Is it possible that antivirus software is spying on you?
- Thread starter aztony
- Start date
- Jan 17, 2013
- 410
Oh boy. This question has come into play lately. I don't think they spy on you. I know that some would say that qihoo and baidu being chinese software, spy on you to get some information or maybe browsing habits. I'm sure it's possible because a lot of cloud AV always have access to their servers. What's stopping them from "scanning" your documents and sending them home? The answer is, nothing. Are they? I would seriously doubt a reputable company would put their company at risk by performing something like this. Someone would eventually notice a data stream or someone on the other side might mention a certain secret server. It would get out and that company would have some explaining to do.
- Aug 30, 2012
- 6,598
Listen what guy says from 2:00
Of course not meaning directly on you bro, but to all people that think they are so important that the government or some AV company in this case would like to know what they are doing online or find out what documents I am reading or what porn do I like...Cheers!
Last edited:
- Jan 21, 2012
- 639
- Oct 23, 2012
- 12,527
The article raises some very valid questions.Should we trust a free or even paid AV/SecuritySuite program? Every time you turn around it seems some program or social media has had this,that or the other thing breached or exploited.I think a little paranoia is a good thing here as it forces us to be more cautious about what we decide to trust with our information.
MSE & windows Firewall are both free,SBIE is free both reputable and highly regarded security programs.ESET,Emsisoft,kaspersky,Comodo and Avast are examples of other very reputable companies.As stated in the article it would be foolish for these companies to decide to go Rogue and not only tarnish reputations that took years to build but also throw away their livelihood.These cater to both the home & business user.
We have seen the rogue AV's and we have seen new security software.I think one should be very cautious when deciding to try something new and free.Free is the hook and it is not always good.I can find 25 or more sites posting giveaways for free software that I have never heard of or thought about trying.Jumping on something because it is free that can access your files,passwords and make changes to your registry is just not worth the price even at free.
Stick with the companies that are reputable and educate yourself on those that aren't so reputable.
MSE & windows Firewall are both free,SBIE is free both reputable and highly regarded security programs.ESET,Emsisoft,kaspersky,Comodo and Avast are examples of other very reputable companies.As stated in the article it would be foolish for these companies to decide to go Rogue and not only tarnish reputations that took years to build but also throw away their livelihood.These cater to both the home & business user.
We have seen the rogue AV's and we have seen new security software.I think one should be very cautious when deciding to try something new and free.Free is the hook and it is not always good.I can find 25 or more sites posting giveaways for free software that I have never heard of or thought about trying.Jumping on something because it is free that can access your files,passwords and make changes to your registry is just not worth the price even at free.
Stick with the companies that are reputable and educate yourself on those that aren't so reputable.
- Dec 30, 2012
- 4,809
I heard about that,does that allegation "hold water"?
(Reason I ask is that I'm trialing it right now)
When you download and use a security program, then give it permission to scan all the contents on your system, there is a reality that something like this could take place, but as exterminator20 pointed out, most of the more "established" companies have spent a lot of time and money becoming so, and now make a lot of money in doing so. To throw all of that away chancing getting caught doing something like this, would be at minimum, foolish.
MrXidus
Super Moderator (Leave of absence)
- Apr 17, 2011
- 2,503
No doubt Cloud discussion will be brought into this. I'll get this out of the way.
Some antivirus/internet security programs offer you to send unidentified suspicious files back to the vendor to see if it's malicious.
How ever this requires your permission which is why you click Agree when installing. With this aside they most certainly do have the capability to send files from your PC to their servers.
It's the nature of cloud programs such as Hitman Pro uploads files to the cloud for scanning and identification to see if it's a threat.
Most popular antivirus programs these days have some sort of Cloud technology.
Here's ESET's known as "Live Grid® Virus Signature Monitor"
Kaspersky also had an active cloud function known as KSN.
Panda's Cloud Antivirus -
Arguments against cloud-based antivirus by Panda.
Discussion thread at Wilders about Panda Cloud with a response by Panda staff.
Even Microsoft's Windows Defender (Windows 8) has a thing called MAPS.
From the privacy statement.
Some antivirus/internet security programs offer you to send unidentified suspicious files back to the vendor to see if it's malicious.
How ever this requires your permission which is why you click Agree when installing. With this aside they most certainly do have the capability to send files from your PC to their servers.
It's the nature of cloud programs such as Hitman Pro uploads files to the cloud for scanning and identification to see if it's a threat.
Most popular antivirus programs these days have some sort of Cloud technology.
Here's ESET's known as "Live Grid® Virus Signature Monitor"
Kaspersky also had an active cloud function known as KSN.
Panda's Cloud Antivirus -
Arguments against cloud-based antivirus by Panda.
Discussion thread at Wilders about Panda Cloud with a response by Panda staff.
Even Microsoft's Windows Defender (Windows 8) has a thing called MAPS.
From the privacy statement.
- Sep 17, 2013
- 1,492
antivirus does have access to all the data in the computer. most of us scan all the files with antivirus installed.
antivirus also have access to the url visited. They monitor activities on the computer.
They are meant to protect ur computer. but if they want they can spy on u and send whatever data they want to their server. Now they connect their cloud server many times everyday.
Question is can the spying be kept secret. can't we analyse the uploaded data and find out want they are sending.
antivirus also have access to the url visited. They monitor activities on the computer.
They are meant to protect ur computer. but if they want they can spy on u and send whatever data they want to their server. Now they connect their cloud server many times everyday.
Question is can the spying be kept secret. can't we analyse the uploaded data and find out want they are sending.
if you don't want your sensitive files being leaked (because you think the content is uploaded and readable totally by cloud features of Avs); just encrypt the one that may impact seriously your privacy. Its is what i do , not because i fear clouds but because i dont want they get read by anyone else.
- Oct 23, 2012
- 12,527
Most reputable security software gives you an option on installation whether or not you want to participate in the sending of suspicious files back to the vendor(as Mr.X pointed out).If you don't feel comfortable then you should decline this on installation.
- Oct 15, 2013
- 501
Can they spy on you? The possibility is certainly there. AV's have system-wide access to pretty much everything except what the user excludes. Plus, virtually every AV has unrestricted web access in order to do its job. Couple that with the fact that most AVs now have a cloud scanning component where unknown or suspicious files can be checked. It is within the realm of possibility other sorts of data could be making its way to those AV servers. Several commenters mentioned that many AV developers/vendors have spent lots of time and resources to develop their product, as well as their reputation(s). And so it is unlikely they would want to jeopardize the fruits of their labor if they were found to be exploiting their customers in that manner. Mostly I want to agree with that. But we also know that people run these companies. Greed, and the pursuit of profit are in themselves powerful motivators. Too strong for some to resist the temptation when they weigh risk vs reward.
A strong business mind would know the difference between instant gratification vs long term revenue and security.
- Apr 25, 2013
- 5,355
Last week I received a question from a reader that surprised me. In effect, he asked why antivirus programs couldn't take advantage of their trusted status to steal personal data and generally spy on you. My immediate gut reaction was: No way! But in order to answer him I really had to think it through.
This reader’s thoughts were as follows: "If I were a real criminal and had financial resources of something like a foreign enemy to fund me, I could hire the best talent and build a good AV program that is free and actually works. Since I am scanning your machine and all your document files, couldn't I encrypt a few of your personal files and send them home to my server? Can I not get through your firewall because I have a legit need to call home so to speak to check for updates?"
Well, yes and no.
Rogue antivirus
Rogue antivirus programs do exist, and these days they look as good as or better than the real thing. We also call them “scareware” because they always pretend to find alarming malware infestations. The scan is free, but naturally you have to pay if you want them to "remove" what they "found." Now the bad guys have your money and your credit card number.
Scareware is big business. Some of these frauds actually have tech support and customer service hotlines. One of my contacts in the antivirus industry told me about a customer who was furious when the legitimate antivirus program quarantined the rogue. "That was my antivirus," ranted the customer, "I paid for it!"
The one difference between these products and the reader's doomsday scenario, and it's a big difference, is that they don't actually work. They generally scan much faster than legitimate programs, because they're not actually doing anything. In addition, the free-scan paid-clean-up model is a bit of a giveaway, as very few legitimate programs follow that model.
Serious scrutiny
Scareware programs exist specifically to make money. A working antivirus program that incorporates malicious features would be quite another thing. Fortunately, getting away with something like that would be really, really tough.
Independent antivirus testing labs like Dennis Technology Labs, AV-Comparatives, AV-Test, and others put antivirus programs under serious scrutiny. Their aim is to measure how well these products protect against malware, but many of the tests would also catch betrayal from within.
Here's an example. One sign of a bot infestation is suspicious traffic between the bot and its command-and-control server, so you can bet antivirus researchers are watching network traffic closely. A traitorous antivirus program would trigger the same kind of alarms.
In most cases, getting an antivirus program tested and certified costs the vendor money. That being the case, some vendors of free antivirus solutions don't participate. However, quite a few do. If you're truly worried, pick a free solution from a company that does participate in testing. For example, there’s AVG, Avast, Bitdefender Free, and a number of gratis lab-vetted solutions out there.
Doesn't make financial sense
Most vendors offer a range of security products, with free antivirus at the bottom of the range. They profit when any free user upgrades to commercial antivirus, or to a security suite, or purchases some other type of security product. Wide distribution of free antivirus gives the company a built-in customer base for paid products, and ensures that the company name is widely known. Throwing all this away in order to create some kind of spy program would be nuts.
That said, it's still faintly conceivable that a nation-state could secretly create some kind of antivirus-spy program, since the aim is not to make money but to steal data. You might think twice before installing a brand new antivirus from an iffy region like North Korea, for example.
I wouldn't worry at all about installing a well-known free antivirus, especially one that's part of bigger product line. It's even better if the vendor has been around for years – Avast Software just celebrated 25 years in business. You're a lot more likely to suffer from the fallout of a data breach than to encounter an antivirus that's turned to the dark side.
Source
This reader’s thoughts were as follows: "If I were a real criminal and had financial resources of something like a foreign enemy to fund me, I could hire the best talent and build a good AV program that is free and actually works. Since I am scanning your machine and all your document files, couldn't I encrypt a few of your personal files and send them home to my server? Can I not get through your firewall because I have a legit need to call home so to speak to check for updates?"
Well, yes and no.
Rogue antivirus
Rogue antivirus programs do exist, and these days they look as good as or better than the real thing. We also call them “scareware” because they always pretend to find alarming malware infestations. The scan is free, but naturally you have to pay if you want them to "remove" what they "found." Now the bad guys have your money and your credit card number.
Scareware is big business. Some of these frauds actually have tech support and customer service hotlines. One of my contacts in the antivirus industry told me about a customer who was furious when the legitimate antivirus program quarantined the rogue. "That was my antivirus," ranted the customer, "I paid for it!"
The one difference between these products and the reader's doomsday scenario, and it's a big difference, is that they don't actually work. They generally scan much faster than legitimate programs, because they're not actually doing anything. In addition, the free-scan paid-clean-up model is a bit of a giveaway, as very few legitimate programs follow that model.
Serious scrutiny
Scareware programs exist specifically to make money. A working antivirus program that incorporates malicious features would be quite another thing. Fortunately, getting away with something like that would be really, really tough.
Independent antivirus testing labs like Dennis Technology Labs, AV-Comparatives, AV-Test, and others put antivirus programs under serious scrutiny. Their aim is to measure how well these products protect against malware, but many of the tests would also catch betrayal from within.
Here's an example. One sign of a bot infestation is suspicious traffic between the bot and its command-and-control server, so you can bet antivirus researchers are watching network traffic closely. A traitorous antivirus program would trigger the same kind of alarms.
In most cases, getting an antivirus program tested and certified costs the vendor money. That being the case, some vendors of free antivirus solutions don't participate. However, quite a few do. If you're truly worried, pick a free solution from a company that does participate in testing. For example, there’s AVG, Avast, Bitdefender Free, and a number of gratis lab-vetted solutions out there.
Doesn't make financial sense
Most vendors offer a range of security products, with free antivirus at the bottom of the range. They profit when any free user upgrades to commercial antivirus, or to a security suite, or purchases some other type of security product. Wide distribution of free antivirus gives the company a built-in customer base for paid products, and ensures that the company name is widely known. Throwing all this away in order to create some kind of spy program would be nuts.
That said, it's still faintly conceivable that a nation-state could secretly create some kind of antivirus-spy program, since the aim is not to make money but to steal data. You might think twice before installing a brand new antivirus from an iffy region like North Korea, for example.
I wouldn't worry at all about installing a well-known free antivirus, especially one that's part of bigger product line. It's even better if the vendor has been around for years – Avast Software just celebrated 25 years in business. You're a lot more likely to suffer from the fallout of a data breach than to encounter an antivirus that's turned to the dark side.
Source
Similar threads
