Seems Like Only 2 Anti virus Do Not Leak Your Private Data

Discussion in 'other anti-virus software' started by digmor crusher, Jul 12, 2014.

  1. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    424
    Location:
    Canada
  2. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,012
    Location:
    on my zx10-r
    the av comparatives test has been posted here before.
     
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,061
  4. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    If you look at the report:

    http://www.av-comparatives.org/wp-content/uploads/2014/04/avc_datasending_2014_en.pdf

    I think you will see some important differences (and possibly be able to quickly rule out some products), but also that every product has one or both of:

    - Are visited URLs (malicious and non-malicious URLs) transmitted?
    - Are hashes of files (or hashes of parts of files) transmitted?

    checked. Arguably, that alone suggests that each and every product should be considered an information security threat. The makeuseof article author appeared to try to point out the least offensive products in that regard. I don't think there is sufficient information in the report to draw a firm conclusion. Partly because it isn't clear how effective the opt-out options are for some products. I think we could use another study, where such options were taken advantage of and afterwards the products were penalized for phoning things home. I think we'd want to penalize products more heavily for phoning home some things like windows usernames, full pathnames, full URLs, etc... but still penalize them for phoning home hashes of files and/or other metadata that is revealing, presents a correlation risk, etc.

    One thing that drew my attention was that Fortinet is the only product that doesn't have the "phones home hashes of files.." cell checked. Which in my mind raises the possibility that... assuming its other phone home behavior could be eliminated as a concern... it might actually be a decent option for infosec/privacy oriented individuals and businesses. I haven't followed up on that. I'd be interested to know if anyone has experience with their options and any info to share on this point.
     
  5. Tarantula

    Tarantula Registered Member

    Joined:
    Jul 23, 2010
    Posts:
    357
    That's exactly why I don't want to see ads, pop-ups and other garbage in security programs. They are collecting enough info to provide every single piece of security software in the world for free.
     
  6. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    I think some types of [security] products/services can be maintained through generous donations of time and money. However, I don't think all types can be. Furthermore, here I believe we are actually discussing for-profit companies, paid employees, and in at least some cases investors who expect a return.

    If you take paid-for products off the table and you also take other forms of income generation off the table (advertising being one), I think you effectively guarantee that all users would be subjected to not only 1) data collection and the associated risks, but 2) the actual selling, sharing, and/or other secondary uses of the collected data. Put another way, everyone would end up bartering information they want (or should want) to protect in exchange for products/services that supposedly protect that information. Which really doesn't make much sense.

    Then again, "mandatory bartering" seems to have already taken root and seems to be pretty common even in those cases where entities are forking over currency :(
     
    Last edited: Jul 12, 2014
  7. FreddyFreeloader

    FreddyFreeloader Registered Member

    Joined:
    Jul 23, 2013
    Posts:
    527
    Location:
    Tejas
    You can always use something that doesn't need an AV - like Chromebook, other Linux ware.
     
  8. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    F-Secure's response; http://www.f-secure.com/weblog/archives/00002700.html

     
  9. blasev2nd

    blasev2nd Registered Member

    Joined:
    Mar 27, 2014
    Posts:
    46
    using chromebook to protect privacy?
    linux is the right choice IMHO
     
  10. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,061
  11. guest

    guest Guest

    I'm not going to say anything about this news since it's already been a common subject. But holy spreadsheet document the comments in that website's article page are mostly retarded. What about their browser extensions? No wait, what about their ISPs? :argh:

    Just consider them to collect everything they can get. Feedbacks will always consist of stereotypical responses anyway. What differs one with the others is perhaps the country of origin of an AV and its applied privacy law. But even at that you can't expect them all to always abide by the law.
     
    Last edited by a moderator: Jul 12, 2014
  12. FreddyFreeloader

    FreddyFreeloader Registered Member

    Joined:
    Jul 23, 2013
    Posts:
    527
    Location:
    Tejas
    If your machine is on the Internet....wave bye bye to your "privacy." There ain't no such thing.
     
  13. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,012
    Location:
    on my zx10-r
    anything google to protect privacyo_O hahahahahahahahaha i almost spit out my coffee.
     
  14. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    https://www.wilderssecurity.com/threads/guardian-rom-secure-android-os.348416/

    Was there ever such a thing unless you live in a remote location inaccessible even by satellites? Don't forget the Internet gives you more tools for privacy as well compared to real life.
     
  15. blasev2nd

    blasev2nd Registered Member

    Joined:
    Mar 27, 2014
    Posts:
    46
    so why did you bother with anti malware privacy?
    do yo u care about online privacy at all?
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    I already said it before, but some of these AV companies should be ashamed of themselves. Glad I´m not using any of their products. :)
     
  17. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    When you have all the paid AVs in a never ending arms race for malware samples, the idea of a open source AV seems like a pipe dream. Like bless ClamAV for existing, but...

    I don't know how they'd get half the new samples without collecting stuff, cause obviously most home users don't know how to submit stuff themselves.

    Exactly. Anything that comes out of the company itself aims to benefit the company- no one comes right out and says "We done did bad things herp". That's why we rely on independent audits and hope the audits themselves aren't biased or corrupted.
     
  18. tekkaman

    tekkaman Registered Member

    Joined:
    Sep 22, 2008
    Posts:
    164
    The data collecting is used by the cloud system that everyone here seems to adore. Of most AV that uses cloud only ESET seems to be honest in saying that you won't loose any protection if you disable the cloud and I will quote from Eset V6 help file:
     
  19. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    The same applies to ALL antiviruses. It's just that YOU don't contribute anything to the community. And if too many people would disable this, then the cloud functionality wouldn't work as it should.

    For example, if you're that paranoid, you can use disposable e-mail to register lets say, avast! (at least free version). This way, even if they'd for some reason want to track all your secrets and stuff you browse on a personal level, they'd know someone is doing all that, but they'd have no clue who that is. And that's called statistical data. Basically they all do it and they don't care who is behind it on a personal level. It's the data that they need, not the knowledge who provided it (apart from regional data to know in which country that sample was first observed).
     
  20. guest

    guest Guest

    I can't believe RejZoR was saying that. This must be a nightmare! Someone please wake me up! :eek:

    Translation: I disagree with post #19.
     
  21. NWOAbschaum

    NWOAbschaum Registered Member

    Joined:
    Feb 9, 2014
    Posts:
    185
    Location:
    Germany
    havnt any problems that someone have my data. im not paranoid or have anything to hide. if these guys are happy to have/sell data, well do it. have better thinks todo as thinking about my data.
     
  22. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    :thumb: Yeap, this is why certain product do not even allow the cloud to be disabled as it just damages the overall effectiveness of the product for all the users. The paranoia of the cloud just help virus writers to stay ahead of AV products. Viribus Unitis
     
  23. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    I know that some data collection is necessary for the product, but where I draw the line, is when they upload a user's private documents/files via background.

    If I have a document that contains my tax information, medical records, etc., I don't need these companies looking at those, as they should only pertain to those associated with the document (Me/Associated Facility).
     
  24. guest

    guest Guest

    I don't think they would go that far TBH, even for US-based AVs. But I agree that this is concerning. The AV collects our PII and yet most of them don't use SSL connection, there goes the users profiles spread all over the place lol. :D

    My knowledge is limited, so pardon if this is a silly mumbling. But can VPNs mitigate this? They encrypt and re-route network connections system-wide, right?
     
  25. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    The "Are non-executable files (e.g. documents) transmitted?" row in the results table has a number of YES answers and a number of "not disclosed" answers. Which should concern everyone. However, do we know how to interpret that? I don't think any of us wants to believe that such software is simply grabbing copies of documents, pictures, movies, emails, web pages, etc just because it can.

    However, we know that there are numerous types of files that can contain both passive (sensitive) content, and active potentially malicious content. Macro-enabled documents would be one example, right? Plus, even purely passive file types can potentially carry a payload that is designed to trigger parsing and/or other vulnerabilities in apps that process such passive files. How does each phone-home antimalware client deal with those various cases? Are there any other cases where information from within personal files could be phoned home, such as a crash report type scenario where memory contents and/or open file data or the like is at times collected and could happen to contain data from within personal files?

    A VPN setup would prevent your public IP Address from appearing in packets sent to the cloud server, which can be useful:

    1) Prevents the server from determining your location through client IP Address lookup.
    2) Prevents the server from identifying and tracking the client based on sticky/static IP Address
    3) Prevents the server from using your public IP Address to acquire other information that is associated with activity under your public IP Address.

    However, the scenario we are talking about isn't a pure server-side threat scenario. In this scenario, the main threat is on the client machine, and it has privileged user access to that machine and what it holds/does, and it is phoning home information to the server. There is potential for #1 to be achieved via client-side snooping and/or via information acquired during purchase or account registration. Client-side GUIDs, unique account registration numbers, hardware identifiers, fingerprinting, etc can be used to accomplish #2 with true precision, even across public IP Address changes, and nearly all of the products have a YES in the "Is a unique identification number transmitted" box. Generally speaking, the very best location from which to gather information is on client device and the fruits of that will often be far greater than those achievable through #3.

    IOW, I'm thinking that a VPN wouldn't be very helpful, but perhaps that would depend on the particulars of the AV software, how it is configured, what it phones home, etc. One thing about VPNs though: some people use them to compartmentalize info/activity. Any client-side software that phones home a unique identifier has the potential to break that IF it is allowed to phone home such an identifier in different contexts. System software that is always running in the background might be something that some users overlook.
     
Loading...