Which antivirus respect your privacy and allow you to send NO data to their cloud?

Yes, you unofficially represent i should say. I mean, you are always the man to reply in ZA threads, as an ex mod of ZA... That's what i mean. It's a shame ZA doesn't pay you, i know i would if i were ZA, loyal fans are more valuable than paid, but uninterested employees.

Personal attacks? Like..." If we would stick to some users approaches we would be still writing with typewriters and using pigeons to exchange information "

maybe?

I don't try to convince anyone. I am trying to defend my choice of not using cloud... If anything, the OP was ganged up because she...dared say that she doesn't want to use cloud!

What a terrible sin!

 

It doesn't really matter; you use stick with what works for you even if it's old, I constantly search what will work for me while it uses new tech.

Back on topic OP was searching for some protective measures which doesn't send data. I have listed few possible solutions at the bottom of my last post.

 

Some of you here should learn the basics of antivirus cloud systems before you go full on teaching others things you don't understand at all...

 

You either go with the flow, or you don't.

I don't.

There is no NEED for cloud.

It's just a buzzword. Did anyone ever buy McAfee software because of its 'X-Ray' technology ?

One of the issues with cloud is, where does it begin and where will it end ?

First, you have your AV send some data through the cloud. Next thing (not AV related), you have your personal data, ID, photographs, financial data, software online, 'in the cloud'. You don't mind security organizations scanning and collecting those data, businesses snooping to see if you are not violating 'copyright', businesses sharing and selling those data, leaking data, having your personal stuff end up in the hands of strangers ?

Default-deny is a great concept.

That you can't have perfect privacy and anonymity doesn't mean you should give up.

And I consider the question of the OP perfectly legitimate.

Personally, I'd have a hard time getting infected even if I wanted to !
Ever since I stopped relying on AVs and antispyware apps I have been malware free.

My view is that you can't buy security.

 

Ppl think that cloud systems just upload everything to remote servers. Comodo maybe (and even there its just executables) because of the way it works but basically all the others don't. They only do if they find something with heuristics but thats what they've been doing for the last decade or so.

And cut the crap with "buzzword" word. It's so lame it makes me puke every time i see it. Cloud is a very nice word for collaboration of clients and servers. Something we partially had but it didn't realyl had an appropriate name.

 

RejZoR,

What's with the hostility ? I see that often in your posts.

 

Would you not be, if you used Avast.....

 

I'm using AVG at the moment so any comments of such sort are irrelevant...

 

absolutely !

regardless of what my signature says.. i'd prefer being AVless.. like i was for a long time.
( BTW Avast and AVG are perfect and i used them pretty damn enough !!! )

 

My thoughts in a nutshell.
What we have in our world is a massive paradigm shift as to what privacy is and how important is it.
For me, enough is enough.
If I ever go back to windows, it will be AV free.

 

My only reservations about cloud systems is that I feel an application should not be overly dependent on it. So, if I'm not connected to the internet, it should still be fairly competent at catching malware. In some cases I have seen FP rates go through the roof in the absence of the cloud. That's quite alarming to novice users. So the main thing with clouds is, complement and supplement the existing protection rather than making it a big part of your protection system. I guess most cloud-based systems today are doing this rather well though, though I'm still skeptical of products like e.g. SecureAnywhere and Trend Micro Titanium because of their extensive reliance on the cloud compared to other products.

If someone feels they they do not want to send data to the cloud, it is their choice though, I do think they should be given that choice, while also noting that they might be subject to false alarms or loss of protection when that happens.

 

offtopic ON
Just to avoid any misunderstanding: I only help ZA users due to the fact I am old user of ZA. This is why you often see my posts when there are questions related to ZA as not many here are really fan of ZA and questions are often left unattended or wrongly addressed. Not more not less. I sometime also post beta releases as here you like to play with new toys And no, there are plenty of users enjoying helping other users for free, no need receiving a check for the service!

In any case, I still find difficult to see the link to this thread and cloud AVs
offtopic OFF

 

Interesting, and how this is actually happening? It means you are running/installing new software on the system while not on the internet since the software resident on your PC should have only already fully whitelisted by the AV. If you are running new software and this cannot come from internet (that is off) then it can only come from a USB stick? Or similar? Not something I can expect often to happen in a day to day use. Or do I missing something in this picture?

Thanks!

 

I haven't tried with all anti-malware products to verify if this is the case with all of them but a few that I did use do show this problem occasionally.

Yes, I do install software at times when the internet is not connected. It comes from USB sticks and sometimes from large-size archives downloaded from the internet, but installed/extracted at a later time without the internet (since real-time analysis of large archives is often not done to minimize resource use). Usually the FPs will occur at the time of a full-scan, or sometimes during installation/extraction, and it will very often be one of those "heur" or "suspicious" detections (though sometimes signature based detections also occur).

Re-scanning the files, or scanning these files (real-time or on-demand) with the cloud on (i.e. connected to the internet), will in most cases remove this detection, i.e. it will no longer show those detections as now the product has had a chance to verify it on the cloud and found to be safe. At this point, I believe these files are added to an internal whitelist as subsequent scanning of the same files will not yield any detection on these files again irrespective of whether access to the cloud is enabled or not.

I have seen such behaviour with AVG (sometimes) and PC Tools (very often). Have not used others in a while, though I imagine they might be using similar mechanisms.

 

Sorry, but that is just wrong.

I helped designing and creating the Avira Protection Cloud. The goal for it was never to put special signatures there and save signature traffic. We don't even have a beta VDF for the cloud. We have new detection technology in there that is not possible to run on local machines (unless you want to reserve some GB of RAM just for the AV). And that detection technology is far superior to the local scan engine.

 

Stefan,

I'm sure that the Avira cloud has advantages.

But one doesn't NEED a cloud just like one doesn't NEED an AV.

What has changed so fundamentally in the last few years ?

More malware, more advanced malware, faster exploits.

Hasn't that been going on for a long time ?

Would 'the cloud' catch a virus like Flame ?

Blacklisting is a poor foundation for a security setup.

 

Ok, thanks! Indeed this can happen for specific users that tend to install often new software when offline. I am afraid there is less and less software that allows it (online registrations needed or check-for-updates before install, license key validation, etc) and I would not consider it as an obstacle for standard users that are not likely to install new software so often.

 

What is blacklisting for you?

Just signatures? Generic detection?

Behaviour blocking is blacklisting (certain behaviour is blacklisted).

HIPS is blacklisting with user interaction (certain behaviour is blacklisted and the user must decide if it is ok to allow it)

Even sandboxing can be considered as blacklisting (some conditions must be met that an application will be sandboxed - if you bypass these, you will bypass the sandbox).

 

Why the hell ppl mention Flame so much for every damn thing? That was a targeted attack and has very little connection to the malware eco system you and i see daily... No one can prevent targeted attacks, because they are, well, targeted and with very specific payload and target.

 

I think the OP and some others (including myself) would be interested in a meaningfully detailed description of how Avira works, what it transmits off the local machine, and the options/consequences related to disabling those features/transmissions. Obviously, we can search for info and find some. That's homework we should do. It can be challenging to cut through the noise and find adequate detail though. If you do know of a very good publicly available document or page on the subject, would you please share the link to it?

 

Also a good thing about cloud systems is that there is no easy way to analyze how they work and behave. Thats why you probably won't get any in depth explanations. Thats also its strong point compared to strict local engines...

 

RejZoR nailed it. I call it detection protection.

I cannot really tell more than this:

http://www.avira.com/en/avira-protection-cloud

BTW, RejZoR everytime I see your avatar and "polymorphic sheep" I must think about an old GDATA advertisement video from 1995 or 1996. They explained file infectors and polymorphic viruses with white and black sheep - and a vacuum cleaner.

 

To me it reminds CloneCD. Funny how different people make different associations.

 

Event whitelisting can be considered as a blacklisting as some conditions must be met in order to application can not run... So, whitelisting is blacklisting. Good old logic!

 

Thanks for the link. That particular page doesn't help a professional trying to evaluate the product/line from the Information Security and Privacy POV. There is more info behind it, and presumably somewhere adequate privacy disclosures pertinent to use of the software, so I guess those interested can grab some coffee and do some exploring.