Privdog is Superfish all over again

[cruelsister]

It's rather odd that Kaspersky should be used as a model of Privacy Protection. Note that a Kaspersky product will direct traffic to (of course) a Kaspersky server in Moscow. Note also that Putin last year pushed a rule through (via the Communications Ministry) that MANDATES servers in the Russian Republic install equipment that would record and save all internet traffic for at least 12 hours and grant the security services (FSB) exclusive access to the data.

http://www.reuters.com/article/2013/10/21/net-us-russia-internet-idUSBRE99K0M920131021

This should be troubling, as this little tidbit from Kaspersky's Policy states: "In certain cases we are obliged to transfer your personal data to third parties due to applicable legal requirements". This of course is in addition to Kaspersky's cozy relationship with the FSB (the successor of the KGB).

I would have thought that this would be of more interest than quibbling over the legal wording of Privacy policies, but that's just me...

And, oh yeah- Qihoo does have a Privacy Policy that can be found here: http://www.360safe.com/privacy.html

Seems pretty standard to me.

 

[Nico@FMA]

It's rather odd that Kaspersky should be used as a model of Privacy Protection. Note that a Kaspersky product will direct traffic to (of course) a Kaspersky server in Moscow. Note also that Putin last year pushed a rule through (via the Communications Ministry) that MANDATES servers in the Russian Republic install equipment that would record and save all internet traffic for at least 12 hours and grant the security services (FSB) exclusive access to the data.

http://www.reuters.com/article/2013/10/21/net-us-russia-internet-idUSBRE99K0M920131021

This should be troubling, as this little tidbit from Kaspersky's Policy states: "In certain cases we are obliged to transfer your personal data to third parties due to applicable legal requirements". This of course is in addition to Kaspersky's cozy relationship with the FSB (the successor of the KGB).

I would have thought that this would be of more interest than quibbling over the legal wording of Privacy policies, but that's just me...

And, oh yeah- Qihoo does have a Privacy Policy that can be found here: http://www.360safe.com/privacy.html

Seems pretty standard to me.

Jup well said.

 

[Tony Cole]

Very true, it's well known Kaspersky is very good friends with President Vladimir Putin, as he use to be a KGB agent. I do not mind if Kaspersky does indeed save data collected, at least it's only for 12hrs the NSA holds data for years, as Comodo is based in the United States they have to make their data available to the NSA, FBI etc., which was passed under President George Bush. So, Melih cannot state he does not provide info, and that Comodo was the only company to be able to block the NSA, total crap!

 

[cruelsister]

Tony- a slight difference- the NSA needs to request data. The Russian data gets downloaded directly to FSB servers.

 

[Tony Cole]

So you honestly believe that the NSA requests data? The PATRIOT Act gave the NSA, FBI, CIA the power to do anything.

 

[starchild76]

Comodo has really shot themselves in the foot. Disgusting behavior by a company who is suppose to protect users and their identity.

Privdog is not the only thing that comodo has to worry about , the also have this " minor " thing of the missuse of alernate data streams

 

[Enju]

This should be troubling, as this little tidbit from Kaspersky's Policy states: "In certain cases we are obliged to transfer your personal data to third parties due to applicable legal requirements". This of course is in addition to Kaspersky's cozy relationship with the FSB (the successor of the KGB).

http://support.kaspersky.com/11198
"The Software does not process any personally identifiable data and does not combine the processed data with any personal information.
If you do not wish for the information collected by the Software to be sent to the Rightholder, You should not activate and/or de-activate, the Kaspersky Security Network service."
So yeah, even if they are required so send your data, they can't, it's a legal loophole.

 

[hjlbx]

The NSA does indeed need to submit requests for certain data according to the letter of the law. However those approved requests authorize the NSA to data mine essentially by all means necessary at mega terabyte levels and where "national security" letters are granted for surveillance all your rights - US citizen or not - vanish.

The NSA, CIA, FSB....they're in the surveillance business...by any means necessary...legal or the appearance of being legal or just plain illegal. I think the difference between NSA and FSB is NSA goes to very great lengths to appear proper. FSB is more pragmatic and direct.

All clandestine agencies from all nations are dirty and use underhanded tactics to some extent. It's part and parcel to their mandates and missions....

 

[cruelsister]

Enju- the devices being installed in Russia are direct feeds to government servers; permission has nothing to do with it. I can say that if I lived in Moscow I would be rather reticent to download a Pussy Riot mp3.

 

[Jaspion]

Are you guys afraid of what is in your computers, or in others? This is just a question. I require no answer to myself.

 

[StriderHunterX]

I found myself uninstalling Privdog from PC's that had it,because I found it bothersome.Now this happens...Glad I could follow my gut.

Thing is:You can control the installation process on CIS and remove it from their browsers.I trust Comodo and they haven't failed me yet....

Nobody's perfect....

 

[Billcomputerman123]

i know about this alreadly when i install a comodo product i custom install then run should i remove it and find the pup and uninstall it i like comodo but i use comodo firewall its still good

 

[jackuars]

Obviously this will never be admitted, and neither is there any description in their terms of use.
But external testing and other reliable sources have confirmed beyond the reasonable doubt that Comodo is harvesting huge amounts of data and in return they are able to provide you with free software. So one could say that your online profile is the payment your making to keep their products free. And sure one could make a case about Symantec or some of these other brands, as all of them do statistical data.
Yet the one and only difference is that for example Symantec and Kaspersky (Just to name a few) have a clear written EULA and Privacy policy which states exactly what is going to happen with that data. And if in doubt phone them up and they will spell it out for you.
Comodo does this NOT, Qihoo does this NOT and that other asian AV program does it NOT either.
Look enough bitching about products and such but free is not as free as they do label it. Free can be interpret in many ways yet it really depend on what they consider free and how they formulate that. Same goes for Google... they are probably the worse big data harvesters in the world next to facebook and twitter, yet one needs to realize that they are very open about it, they tell you that your online habits are being stored. Leaving you the choice if you want to use their services or not.

Cheers

To be honest I haven't lost any money from my own credit card to them, or my online profile was hanging around with naked girls on the internet from the "free" antiviruses you just accused. I don't what's there to get hyped up if they are getting paid for gathering our statistical information, we aren't losing cash of any kind compared to what we pay for Kaspersky or Symantec. If people start losing it, there wouldn't be anyone left to use their product.

The very point of internet is to keep you connected. If you've nothing to hide, you are in safe hands. If someone has, probably internet is not the place for them. Offline is. This is how and what the world has turned into.

My experience with Qihoo was pleasant. They have a clear written EULA policy just like every other one. All these bad talks about Chinese products need to be stopped, although am not one.

 

[Cch123]

I think that the main problem everyone has with this entire issue is how and what data was sent. I Nico's points are correct, then Comodo would easily have the worst privacy record among almost all of the security companies. Also, the original reason for the article was because of the fact that Comodo's privdog is potentially compromising user's data by using unsafe security practices, not because of all these privacy issues.

@cruelsister @Nico@FMA
I am extremely curious as to what data is actually sent by Kaspersky. If you guys know what exactly is sent (like is it just telemetry or do thy include document files, web traffic etc.) please let me know

 

[Enju]

Enju- the devices being installed in Russia are direct feeds to government servers; permission has nothing to do with it. I can say that if I lived in Moscow I would be rather reticent to download a Pussy Riot mp3.

And still no real sources, only assumptions, Kaspersky has very strict rules about personal information, even if they had a direct link to the government (which they don't) it wouldn't get any personal information, only anonymized statistics and even that can be turned off by disabling KSN.

 

[hjlbx]

Best practice is to do it Soviet style: Trust no one and suspect everyone...

"Free" may cost you a little, it may cost you a lot, but it will cost you...

Where IT is concerned, there are no such things as absolute privacy and safety...

 

[Janl92l]

Best practice is to do it Soviet style: Trust no one and suspect everyone...

"Free" may cost you a little, it may cost you a lot, but it will cost you...

Where IT is concerned, there are no such things as absolute privacy and safety...

Im sure u dosnt mean soviet style,u mean USA style.

 

[hjlbx]

Im sure u dosnt mean soviet style,u mean USA style.

No disagreement with you on that one! ...

At times it seems the entire world is consumed by schizophrenic-grade paranoia.

The more information that is generated, the more paranoid people and governments become.

 

[Solarquest]

It's rather odd that Kaspersky should be used as a model of Privacy Protection. Note that a Kaspersky product will direct traffic to (of course) a Kaspersky server in Moscow............

Does this happen in any case or "only" if Kaspersky 's CA certificate is installed?

Thank you

 

[Solarquest]

In my opinion there should be only 3 cases:
1- pay software: you pay for it, so it should be 100 % adware/privacy safe and clean
2- free software. Since it s free , it might allow the producer to get a income in a legal, official and clear way. The sw should state how it might get income to the producer, exactly what infos are gathered and sent and ask clearly the consent of the user.
3- a pay sw that at install asks the user if he agrees to a lower price or to a free sw if he accepts to send some well specified and clearly stated datas Or a free sw that offers the option to become safe and clean if a fee is payed.

I recently read a Emsisoft article that highlited how all AV sw send data to the vendor, free as pay sw....starting from all visited sites.
This is unacceptable/illegal in my opinion for a pay software!..as for a free one if not clearly highlited at installation of the sw what is installed and what infos are gathered.

To collect passwords and credit card informations is, in my opinion, always illegal and incredible!
Consumers need to wake up and to push for better regulations!. .and to buy products that protect them best with no adware and "spyware".