Shady practices of free download servers

Discussion in 'malware problems & news' started by TheKid7, Jul 10, 2013.

Thread Status:
Not open for further replies.
  1. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Shady practices of free download servers:
    https://blog.avast.com/2013/07/09/shady-practices-of-free-download-servers/
     
  2. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    693
    Location:
    Hogwarts.
    Good read thanks for the share.
     
  3. SirDrexl

    SirDrexl Registered Member

    Joined:
    Apr 14, 2012
    Posts:
    545
    Location:
    USA
    It's a bit ironic coming from Avast. While I like Avast, you have to be careful during the setup process if you don't want Chrome installed along with it.
     
  4. Snoop3

    Snoop3 Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    474
    not only that, the Avast "Free" edition actually compiles profiling data on you last i heard.
     
  5. vlk

    vlk AV Expert

    Joined:
    Dec 26, 2002
    Posts:
    618
    What?:)
     
  6. boombastik

    boombastik Registered Member

    Joined:
    Oct 7, 2010
    Posts:
    211
    Location:
    Greece
    You heard wrong.
     
  7. Snoop3

    Snoop3 Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    474
    eh not as reputable as i had recalled but.....

    http://www.rationallyparanoid.com/articles/avast-windows.html



    i dont trust this free stuff anymore. once they get a large enough userbase on their free products it makes economic sense for them to spy on the users.

    btw i see in one of the forum posts over there they claim Avast has 180 million users, so what is that maybe 30 million pay and 150 million free users(just guessing) thats a lot of data being collected and even if its only worth 1 cent/year per user or 10 cents/year per user it gets into the millions of dollars in value. Are they really not selling this data or as has been the case over and over and over again in internet business that these large companies take liberties with the users privacy when there is money to be made and we only find out about it later.
     
    Last edited: Jul 22, 2013
  8. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,240
    I have no problem with Avast collecting that data, as it is being used to increase detection rates.

    I don't think you have anything to worry about - they are highly respected security company, not some shady marketing company.
     
  9. Snoop3

    Snoop3 Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    474

    i wish that were the case but i don't buy it. i don't trust Comodo either with their stupid twitter and facebook buttons in their last paid ISS version that i used. And both Comodo and Avast kept sending up lots of data - what for? i had disabled all of these upload to the cloud nonsense. If i have an AV or an ISS all i want are definition updates and nothing else.
     
  10. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,240
    To help them identify new threats.
     
  11. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Plus the cloud servers have more infrastructure to detect malware through different methods (like behaviour analyzing). Their rules/signatures are real-time as well.

    If all you want are definitions for blacklists, then you'll never be ahead of malware, even with heuristics.
     
  12. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    We would fail 0day testing if that were actually true. It may not be easy but predictive defs can be created.
     
  13. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Sure it'll be not easy with plenty of FP's (and extremely difficult w/o), but I stated malware as a whole, not just the usual related ones. Logically you can't expect blacklists to be anything but catching up overall.
     
  14. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    Well, even though I am an Avast user, I have issues with their product connecting to their server even when I specifically disallowed it. The only way to stop this behaviour was to configure my firewall to stop it. I just hope it's bad programming, not tracking...
     
  15. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    You don't quite understand how it works. A definition is not just based on what you have seen, it can also be based on likely mutations to come. Mutations have patterns and you can predict them.

    The vast majority of the malware we detect we have never seen before. A good deal of new malware we detect was defined as much as a week ago. There have even been cases where 6 months of mutations were detected by the very first definition.

    We are not the only ones either. There are quite a few AVs that are good at predictive definitions, they stand out in 0hour testing. At 0hour when VT shows less than 10 hits the group of AVs that does hit is relatively static. There is a reason for this.

    The notion of an effective static definition is dead, I will give you that. That was the reason adaptive signatures were created.
     
  16. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    And that's why I said overall. You can't predict something that will be created by someone else with 100% accuracy. In the case of malware, I doubt it's anywhere near that percentage over a good period of time, unless we stop caring about FP's altogether and try every PUP rule possible.
     
  17. Snoop3

    Snoop3 Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    474
    yeah, but they don't have my permission for that. i used paid Avast ISS about a year and half ago and it was the same thing, all this stuff being uploaded. they don't understand the word "no" apparently and just like the gov't we're supposed to "trust them"? well i don't. i've been burned enough times before and i see how little regard is given to people's privacy on the internet. if there's a nickel to be made they'll post your email address, your street address, your Cell Phone number, your SSI, whatever they want - to say nothing of just your browsing profile. and there seems to be plenty of money to be made on all of this tracking data because acc to Ghostery there are over 600 diff companies involved in it.
     
  18. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,240
    I really do not believe that one of leading antivirus companies would sell personal information.
     
  19. Snoop3

    Snoop3 Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    474
    i do. and it might happen with limited, less-indentifiable data at first (whatever they can get away with) and they sell to some unknown company that later conveniently happens to get bought by google, etc.

    if there are currently over 600 different companies in the business of tracking and profiling people on the internet, what do you think is going to happen? the larger companies will buy the smaller ones until there are maybe 10 huge companies left and all that data will be consolidated.
     
  20. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,012
    Location:
    on my zx10-r
    first snoop3 if you fully read the tos you would know that technically they do have the permissions (normally) to do this. most people just click i accept without actually reading the whole thing in its entirety. so if you install it (again normally this is included right in the tos you click accept to during the install) they may very well have the permission to do so unless you opt out of that inside the program. like during the install of eset you can opt out of the community part and then it will not send data. this is true for only some. many av's if you install them you have no option to opt out of this type of data collection.

    second as far as the free servers, yes if you are not familiar with them you can easily get a lot of junk. i know people who use them though ALL the time and they know where to click to avoid the extra fake downloads etc, im not saying i support the use of them but if you are careful in their use you can avoid having issues. for the novice though they can be a total nightmare.
     
  21. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    The danger of downloading free software.
     
  22. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    All cloud Antivirus need to upload executable behavior to the cloud. It really does help to detect / discover a lot of new threats.
     
  23. makethink

    makethink Registered Member

    Joined:
    Aug 9, 2013
    Posts:
    2
    It's very easy to mislead users into downloading other software instead of the wanted ones. Nasty tricks!
     
  24. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    KMPlayer downloaded from Download.com or "Softonic.com" will flag a PUA. Link obfuscated: -http://www.kmpmedia.net/-
     

    Attached Files:

  25. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Those are quite obvious downloaders bundled with crapware CNET implemented a while ago and Softonic had for as long as I remember.
     
Loading...
Thread Status:
Not open for further replies.