TairikuOkami

Level 23
Verified
Content Creator
This is one of the reasons, I do use a realtime AV. AVs are snitches as proven many times, like BD helping FBI. Ask people in prisons.
Even cloud storages are not safe, MS helped to imprison many people, because of scanning of their online content, there goes WD.
Excuses like they are bad guys do not apply. They either respect it or not. In China bad guys are those, who like democracy/Tibet.
 
Last edited:

Slyguy

Level 42
Verified
This is one of the reasons, I do use a realtime AV. AVs are snitches as proven many times, like BD helping FBI. Ask people in prisons.
Even cloud storages are not safe, MS helped to imprison many people, because of scanning of their online content, there goes WD.
Excuses like they are bad guys do not apply. They either respect it or not. In China bad guys are those, who like democracy/Tibet.
Agreed. It's a big and growing issue.

This is why Zero-Knowledge is so important in services/products. I use a Zero Knowledge cloud service that comes standard with 3-layer encryption, then I encrypt it before that with my own AES256 encryption tool. To chance of getting any readable, useful data from my cloud is zero. Since it is a zero knowledge firm they can't get it regardless. These days I seek out and use zero knowledge when possible and recommend everyone I talk to do the same. If a company that hosts your email can read your email then your email isn't secure. If a company that hosts your files can view your files, then it isn't secure.

The common way to avoid some AV snitching is to whitelist important drives/folders/files so they're totally ignored. This limits the ex-filtration of sensitive data. Sometimes I wonder if using a Russian or Chinese product might be better with the view that those govts probably have little to no interest in your stuff which may offer some immunity from the surveillance state in the USA?

Amazon and other firms can offer 'free' storage all they want, but I would still pay for more secure/private alternatives. That 'free' is very tempting and probably why they do it.

Is your cloud drive really private? Not according to fine print - NBC News
 

Slyguy

Level 42
Verified
Emsisoft uses SSL communication, we shouldn't overlook the importance of that.

Panda for example uses HTTP/80 for everything. Updates, logging/telemetry, cloud checks, etc.. Most other AV's seem to use HTTP/80 in some or most cases. Gdata also seems to use 443 for the important stuff.

I do not believe an AV should be communicating over plain text HTTP... But that's my opinion and it's another reason why I think Emsisoft is good.