Which antivirus respect your privacy and allow you to send NO data to their cloud?

Discussion in 'other anti-virus software' started by Aimi, Oct 3, 2012.

Thread Status:
Not open for further replies.
  1. Aimi

    Aimi Registered Member

    Joined:
    Oct 3, 2012
    Posts:
    3
    Location:
    Australia
    I have been trying to find out which AV products/companies either send no data to their servers, or permit you to block the data being transmitted without sacrificing features. (I am fine turning off most, such as phishing).

    I have hit a wall, the best I have been told is "You cannot expect privacy online". Abysmal. o_O

    Avast, for example, sends every domain you visit, your IP, your email and other data to their cloud. Unacceptable. I am trying to get a straight answer out of them as to how, or if, I can disable this. They are not at all helpful and their forums are useless :thumbd:

    If this data was just for me, I could analyse packet capture logs, find the domain's and block them, however I am regularly quizzed by others as to security issues. I would rather support a product and/or company which respects my privacy than one that does not.

    Thank you for anything you can offer..
    ~Aimi
     
  2. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    "Cloud" products require ongoing communication with the client in order to work properly. They need to pull data from the client to ID threats and also to expand the threat database which improves the effectiveness of the product. If you don't trust a company to do this responsibly why use their security software?
     
    Last edited: Oct 3, 2012
  3. Aimi

    Aimi Registered Member

    Joined:
    Oct 3, 2012
    Posts:
    3
    Location:
    Australia
    It isn't really a matter of whether I trust them or not.

    With the incoming data retention policies and companies' propensity for selling data, even years later, I elect to not send the data whenever I can.

    I am about to switch back to Linux for my base OS, I just can't get a straight answer out of any of the companies. Avast so far has just said to trust them as they wont sell data. That's today. What about tomorrow?
     
  4. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,121
    Location:
    Pennsylvania.
    If you can't trust an AV move on to HIPS or a sandbox of sorts.
     
  5. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Is the data pulled by cloud antimalware products personally identifiable? I don't think it's possible to completely avoid communicating data when you're on the internet, so the question becomes is the data appropriate to the task? If companies collect data they should say so in their privacy policy and that usually includes a statement about whether or not the data is personally identifiable. I feel it does come down to a degree of trust, because unless you have the skills to monitor the data gathered by apps on your computer (I don't) you're left with the vendor's privacy statement and their reputation. Some of them get closer to the line than others and I've chosen to avoid some of them because of it, but it can be a grey area.
     
  6. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,723
    Location:
    localhost
    Panda and WSA cloud solutions actually do not store documents in the cloud. This is normally linked to lack of understanding of cloud antiviruses. It is simply not possible (due to the bandswitch involved) to even think of such an approach. No documents are sent to the clould only hashes and behaviour patterns. Privacy is not at risk as this cannot be translated back to a "readable" state. Please also consider that you have lost your privacy as soon as you connect to the net with an IP. :)

    Btw, this was already discussed several times in here. A search on Panda Clould should reveal some of these discussions.
     
    Last edited: Oct 3, 2012
  7. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Yes, you only have to read the discussions about TOR, etc, to realize how damn near impossible it is to be anonymous on the internet :ninja: , but I don't know if that's what the OP really wants.
     
  8. silverfox99

    silverfox99 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    204
    Are you from the 1980s? Me too. What OS you running? I run Windows 3.x/DOS and find that Norton AntiVirus 4.0 is the best solution for AV and privacy combined - definition updates are sent to me via email as an attachment! No data is sent from my computer back to the vendor - and best of all, no cloud!- check it out here:

    Key Features of NAV 4.0 for Windows 3.x/DOS: LiveUpdate™ Email - For the latest news on viruses and virus hoaxes, SARC will send you email notification. Includes LiveUpdate attachment so you can access new virus definitions right from your email program.

    NAV4.0.jpg

    http://web.archive.org/web/19980111000631/http://www.symantec.com/nav/fs_nav4-3.x.html

    Added: Is cheap too - you can pick up a copy on Amazon for $3.97 + shipping.

    http://www.amazon.com/Norton-Antivirus-4-0/dp/B000QA3VZA
     
    Last edited: Oct 3, 2012
  9. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    @silverfox99
    LOL. I want one.:D
     
  10. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,723
    Location:
    localhost
    LoL. Hurry up... Only 1 left in stock. :D
     
  11. Aimi

    Aimi Registered Member

    Joined:
    Oct 3, 2012
    Posts:
    3
    Location:
    Australia
    Ill take that as humour rather than sarcasm, yes.. I used to use thunderbyte and VET antivirus.

    As for transmitting files to the cloud for analysis, it asks me.

    However, I do not need to be transmitting every domain I visit, and potentially login information, to a cloud, to be told I am safe. I can make my own decisions and do not need my data being sold.

    All I need, is an antivirus with updates and heuristics. That'll do, I am not one to fall for phishing or scams.

    I am actually looking at a few, Panda seems to be the top. Also, the alternative is to remove windows altogether and go back to debian.
     
  12. arsenaloyal

    arsenaloyal Registered Member

    Joined:
    Nov 1, 2009
    Posts:
    507

    I think Avira would be one for you. Check it out.
     
  13. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    when paranoi overtakes best action is to unplug your PC/laptop/mac(or whatever) and take up fishing!Where do you stand on smartphones or sky tv?:-everything we do in the world using technology that "communicates" has the risk of transmitting data about you or I,best thing is to set up a PC and use it with nothing that relates to you
     
  14. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,633
    Location:
    UK
    Even with the traditional AV that existed before the cloud buzzword appeared, there was "communication" with their servers. How else would you get their signature updates, for example?
     
  15. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Sorry but you're talking absolute rubbish here. If you're so paranoid, sell the computer and move into some forest.

    If you don't want to send that data to avast! then what's the point of using it if you're sacking more than half of it's protection capability? And to be frank, other products aren't any different in this time and era. If you trust some particular vendor, then you use that one. Few hundred million users of avast! can't be wrong, can they be? I'd say they aren't.

    Also saying avast! forums are useless, what did you expect? No one is going to change a product just because you're some overparanoid freak. Sorry but someone asking such stuff can only be marked as that. Other 100 million users don't complain, they just enjoy the protection.

    And as for the data sending, you're complaining over avast!, but are you using IE9/IE10 ? Maybe Firefox Sync feature in Firefox or you use Chrome or you regularly search in Google? Maybe you're using OpenDNS? Well, a wake up call for you, they all gather your browsing data one or another way.

    avast! takes data collection very seriously in terms of security itself and they way they use it. All the data is sent encrypted on a secure connection and most of the stuff they gather is just a statistical data. So if you visit a webpage -www.someporn.com- and you're afraid of someone seeing it, basically they see someone visited this page but no one knows it was you. And honestly, they don't really care. What they do care is if some of the clients detects malware there. That's what they care about, not what you browse...
     
    Last edited by a moderator: Oct 3, 2012
  16. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    Is this about the cloud, or ANY data being sent to the AV company ?

    Whenever I use an AV/suite, I never enable/use the cloud.

    For example, with Kaspersky I don't enable the KSN (Kaspersky Security Network), I don't enable Avira's cloud either.

    Nor do I allow programs solely on being certified by a certain vendor. Although that may be a different issue.

    Regardless of the product, I always read the EULA/license agreement, do a custom install, selectively enable modules, make sure I don't install toolbars and other crap and configure it to my liking.

    It is possible to use the Avira and Kaspersky security suite without 'cloud'.
    I'm not very familiar with the latest versions.

    Doesn't Panda depend very much on the cloud ??

    There will always be 'some' data that is sent to the vendor.

    I don't trust security software either, but that doesn't mean I never use it !
    Just keep your eyes open.

    Having a good imaging setup will greatly reduce your need to trust a security vendor.
     
  17. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    PC Tools Internet Security has an option to allow you to send or not send detection statistics anonymously to their cloud. Irrespective of this option the cloud can still be used to submit suspicious files (manual or automatic), verification of FPs and detection of new malware.
     
  18. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    If you enable automatic updates or more. One approach that might work in some scenarios is to use a local software firewall to block the cloud AV components from communicating with remote hosts and to update the system via your own custom updater that checks for, retrieves, and installs those updates. Businesses tend to be more information security oriented and many literally have to be. So one space to search for options would be business solutions.
     
  19. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,871
    Your missing out on a lot of protection by disabling the kaspersky security network.But its your choice.
    One day i think computer based signatures will be a thing of the past and ALL av,s will be cloud-based.:thumb:
     
  20. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    :eek:

    I just don't think so. Not everyone will embrace the cloud.

    I don't really need an AV anyway, it's just an extra :p
     
  21. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,633
    Location:
    UK
    I think we're slowly heading that way. It depends on whether the vendor has the resources and infrastructure to host signatures in the cloud instead of saving them all locally, except some needed for offline protection.
     
  22. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    701
    It is ok to manually confirm every suspicious file that should get uploaded to the cloud for checking, but I don't think you want to manually confirm every URL/IP your browser tries to connect to to be checked with the cloud. That might be not a happy surfing experience :rolleyes:

    Which browser do you use? Almost everyone of them does check for malicious URLs, checks downloads, has options to send back user experience/behaviour in order to optimize future versions or find bugs.

    Do you use Google? Facebook? Shop at Amazon? Did you disable your Windows updates? They sent feedback too.

    If you are so concerned about all this, you really should not use the internet at all. There is no way to prevent being tracked or leak data otherwise.

    I said it before, any AV without proper cloud protection features is almost useless with the malware these days.
     
  23. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Dear Aimi,


    The whole beauty of the Big Brother concept, as described in 1984, is that you must end up, asking for it! You must embrace it, not resist it! If you can't start with little things like an antivirus, how will you live peacefully with more important things in the future? The cloud loves you, you must love the cloud back!

    I am sorry to tell you, but you 're already late with times. Back in Pentium III release, the whole internet was in the path of war, because the CPU was to have a unique serial, which could make someone uniquely ID the machine. Intel was so scared of the outcry that had to remove the serial.

    Today, you have members of a "security forum", running for example Rollback RX, which at every boot and before your firewall loads, phones home to "recheck" (for the 1.000.000th time) your activation and they are all happy with a company who knows them by name and address, to know their IP in EVERY boot they make to Windows. And mind you, this in a "security" forum. :rolleyes: Then maybe the same people go crazy about whether Tony is still the same person in Shadow Defender or some scammer has taken over his website! Wow, thank God Shadow Defender doesn't phone home to the potential scammer... Oh wait, i hadn't thought that...But heavens forbid, if something installs Ask Toolbar! And thank God that my website doesn't know that i have the CPU serial 243548786! The real failure of Ask Toolbar, is that if failed to convince people, that it offered a security feature. If it did, people would be all over it now. They should have pioneered "toolbar based anti-phising". "What, you 've installed the Ask junk?" "Get lost, it gives me antiphising, i trust them!".


    Times change, people are easily convinced to do things if they think it's for their benefit. The concept is wonderfully explained in "1984". Please, follow the trend.



    Alternatives:

    1) Find a AV and try manually updating definitions.
    2) Pass to virtualization and forget about antivirus (Sandboxie, Shadow Defender, Returnil, etc)
    3) Pass to antiexecutables (NoExe Radar Pro, Faronics Anti-executable, etc)
    4) Use software like AppGuard, Voodooshield.
    5) Use MBAM as on demand scanner (untick if you like the "report anonymously use data" box).

    I 've been without antivirus for a year with only WinPatrol and for some period without that too and i haven't seen a malware.

    Antivirus is overrated for people that don't run cracks, keygens, "my game's latest nocd patch", etc. All of the above are much stronger than antivirus.

    P.S.: I only trust Iobit. (sarcasm).
     
    Last edited: Oct 4, 2012
  24. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    One day i hope people realize that black listing is obsolete, no matter if in cloud, heaven or hell and can only serve as auxiliary to more efficient security methods and that their own actions with their PC are more important.
     
  25. Cloud

    Cloud Registered Member

    Joined:
    Feb 1, 2011
    Posts:
    1,030
    Location:
    United States
    Yes, it does but it also depends on the many other technologies in the software such as Panda's patented TruPrevent. Now what people seem to still not understand is how the cloud works, and take assumption that cloud implementation is the same for every security company.

    Again, Panda does not send any personal data to their servers. What is sent is a reverse hash of the file, not the file itself. Please also take note that Panda's cloud scanning only checks PE files.
     
Loading...
Thread Status:
Not open for further replies.