect:
    • Process ID of the exploit process
    • File path of exploit process
    • MD5 hash of the exploit payload, if any
    • Command-line arguments passed to the exploit
    • A list of URLs describing the payload request made by the exploit, including redirect jumps if any
    • (Potentially) a copy of the exploit executable itself
    Why?
    So our malware intelligence team can track exploit outbreaks and deepen its understanding of new exploit techniques.
    Analytics and marketing services
    We use the following analytics and marketing services so that we can deliver a better experience to visitors to our website.
     
  13. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,172
    Location:
    USA
    I was responding to the mention about the webpages and search terms.

    In terms of GeoIP data of telemetry submitted by the client, we do exactly what it says there. We do not keep IP addresses.
     
  14. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,172
    Location:
    USA
    No, that is incorrect. That's the interpretaion you are choosing to make (i.e. thinking that MBAM records all the websites you visit and all your google search terms).

    Servers record IP addresses of visitors and clients automatically. Its a fact of life. Every single server out there does this. But we do not IMPORT or KEEP this information in our internal systems. We have an automated process that translates the IP to an approximate geo-location and then discards the IP.
     
  15. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    Does MBAE submit any user data about the sites they visit when no exploits have been found? If an exploit is discovered, and the user has anonymous submission disabled does MBAE submit any info at all about discovered exploit?
     
  16. Holysmoke

    Holysmoke Registered Member

    Joined:
    Jun 29, 2014
    Posts:
    112
    why do you have our system "call in" the following? what business is it of yours?
    • A location item indicating the continent, country, city, and approximate latitude/longitude of the user
    • The type of connection (dialup/broadband/satellite/mobile)
    • The ISP through which the connection is made
    • The organization to which the IP address is licensed, if any
     
  17. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,172
    Location:
    USA
    This is called a referer and is part of the HTTP header that your browser sends to our servers when you go to google and search for "malwarebytes" and then click on the link that points to our website.

    This means that we see how many seconds on average our users stay on the homepage vs the product page, etc.
     
  18. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,172
    Location:
    USA
    MBAE only submits URLs of the exploit if (a) there is an exploit blocked and (b) if you have the submit anonymous telemetry option enabled.
     
  19. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    Does MBAE submit any user data about the sites they visit when no exploits have been found?
     
  20. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,172
    Location:
    USA
    No, it does not. As mentioned above both conditions need to be met for MBAE to submit an exploit URL.
     
  21. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    Ok, thank you!
     
  22. Holysmoke

    Holysmoke Registered Member

    Joined:
    Jun 29, 2014
    Posts:
    112
    On August 20 I sent the following to legal@malwarebytes.org as they state in their privacy policy if users have any questions. As of today, I have not received a response. Free software must be looked at most suspiciously as the usual income is from users data.


    Your privacy policy says Our servers automatically record information about how a person ("User") uses our software or services ("Log Data"). Log Data may include a User's Internet Protocol (IP) address, browser type, operating system, web page that the User was visiting before accessing our server, search terms, and the pages or features of our software or services accessed by the User and the time spent there. We may share Log Data with Google Analytics.Does the actual software MBAE and MBAM collect this data too? Thank you.
     
  23. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,172
    Location:
    USA
    I referred legal@ to this thread and as you already received a response they did not see a need to respond the same thing again. As mentioned earlier your confusion comes from the fact that the privacy policy meshes website and products into the same bucket. Legal will be making a clarification in the policy to clearly state what website collects vs what products collect.

    I couldn't agree more!! But you are barking up the wrong tree. Malwarebytes does not sell its user data. I know most Free software does sell its user data, but I can guarantee this is NOT the case with Malwarebytes.
     
  24. StillBorn

    StillBorn Registered Member

    Joined:
    Nov 19, 2014
    Posts:
    162
    Inflammatory threads that are completely baseless and totally without merit SUCK.
     
  25. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,071
    Location:
    Germany
    Malwarebytes provides a free malware removal program. Should that not suffice, Malwarebytes prodives free expert assistance on their forum. Aside from that, Malwarebytes provides free exploit protection for browsers + plugins and java, which should cover about 99% of all exploits that average home users encounter. They provide all that without selling their users' private data or tricking them into installing potentially unwanted programs.
     
Loading...