Chinese Antivirus: the plague of today

[MVP Baboo]

Ghostwriter? I've been working with Windows and security since 1987 and I'm Microsoft MVP in Windows since 2003. My website is online since 1999 and it's the largest independent website focused on Windows in LatAm. I wrote the article myself because it's amazing how millions of users simply can't imagine their Chinese antivirus collect and profit from their user data instead of protecting them from intruders.

There is no "potential threat" using free antivirus as antivirus companies profit from OEM partnership and enterprise contracts, not consumer. And you can be sure no serious company outside China use Chinese software to protect their data. THIS makes no sense.

 

[sunrise]

Ghostwriter? I've been working with Windows and security since 1987 and I'm Microsoft MVP in Windows since 2003. My website is online since 1999 and it's the largest independent website focused on Windows in LatAm. I wrote the article myself because it's amazing how millions of users simply can't imagine their Chinese antivirus collect and profit from their user data instead of protecting them from intruders.

There is no "potential threat" using free antivirus as antivirus companies profit from OEM partnership and enterprise contracts, not consumer. And you can be sure no serious company outside China use Chinese software to protect their data. THIS makes no sense.

First cruelsister have demonstrated that China Antivirus (particularly 360) can beat paid western antivirus. I trust her test. Because shortly later, Qihoo release a fix (the initial test shows it fail but after fixing it they pass) .

Profit is for those who use their other services like their market, etc. I have been using 360 for almost 2 years+ and I didn't receive more unwanted spam in my email nor have I have my CC charged with unauthorized transaction.

2 years is a long time.

 

[MVP Baboo]

1. If free antivirus is bad for business, Panda, Avira, BitDefender would not have one, right?
2. If you want free antivirus, use one from security-focused companies (like Panda, Avira or BitDefender Free) instead of Chinese AV whose developer company profits from ads (Qihoo, Baidu) and have no interest in users privacy

 

[sunrise]

1. If free antivirus is bad for business, Panda, Avira, BitDefender would not have one, right?
2. If you want free antivirus, use one from security-focused companies (like Panda, Avira or BitDefender Free) instead of Chinese AV whose developer company profits from ads (Qihoo, Baidu) and have no interest in users privacy

Excuse me? Qihoo started out with it's security product before branching out to other products and services.

From wikipedia

Qihoo 360 initiated its business operations by selling third-party antivirus software online. Soon afterwards they realized the potential of the freemium business model in the Chinese market and started providing their own antivirus products free of charge. In a short period of time, Qihoo 360's security products gained popularity and market share in China. Their current revenues are generated by leveraging their massive user base through online advertising and services such as online games, remote technical support, and system integration.

Besides if they are not security oriented, how come they are working together with microsoft?
https://technet.microsoft.com/en-us/library/security/mt674627.aspx

 

[MVP Baboo]

1. Qihoo main revenue sources are online advertising and online games - not from security itself. Free antivirus is only the tool they use to get user's info to improve they ad revenue.

2. They profit from bugs found in Microsoft product, as Google, Baidu, Cisco, Tencent and many other teams does. There is no "working together" on disclosing bugs and profit from them.

 

[CMLew]

1. Qihoo main revenue sources are online advertising and online games - not from security itself. Free antivirus is only the tool they use to get user's info to improve they ad revenue.

2. They profit from bugs found in Microsoft product, as Google, Baidu, Cisco, Tencent and many other teams does. There is no "working together" on disclosing bugs and profit from them.

That's a pretty deep allegation you got there. Do you have any substantial evidence that you can back the allegation you mentioned? Im pretty curious to know too.

 

[ZeroDay]

1. Qihoo main revenue sources are online advertising and online games - not from security itself. Free antivirus is only the tool they use to get user's info to improve they ad revenue.

2. They profit from bugs found in Microsoft product, as Google, Baidu, Cisco, Tencent and many other teams does. There is no "working together" on disclosing bugs and profit from them.

I'm by no means calling you a liar, you may very well be correct. I know Qihoo make a lot of money through their search engine and no doubt ads. But do you have a few different sources to support your claims? The reason I ask is if you do that would be good for future refrence for anyone considering Q360 so they can look at the facts about the company. I myself have dropped Q360.

 

[BillR5]

Regarding profit from bugs: I'm guessing MVP Baboo is referencing Msft bug bounty program. The Microsoft "Bounty Hunters: The Honor Roll says "Total bounties paid to date: Over $500,000.00" [emphasis in original] -- that "to date" is 2013 to mid-2016 spread amongst dozens of individuals. My quick perusal finds 4 bugs for $19,000 for Qihoo researchers. Tencent did much better financially with 5 bugs for $121,500. So lots of prestige but not a significant source of direct revenue except to pretty small firms or independents.

Regarding Qihoo revenue, Wikipedia has 2012 numbers but investing sites have comments saying similar things with huge growth in shared revenue with phone game authors:

[Started selling AV but switched to freemium model based on advertising revenue from providing free AV, search, and other products.] Their current revenues are generated by leveraging their massive user base through online advertising and services such as online games, remote technical support, and system integration.

Qihoo 360's main revenue sources include advertising space on 360 Startup Page, as well as revenue sharing with independent games developers which have published their games on the 360 Mobile Assistant. The revenue breakdown in 2012 was split between the revenue streams as follows: 67% from advertising, 31% from internet value added services and less than 1% from selling third party software.

 

[Deleted member 2913]

Qihoo is an average AV.

Average detection
High FPs...may be the reason for sometime good detection.
Semi HIPS...If a user can decide to allow/block those startup, registry, etc... popups then why would he go for a semi HIPS feature product instead of good full HIPS feature product free out there?
3rd party engine...Always couple days behind with signs And buggy/not working/updating signs.

Just my opinion & experience.

 

[Ileshcin]

This thread should be shut down. Baboo is forcing other people to believe his idea and the discussion was not rational anymore.

 

[MVP Baboo]

That's a pretty deep allegation you got there. Do you have any substantial evidence that you can back the allegation you mentioned? Im pretty curious to know too.

Wikipedia has some infos and Qihoo 360 Technology Co Ltd Earnings: How It Beat Expectations and What to Expect Going Forward has some more. The book "Free Antivirus and its Market Implementation - a case study of Qihoo 360 and Baidu" is funded by AV-Comparatives and have all information and details about revenue source and related topics from Qihoo and Baidu. Qihoo "Vulcan Team" is a group of security experts and their findings from bug hunting also generate some extra revenue..

This thread should be shut down. Baboo is forcing other people to believe his idea and the discussion was not rational anymore.

I'm not forcing anyone to believe "my idea". I provide links to enforce what I defend. I work with Windows since 1987 (Windows 2.01) and I was Windows technical beta-tester for many years before I was award with Microsoft Windows MVP in 2003. This is my 13rd year as Windows MVP and I have plenty of solid information about Windows ecosystem

 

[hjlbx]

1. Qihoo main revenue sources are online advertising and online games - not from security itself. Free antivirus is only the tool they use to get user's info to improve they ad revenue.

2. They profit from bugs found in Microsoft product, as Google, Baidu, Cisco, Tencent and many other teams does. There is no "working together" on disclosing bugs and profit from them.

These statements are accurate...

Qihoo and Baidu do use targeted ads. Targeted ads are based upon user data collection (even if anonymized data). So does Google, Microsoft, etc, etc, etc. Some vendors do it much more, and much better, than others.

It is data mining, metadata collection,... whatever you choose to call it. That's the reality of it.

* * * * *

Microsoft bug bounty program - or perhaps even sell to an exploit broker or other 3rd party. You can never know for sure, since the details of these transactions are rarely made public - except that some of the large, well-funded bug bounty programs will publish a list.

 

[Evandro]

This thread should be shut down. Baboo is forcing other people to believe his idea and the discussion was not rational anymore.

 

[Evandro]

Sr Baboo
racismo and racial prejudice are considered crimes against humanity!

 

[MVP Baboo]

These statements are accurate...
Qihoo and Baidu do use targeted ads. Targeted ads are based upon user data collection (even if anonymized data). So does Google, Microsoft, etc, etc, etc. Some vendors do it much more, and much better, than others.
It is data mining, metadata collection,... whatever you choose to call it. That's the reality of it.
* * * * *
Microsoft bug bounty program - or perhaps even sell to an exploit broker or other 3rd party. You can never know for sure, since the details of these transactions are rarely made public - except that some of the large, well-funded bug bounty programs will publish a list.

I agree with you, but did you read Qihoo Privacy Policy before they updated it with a new politically correct one? Take a look HERE. It's preposterous and it's very transparent about what they want to know about their users.

98% of Google yearly revenue also comes from target ads and having its own browser is a brilliant strategic move to increase data mining and user data collection (anonymous or not) in a very easy way. That's the obvious reason Qihoo invested US$ 600 million to buy Opera browser a few weeks ago..

Anonymized data collection is also important to Microsoft improve Windows reliabiility and Modern apps stability, but at least they're very clear about that in their Privacy Policy. Nevertheless, there are some good software in the market from chineses companies as IOBit, Wise, EaseUS and a few others.