- Nov 8, 2016
- 574
A few months ago i checked i post telling Bitdefender Trafficlight (BTL) was sending unencrypted sites for Bitdefender servers (you can check the original post HERE)
But i made my own research and could not confirm this information in the present moment. So i would like to know if you can help me to check if that is still true.
1) I tried to replicate the post guide but despite i accessed the BTL requests and sends, i could not find any unencrypted message. So i believe the problem is solved.
Edit:
2) According to BTL privacy police:
So, i believe that if BTL actually already sent any unencrypted messages to Bitdefender servers, that is not true anymore.
But i made my own research and could not confirm this information in the present moment. So i would like to know if you can help me to check if that is still true.
1) I tried to replicate the post guide but despite i accessed the BTL requests and sends, i could not find any unencrypted message. So i believe the problem is solved.
Edit:
I can find the site BTL is sending in plain text (params tab), but the security tab shows TLSv1.2 protocol for all requests.
Examples
Examples
2) According to BTL privacy police:
3. Protecting the Personal data
As a leader in information security services, confidentiality and data protection are of vital importance for us. Access to the collected personal data is restricted only to Bitdefender employees and data processors that need access to this information. All Bitdefender information security policies are ISO 27001 certified.
Bitdefender may use other IT companies to process the collected personal data. These companies are considered data processors and have strict contractual obligations to keep the confidentiality of the processed data and to offer at least the same level of security as Bitdefender. Data processors have the obligation not to allow third parties to process personal data on behalf of Bitdefender and to access, use and/or keep the data secure and confidential.
Bitdefender may host personal data in Romania, Ireland, as well as in European Union or any other jurisdiction which offers adequate level of personal data protection according to European Union standards, including companies that are certified under the US-EU Privacy Shield program.
Due to confidentiality obligations and security requirements the specific information regarding the name and details for each processor used will be provided only to competent authorities.
The following types of data processor are being used:
Access to certain sections of Bitdefender websites is protected by a username and password. We recommend not to reveal this password. Bitdefender will never ask for your account's password via any kind of messages or phone calls. We advise not to disclose your password to anyone asking you to do so. If possible, we also recommend to log out of your online services account after each session. We also advice to close the browser window after navigating or using Bitdefender services.
Unfortunately, transferring data over the Internet cannot be 100% secure. Consequently, despite our efforts to protect personal data, Bitdefender cannot assure or guarantee the security of the information transmitted by the user until the information is on our servers. Any information you transmit is done on your own risk.
Bitdefender may host personal data in Romania, Ireland, as well as in European Union or any other jurisdiction which offers adequate level of personal data protection according to European Union standards, including companies that are certified under the US-EU Privacy Shield program.
Due to confidentiality obligations and security requirements the specific information regarding the name and details for each processor used will be provided only to competent authorities.
The following types of data processor are being used:
- hosting services in Romania, Ireland and US;
- support channel communications in Romania, Ireland, Poland and US;
- marketing services (including email marketing) in Romania and US.
Access to certain sections of Bitdefender websites is protected by a username and password. We recommend not to reveal this password. Bitdefender will never ask for your account's password via any kind of messages or phone calls. We advise not to disclose your password to anyone asking you to do so. If possible, we also recommend to log out of your online services account after each session. We also advice to close the browser window after navigating or using Bitdefender services.
Unfortunately, transferring data over the Internet cannot be 100% secure. Consequently, despite our efforts to protect personal data, Bitdefender cannot assure or guarantee the security of the information transmitted by the user until the information is on our servers. Any information you transmit is done on your own risk.
So, i believe that if BTL actually already sent any unencrypted messages to Bitdefender servers, that is not true anymore.
Last edited: