Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Browsers
Web Extensions
Bitdefender Trafficlight still transmits every site in clear text?
Message
<blockquote data-quote="Tiamati" data-source="post: 865478" data-attributes="member: 56785"><p>A few months ago i checked i post telling Bitdefender Trafficlight (BTL) was sending unencrypted sites for Bitdefender servers (you can check the original post <a href="https://malwaretips.com/threads/mozilla-removes-all-avast-firefox-extensions.96780/post-847874" target="_blank">HERE</a>)</p><p></p><p>But i made my own research and could not confirm this information in the present moment. So i would like to know if you can help me to check if that is still true.</p><p></p><p>1) I tried to replicate the post guide but despite i accessed the BTL requests and sends, i could not find any unencrypted message. So i believe the problem is solved.</p><p>Edit:</p><p>[SPOILER="Explaining"]I can find the site BTL is sending in plain text (<strong>params tab</strong>), but the <strong>security tab</strong> shows TLSv1.2 protocol for all requests.</p><p></p><p>Examples</p><p>[ATTACH=full]234835[/ATTACH]</p><p></p><p>[ATTACH=full]234836[/ATTACH][/SPOILER]</p><p></p><p>2) According to<a href="https://www.bitdefender.com/site/view/legal-privacy-policy-for-home-users-solutions.html" target="_blank"> BTL privacy police:</a></p><p></p><p></p><p>[SPOILER="Bitdefender may use..."]Bitdefender may use other IT companies to process the collected personal data. These companies are considered data processors and have strict contractual obligations to keep the confidentiality of the processed data and to offer at least the same level of security as Bitdefender. Data processors have the obligation not to allow third parties to process personal data on behalf of Bitdefender and to access, use and/or keep the data secure and confidential.</p><p></p><p>Bitdefender may host personal data in Romania, Ireland, as well as in European Union or any other jurisdiction which offers adequate level of personal data protection according to European Union standards, including companies that are certified under the US-EU Privacy Shield program.</p><p></p><p>Due to confidentiality obligations and security requirements the specific information regarding the name and details for each processor used will be provided only to competent authorities.</p><p></p><p>The following types of data processor are being used:</p><p></p><ul> <li data-xf-list-type="ul">hosting services in Romania, Ireland and US;</li> <li data-xf-list-type="ul">support channel communications in Romania, Ireland, Poland and US;</li> <li data-xf-list-type="ul">marketing services (including email marketing) in Romania and US.</li> </ul><p>All our data processors in US are certified in the US-EU Privacy Shield program.</p><p></p><p>Access to certain sections of Bitdefender websites is protected by a username and password. We recommend not to reveal this password. Bitdefender will never ask for your account's password via any kind of messages or phone calls. We advise not to disclose your password to anyone asking you to do so. If possible, we also recommend to log out of your online services account after each session. We also advice to close the browser window after navigating or using Bitdefender services.</p><p></p><p>Unfortunately, transferring data over the Internet cannot be 100% secure. Consequently, despite our efforts to protect personal data, Bitdefender cannot assure or guarantee the security of the information transmitted by the user until the information is on our servers. Any information you transmit is done on your own risk.[/SPOILER]</p><p></p><p>So, i believe that if BTL actually already sent any unencrypted messages to Bitdefender servers, that is not true anymore.</p></blockquote><p></p>
[QUOTE="Tiamati, post: 865478, member: 56785"] A few months ago i checked i post telling Bitdefender Trafficlight (BTL) was sending unencrypted sites for Bitdefender servers (you can check the original post [URL='https://malwaretips.com/threads/mozilla-removes-all-avast-firefox-extensions.96780/post-847874']HERE[/URL]) But i made my own research and could not confirm this information in the present moment. So i would like to know if you can help me to check if that is still true. 1) I tried to replicate the post guide but despite i accessed the BTL requests and sends, i could not find any unencrypted message. So i believe the problem is solved. Edit: [SPOILER="Explaining"]I can find the site BTL is sending in plain text ([B]params tab[/B]), but the [B]security tab[/B] shows TLSv1.2 protocol for all requests. Examples [ATTACH type="full" alt="1584160364885.png"]234835[/ATTACH] [ATTACH type="full" alt="1584160429946.png"]234836[/ATTACH][/SPOILER] 2) According to[URL='https://www.bitdefender.com/site/view/legal-privacy-policy-for-home-users-solutions.html'] BTL privacy police:[/URL] [B][/B] [SPOILER="Bitdefender may use..."]Bitdefender may use other IT companies to process the collected personal data. These companies are considered data processors and have strict contractual obligations to keep the confidentiality of the processed data and to offer at least the same level of security as Bitdefender. Data processors have the obligation not to allow third parties to process personal data on behalf of Bitdefender and to access, use and/or keep the data secure and confidential. Bitdefender may host personal data in Romania, Ireland, as well as in European Union or any other jurisdiction which offers adequate level of personal data protection according to European Union standards, including companies that are certified under the US-EU Privacy Shield program. Due to confidentiality obligations and security requirements the specific information regarding the name and details for each processor used will be provided only to competent authorities. The following types of data processor are being used: [LIST] [*]hosting services in Romania, Ireland and US; [*]support channel communications in Romania, Ireland, Poland and US; [*]marketing services (including email marketing) in Romania and US. [/LIST] All our data processors in US are certified in the US-EU Privacy Shield program. Access to certain sections of Bitdefender websites is protected by a username and password. We recommend not to reveal this password. Bitdefender will never ask for your account's password via any kind of messages or phone calls. We advise not to disclose your password to anyone asking you to do so. If possible, we also recommend to log out of your online services account after each session. We also advice to close the browser window after navigating or using Bitdefender services. Unfortunately, transferring data over the Internet cannot be 100% secure. Consequently, despite our efforts to protect personal data, Bitdefender cannot assure or guarantee the security of the information transmitted by the user until the information is on our servers. Any information you transmit is done on your own risk.[/SPOILER] So, i believe that if BTL actually already sent any unencrypted messages to Bitdefender servers, that is not true anymore. [/QUOTE]
Insert quotes…
Verification
Post reply
Top