Which AVs respect the users' privacy ?

Discussion in 'other anti-virus software' started by Fly, Apr 4, 2009.

Thread Status:
Not open for further replies.
  1. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    Yes, but that is becoming more common, see the new swedish laws. I would agree in the whole transferring of data through regions idea, but I personally completely disagree about the origin of software.

    That being said, usually these laws only have jurisdiction in their home country, otherwise, paranoid people would just seal off countries like sweden.
     
  2. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I wouldn't use software from any country with laws like this, Even if the software is private the "Confidential Data" Could still be Sniffed from the traffic going from your PC to the company if they are located in said country.
     
  3. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    Ok well I'll leave this argument here because I don't agree with that, well, at least I don't feel I am as paranoid as that, although I am paranoid about my privacy to a point.

    To the OP, personally I think you should just read the privacy policy of whatever AV you're using.
     
  4. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Thats one thing we can both agree on ^^
     
  5. DjMaligno

    DjMaligno Hispasec/VirusTotal

    Joined:
    Feb 22, 2005
    Posts:
    63
    Location:
    Spain
    It still surprises me how people blames whole people in a country for the behavior of their politics. That is not only bluntly unfair, but also a demonstration of lack of perspective.
     
  6. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I think we're getting things mixed up here. The Swedish laws that require data monitoring and the "buddy system" between the U.K and U.S (and I hate to make the conspiracy guys cry, but these two countries are not as "buddy" as it may seem on the outside looking in), is a whole other deal from the kind of privacy worries this post (I believe) was meant to be about.

    Those laws are purely national security-related (we could go all day on those laws and just how "security-related" they are, but I'm not going to light that fire). Privacy with regards to AV software and other software is marketing. The people you need to worry about with this kind of privacy don't want to report back to the White House or the Queen, they want to report the data to other marketing firms who are willing to give out big $$$ for said data.

    So, to answer the original question in the context it was meant, read the EULA. That's all there really is to it.
     
  7. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    2,140
    since you already have lightened the fire could you please be a little more specific. the point here is to know what is running in our computers.
     
  8. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    No, I haven't lit the fire I spoke of and refuse to. I'm not sure how much more specific my post needed to be, your AV reports to no one but the update servers to check your version of the software and signatures against the servers' version. When you sign up to use the software, that is a different matter and that is where the marketing comes in. Your email address, phone number, name and financial information if it was a paid for software, are all up for grabs to the highest bidder if that is what the EULA says, and sometimes even when it doesn't say.

    That has nothing to do with individual countries or their security laws. It is marketing and that is that, but, once again, people are bundling security and marketing together and fussing about it instead of recognizing there are differences and understanding those differences.
     
  9. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    Isn't it naive to just trust/rely on that ?
     
  10. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    The queen does nothing in this modern age all she does is sit around and talk to her dogs and maybe the occasional wave at a crowd.
     
    Last edited: Apr 6, 2009
  11. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
    This is the truth. Countries like Canada don't let companies touch their citizens at all with spying or suing. Its why a lot of U.S companies provide products to both U.S and Canada but only certain services on those products (e.g. Xbox movie service).
     
  12. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    Well if you think about it, the are all businesses looking to make a living, why jeopardize that with the risk of being sued to the extent of possibly collapsing the company as a whole?
     
  13. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Lol, true, I know that, but you get the gist of what I was saying.
     
  14. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    In answer to the orginal question, I can assure you, F-Secure respects your privacy. You will not get any pop ups on install asking you to sleep in bed with them, while you use their product.;)
     
  15. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    Thank you all for your responses.

    I have a couple of specific questions, and I could really use some answers.

    Right now I have Avira, Avast, Kaspersky, and Eset under consideration.
    Without additional antispyware applications.

    About Kaspersky: it's a Russian AV, I wonder if it's safe from that end. Concerning: the Russian security agencies (I know, you can say the same for the USA, but since I already have a Microsoft OS I'm not to keen about having another country looking over my shoulder, or something like that), Russian hackers, politically or otherwise motivated. It's a concern, I wonder if someone has anything to add to that.

    Let's be careful in avoiding a 'this AV is better than that one', because those threads get locked or deleted quickly. And let's keep in mind that the av-comparatives' results had all products set their heuristics at high (with the exception of Sophos).

    Avira: the premium version offers in addition to the free version a Webguard and AntiDrive-By, basically some kind of web shield, which would not seem irrelevant (but necessary ?) if you don't use additional real-time security software. Although not really expensive, it's not free. I don't think I'd like the false positives of a paranoid AV (see av-comparatives). I wonder how effective the software would be if you set the heuristics at medium ? Maybe it's impossible to answer this question, but I'll ask anyway.

    Avast: only the professional edition has a Script Blocker, my current McAfee has something similar (it once blocked a malicious script from downloading a trojan, and that was the only time it detected something). It would seem an important feature to me. However, the Pro edition is somewhat expensive, especially since it's not a suite. The same question as with Avira: how effective would the software be if you set heuristics at medium ?

    For the free versions of Avira and Avast: is there a nag screen or button ?
    Are there any independant tests available that don't have the heuristics set at the highest level ?

    About Eset: when I go to the global site I'm redirected to a local site, and both the antivirus and especially Eset Smart Security are expensive (price in euros). I checked BitDefender too, it also redirected me to a local website, where the antivirus was not even offered, only an expensive suite !
    Is there a way to bypass these redirects, without violating the law or getting into a clash with the company ? Usually, the price in euros is much higher than in USD.

    At last but not at least: the typical and traditional virus doesn't bother me much, spyware, trojans, backdoors, rootkits and the likes, and malicious scripts are of greater concern. From what I understand, nowadays AVs are better at protecting against these than antispyware applications.
     
    Last edited: Apr 6, 2009
  16. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Ok Fly, here's the thing about Kaspersky, Rising, and any other foreign software:

    1. Is there a chance some agency is watching traffic from your web shield-enabled AV? Maybe. Is it at all likely? No, it is not. Again, I need to remind folks that giving your information at sign-up to an AV company is far more of a privacy risk and MUCH more likely to send your data to the "wrong" hands.

    2. Would the really well known software developers with a great reputation do anything purposely to risk that reputation if it was not "absolutely no way to get out of it"-required of them? No.




    Regarding Avira and the effectiveness of heuristics and testing:

    1. Heuristics are as good as the developer makes them, regardless of the brand.

    2. Setting them to high can cause (can) frequent FPs depending on the types of files you download.

    3. Script blocking can be done with Firefox's Noscript, or any browser that can disable scripting (even IE). The bad scripts can't hurt you if your browser isn't vulnerable to them. So the key here is keeping updated.

    4. As far as tests, I don't trust them. They are too controlled imho, and setting everything to high to test isn't a realistic test (just check the average persons settings).

    5. There is a nag screen in free Avira, but not in Avast.

    6. I know nothing of Eset, so I'll have to keep quiet for that question.

    7. The effectiveness of an AV to block/clean malware compared to an actual anti-spyware app. I have no facts, just a personal opinion, which is it really depends on how good the detection is and who has what in their databases.

    Hope I've helped slightly.
     
  17. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    dw426 answered it all really.

    You can bypass ESET's forwarding by using a reseller such as this, there's a few.
     
  18. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    Thanks, that saves some money.
     
  19. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    Well, they are doing it all the time.
    McAfee as an example: I did mention their privacy policy, but (unlike an older version ?), it doesn't clearly state that they share/sell data with Doubleclick and many others. They used to do it, I can't believe they 've stopped out of the goodness of their heart !

    It's just about the money !

    And that somewhat murky business with Symantec (ASK): they have some sort of relationship with ASK.com/IAC. If not for the collection of data, why partner with IAC ? For general purposes, ASK.COM is at best a third rate search engine. (Do I need to say IAC/Zango?)

    I could also mention Webroot, with has the Spy Sweeper with antivirus as an AV, and the vanilla Spy Sweeper. Unless it has changed, the default was an opt-in for the ask.com toolbar, and only in the customized installation there is a way to opt-out.

    I think there are some others who have partnered with IAC.

    Unfortunately, sharing, selling, leaking, loss and theft of data is common.
     
  20. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    So far I have given the free versions of Avira and Avast a trial. The same for paid Kaspersky.

    Obviously a brief trial, I just wanted to see the impact on my system's resources.

    For Avira and Avast, heuristics about at medium.

    For Kaspersky (security suite), heuristics at high.

    I'm please to note all these AVs are reasonably fast on my computer.
    I was somewhat surprised to see Kaspersky doing so well with (several) security settings higher than default.

    I'll refer to av-comparatives: the -not free- Avira and Avast were doing very well in that test. But I can't be sure of the free versions with lower heuristics.
    Besides, I wonder if with heuristics at maximum the false positives don't outnumber the detections of real malware.

    And again referring to av-comparatives: the category 'other malware' (more or less: spyware plus adware minus trojans) is a something in which AVs tend to perform poorly. A rate of 90 % isn't great IMO.

    What would seem a long time ago (at the time I was somewhat 'the greatest vulnerability behind the computer'), when I used a McAfee antivirus that would detect only viruses and trojans (?), and the Spyware Doctor version 3 or 4, the addition of the Spy Sweeper reduced non-cookie infections by 90% (real-time protection). Blocking 90% of spyware real-time is good. And given that the Spyware Doctor was also effective the combined real-time protection far exceeded the 90 %. On-demand scans were also effective. Later when Pctools released version 5 of the Spyware Doctor I replaced it by Counterspy version 2 (a very effective real-time antispyware application) and moved to the online McAfee software which was also reasonably effective against spyware.

    My point is, there were many products that could be used in combination to get a very strong real-time protection against spyware. These days, that's gone. (Except perhaps Counterspy 3.x and the Spy Sweeper, but they have issues :thumbd: ) It seems the AV companies have won, and for some reasons the AS companies have fallen behind. Even though the threat of a virus is insignificant compared to spyware threats. Seriously, what's the harm of a virus if you can just restore a clean image ?
    And over the past 5 years I've encountered only a handful of viruses, but many spyware/adware infections. I don't get infected anymore, but the threat of spyware dwarfs the threat of viruses.

    This 'essay' has become larger than I intended. I guess I'll stop here :)
     
  21. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    Well, I will change it to "Read the privacy policy and read past reputation". :D

    Usually it's quite clear which companies are messing around with 3rd parties due to shady deals/toolbars/popups/whatever.
     
  22. CountryGuy

    CountryGuy Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    139
    I found it quite humorous when one of the responses was a carte blanche dismissal of all of the major AVs and AVs based on country of origin, provided no factual evidence and proceeded to try and quelch all dissent by saying anyone who disagreed is a 'fanboy' :D

    By "respecting your privacy", what do you mean? Personal information, web traffic, system specs? Most of that is detailed in the agreements with the product when you install them; Companies can be sued if they go against them.

    If you're REALLY that concerned about privacy, install any of the products, but don't let them connect to the internet, and download updates manually.

    Just one fanboy's opinion :D
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.