ADWcleaner found Baidu AV injections on my PC Don't Use Baidu...!
Do not use Baidu AV
- Thread starter marg
- Start date
- Status
plus the chinese government uses the software to spy on people too
It's probably a fp, many tool detect baidu and qihoo as trojan or PUP
But for this it's a true, they use chinese av to spy ^^
and baidu search engine is paid by the government too as to the anti-virus company
When it comes to chinese software, i hear a voice in my head that tells me: "Don't use chinese software !", and i always listen to it.
I'd like to remind everybody that Baidu software products have been known in the past to produce Adware, pop-ups, browser hijacking, toolbar kind of behaviour. See the explanation of one such infection on our very own site: http://malwaretips.com/blogs/adware-win32-baidu-a-removal/
Of course in this case, I believe the most likely culprit would be a PUP software that has bundled itself with Marg's download of Baidu Antivirus. Although for those of you still not convinced I'd like to point out this rather scary paragraph from their EULA (license agreement which applies as soon as you use Baidu):
Interestingly enough, this paragraph appears in the terms on the website, but not in the EULA agreement shown in the software
:
Now you see it: http://antivirus.baidu.com/en/license_agree.php
Now you don't: http://antivirus.baidu.com/en/eula.html
Note this line from the Baidu EULA (lower link):
3.7.2 User agrees that this Software will make reasonable efforts to protect the privacy and integrity of user's computer resources and computer communications. However, user acknowledges and agrees that Baidu provides no guarantee in this regard.
I personally think this clause is in very poor taste Baidu, and very suspicious. Especially when you consider the information collected, as I quoted above. It's also illegal in most parts of the world for a company to fail to guarantee the security of user data. I have reported this to Baidu and encouraged them to respond here. Let's see if they reply and what they have to say for themselves.
Be careful what you download
Of course in this case, I believe the most likely culprit would be a PUP software that has bundled itself with Marg's download of Baidu Antivirus. Although for those of you still not convinced I'd like to point out this rather scary paragraph from their EULA (license agreement which applies as soon as you use Baidu):
Interestingly enough, this paragraph appears in the terms on the website, but not in the EULA agreement shown in the software
:Now you see it: http://antivirus.baidu.com/en/license_agree.php
Now you don't: http://antivirus.baidu.com/en/eula.html
Note this line from the Baidu EULA (lower link):
3.7.2 User agrees that this Software will make reasonable efforts to protect the privacy and integrity of user's computer resources and computer communications. However, user acknowledges and agrees that Baidu provides no guarantee in this regard.
I personally think this clause is in very poor taste Baidu, and very suspicious. Especially when you consider the information collected, as I quoted above. It's also illegal in most parts of the world for a company to fail to guarantee the security of user data. I have reported this to Baidu and encouraged them to respond here. Let's see if they reply and what they have to say for themselves.
Be careful what you download
Last edited:
Y
yigido
Yes Cowpipe thats what happened to me with the crud Baidu download. Just say NO to BAIDU...!
for qihoo:
" Device information. We may collect device-specific information, including your operating system version, system language, and IMEI number.
Source : http://www.360safe.com/privacy.html
" Device information. We may collect device-specific information, including your operating system version, system language, and IMEI number.
- Log information. When you use our Services and Software, we may automatically collect and store certain information on our servers related to your use of our website or Services and Software to help us improve the quality of our products and service. This may include:
- The manner in which you use our website or Services and Software, including how frequently you install, use or uninstall our Software and its features.
- IP address.
- Information collected relating to installed programs scanned by Software features. The information uploaded onto our 360 cloud security center ("360 Cloud Security Center") servers for virus scanning include: file paths and MD5 checksums of the executable files, installed software names, package names, software signature certificates, and software URLs in conjunction with our filtering feature, which we apply to suspicious URLs when you use 360 Internet Protection (this information is processed with encryption).
- URL information. URLs of websites that you visit will be uploaded to 360 Cloud Security Center servers for phishing and online fraud analysis. Any Personal User Information will be removed from the URLs before they are uploaded. The information is processed with encryption before the upload.
- Unique Serial numbers. When you use certain services, they might have a unique 360 serial number. This serial number and certain information about your installation (for example, the type of operating system on your device) may be sent to Qihoo 360 when you install or uninstall Software or when Software periodically contacts our servers, such as in a check for automatic updates.
- Local storage. We may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches. Such information includes: user settings, file whitelist and blacklist used to accelerate file scanning.
Source : http://www.360safe.com/privacy.html
The main problem with Baidu @thepierrezou is that they state they do not guarantee the privacy of user data. Which basically gives them free license to distribute it to other companies, organisations, governments as they please without justification or accountability.
Hahaha... Oops http://malwaretips.com/styles/MalwareTips/xenforo/clear.pnghttp://malwaretips.com/styles/MalwareTips/xenforo/clear.png I have no idea why! I'll go through and correct them
It's my little Cow-isms that make me who I am
Very useful informations, BUT, can anyone name an AV vendor who does not use the user's personal data?
The Chineese companies spies on us.....ok, the USA companies dont do it?
The Chineese companies spies on us.....ok, the USA companies dont do it?
You got a point... almost all AV "spy" on us, I've heard Emsisoft is more concerned about privacy than others.
You can sue US companies, try suing a Chinese company. And, just look at the Chinese government trying to blackmail/extort Microsoft.
To be honest, it isn't specifically the information they collect that concerns me, but rather their attitude towards it. Take the Kaspersky EULA for example. They collect personal data, but they also include safeguards such as:
Source: http://support.kaspersky.co.uk/8752
I insist....From the moment you use the internet your privacy is more or less exposed.
ALL antivirus vendors use user's data, some refer to it ''gently'' others not, but in the end...our privacy is compromised.
Personally i dont complain about it. China, USA, Europe etc....they ALL spy one way or another.
ALL antivirus vendors use user's data, some refer to it ''gently'' others not, but in the end...our privacy is compromised.
Personally i dont complain about it. China, USA, Europe etc....they ALL spy one way or another.
- Status
You may also like...
-
-
DefenderWrite Tool Let Attackers Inject Malicious DLLs into AV Executable Folders- Started by Khushal
- Replies: 7
-
-
-
System Utilities decompilation - detected as PUP by most AV vendors but is it actually just a PUP?
- Started by Khushal
- Replies: 2