Your antivirus software is watching you. A recent study shows that popular antivirus applications like Avast assign your computer a unique identifier and send a list of all web addresses you visit to the manufacturer. If the antivirus finds a suspicious document, it will send the document to the antivirus company. Yes, your antivirus company might have a list of web pages you've visited along with your sensitive personal documents!
http://www.av-comparatives.org/wp-content/uploads/2014/04/avc_datasending_2014_en.pdf (PDF Download) pretty charts comparing a variety of specific data reporting between vendors and products, https://www.bof.nl/live/wp-content/uploads/Letter-to-antivirus-companies-.pdf (PDF download) I believe this is the original open letter which led to the charts PDF
"According to a top-secret GCHQ warrant renewal request written in 2008 and published today by The Intercept, the British spy agency viewed Kaspersky software as an obstruction to its hacking operations and needed to reverse engineer it to find ways to neutralize the problem. Doing so required obtaining a warrant."
https://s3.amazonaws.com/s3.documentcloud.org/documents/2106783/project-camberdada.pdf (PDF Download) purports to be a top secret document outlining the interception to malware reporting to AV providers
So - how valuable is an AV program? Is your AV transmitting data to the NSA? Does your AV provide a "backdoor" into your computer?
Much has been said about the advisability of running an AV on *nix. Much has been said about the inherent security of *nix. Right now, I'm somewhat happy/relieved that I am NOT running any proprietary antivirus programs.
Disclaimer: I am reading a fascinating work of fiction, which postulates that your antivirus shares data with the NSA. Given that postulation, I went looking for information. I'll be more than happy to disclose the title and author in the comments section - just ask!
(Score: 0) by Anonymous Coward on Wednesday October 28 2015, @04:49AM
Disclaimer: I am reading a fascinating work of fiction, which postulates that your antivirus shares data with the NSA. Given that postulation, I went looking for information. I'll be more than happy to disclose the title and author in the comments section - just ask!
Do tell!
(Score: 2) by Runaway1956 on Wednesday October 28 2015, @05:04AM
http://www.secondship.com/Excerpt/default.htm [secondship.com]
http://www.secondship.com/Preview/default.htm [secondship.com]
http://www.secondship.com/Preview%20Book%203/default.htm [secondship.com]
This "trilogy" is preceded by two other stories in the same universe, 'Once Dead' and 'Dead Wrong'. I anticipate any number of sequels to follow.
If you should read them, you'll be quickly introduced to "Big John" who does all the heavy lifting in the NSA's search for "bad guys".
(Score: 0) by Anonymous Coward on Wednesday October 28 2015, @06:51AM
Jennifer Government [wikipedia.org] involves malware that spreads via anti-virus updates.
(Score: 3, Insightful) by Mr Big in the Pants on Wednesday October 28 2015, @05:40AM
"Avira prevents you from opening a potentially harmful website."
lol.
Harmful to their reputation perhaps??
(Score: 2, Disagree) by q.kontinuum on Wednesday October 28 2015, @10:23AM
No, really dangerous. The site tries to discourage usage of virus scanners, which, obviously, is deeply problematic.
Registered IRC nick on chat.soylentnews.org: qkontinuum
(Score: 2) by bugamn on Thursday October 29 2015, @11:19PM
But does the site really present malicious software, or are only its ideas that can be problematic?
(Score: 1, Offtopic) by aristarchus on Wednesday October 28 2015, @05:47AM
Microsoft Problems!!! Hey, for the first time I did not put the $ in Micro$oft! Only a Fine Article like this could make me do it.
(Score: 5, Funny) by jasassin on Wednesday October 28 2015, @06:06AM
I hope not! On my system I'm currently using Bitdefender Antivirus Plus, Kapersky Anti-Virus, McAfee AntiVirus Plus, Norton Security, Trend Micro Antivirus + Security, Avira Antivirus Pro, BullGuard Antivirus, eScan Anti-Virus, Zonealarm Antivirus + Firewall, and G Data AntiVirus. It only takes my system an hour and a half to boot, but until now I was feeling pretty fucking secure!
jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
(Score: 2) by Runaway1956 on Wednesday October 28 2015, @06:10AM
All of them running in real time? You must have a fast computer if you can boot up in 1 1/2 hours!
(Score: 4, Funny) by Anonymous Coward on Wednesday October 28 2015, @01:57PM
I run the Windows port of systemd so they all start up in parallel.
(Score: 1, Informative) by Anonymous Coward on Wednesday October 28 2015, @06:13AM
but some of the anti-malware programs too... these can be anti-rootkit, anti-spyware, etc.
some of these programs ship with "share x,y,z data" enabled by default! Or "join the x,y,z network" - look for both!
the open source antivirus program ClamWin for Windows and clamav for Linux may not have the best
detection rates, but both have found some trojans/rootkits where some others have failed. False positives? Maybe, but
unlikely, especially if you tear apart the executable, research strings, etc.
a good resource is: http://www.kernelmode.info [kernelmode.info]
(Score: 1, Informative) by Anonymous Coward on Wednesday October 28 2015, @01:05PM
Maybe but unlikely? I want some of that cool aid. Clam's FP rate is absurd.
(Score: 1) by SDRefugee on Wednesday October 28 2015, @01:33PM
I gave up using Windows in 2010, when I retired after a nearly 25 year career of cleaning up after Windows (and its users). The ONLY Linux I currently run with any kind
of AV is my mail server, with ClamAV. After reading some of the traffic analysis done on Windows 10, I feel I REALLY dodged a bullet by leaving the MS ecosystem.
America should be proud of Edward Snowden, the hero, whether they know it or not..
(Score: 0) by Anonymous Coward on Wednesday October 28 2015, @07:12AM
Actions sound about the same. And of course, you only need one on a legacy malware operating system so...
(Score: 4, Insightful) by lentilla on Wednesday October 28 2015, @07:51AM
The only thing that would surprise me is if antivirus software was NOT tracking you.
Runaway1956 mentions a work of fiction in his submission, so I'll match it with one of mine! I've just finished re-reading Heinlein's "The Moon Is a Harsh Mistress". Germane to this discussion and that book: TANSTAAFL - There Ain't No Such Thing As A Free Lunch!
Of course antivirus software is likely tracking you - and those that are not yet are ripe to be considered "incompletely monetised". This applies equally to "free" and paid-for antivirus. Paying for something in this era should be considered a "sticker price" at best - the old assumptions that "cash on the barrel-head" in exchange for a product are long gone. Now we pay the sticker price and companies continue to monetise our product long after the transaction has been completed.
(Score: -1, Troll) by Anonymous Coward on Wednesday October 28 2015, @11:54AM
Runaway1956 is a loud mouth closet queer.
(Score: -1, Offtopic) by Anonymous Coward on Wednesday October 28 2015, @12:54PM
Tell us how you really feel.
(Score: 3, Interesting) by wonkey_monkey on Wednesday October 28 2015, @08:21AM
Yes, your antivirus company might have a list of web pages you've visited along with your sensitive personal documents!
And does it, by any chance, tell you it's going to do this when you install it?
systemd is Roko's Basilisk
(Score: 1) by ewk on Wednesday October 28 2015, @12:00PM
If so already, most likely on page X of an Y pages sized EULA (with X = Y, for sufficient large values of X and Y) that nobody reads anyway.
And even if they do not tell: the non-validity of click-through agreements works both ways... doesn't it? :-)
I don't always react, but when I do, I do it on SoylentNews
(Score: 2) by joshuajon on Wednesday October 28 2015, @03:38PM
I think it's more a matter of end users not understanding that in order for these types of "web reputation" filters to work the software would necessarily have to transmit URLs back to the manufacturer. There's no other way for them to build the database of URLs. So unaware end users enable the feature and then feel their privacy was violated because they didn't understand how it worked.
(Score: 1) by ewk on Thursday October 29 2015, @09:43AM
Uploading just URL's by themselves are fine... Feeding the masterbase is needed.
URL's combined with a UNIQUE identifier (identifying my computer or computer/user-combo) are not.
I don't always react, but when I do, I do it on SoylentNews
(Score: 0) by Anonymous Coward on Thursday October 29 2015, @04:05AM
I think that's covered by the "we own your soul" clause in the license.
(Score: 1) by TechieRefugee on Wednesday October 28 2015, @01:51PM
Surprising that Comodo hasn't been listed, as it's something I've been recommending for all of my Windows user family. I'm not sure whether that's a good or a bad thing.
...ah hell, let's be honest; Comodo is probably doing it as well.
(Score: 5, Insightful) by ledow on Wednesday October 28 2015, @04:28PM
"Let's allow a program with administrative privileges, which regularly scans and indexes every file on your hard disk / network for patterns, which can upload examples to the cloud, acts on signatures and heuristics updates sent to it by its manufacturer every single day, and which the user EXPECTS to listen in on all their Internet traffic, every file they open, whenever they open it, etc. and which has carte blanche to decide what other programs can and cannot run (and which does not co-operate nicely with any competing software trying to see what IT is doing)"
Because THAT'S the way that we'll stay secure and nobody will get their hands on our data.
It bugs me that for decades people have not considered this.