Which antivirus respects the user privacy the most?

Elpibe

Level 3
Thread author
Verified
Sep 26, 2015
126
I know theres a post of this, but its from 2014. http://www.av-comparatives.org/wp-content/uploads/2014/04/avc_datasending_2014_en.pdf

So, i want to get an AV (free or paid), and my main problem is the privacy policy. Because, IMO, a program that know everything about you (to protect you better?) is kinda the same as having spyware. Indeed some programs tell you that they can share (sell?) with 3rd companys the info they get from you.

So anyone know a good private AV?

Because I don't know if privacy is worth sacrificing for protection. I didnt have any virus problem in years. And I know theres no way to be 100% protected or 100% anonymous
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
I know theres a post of this, but its from 2014. http://www.av-comparatives.org/wp-content/uploads/2014/04/avc_datasending_2014_en.pdf

So, i want to get an AV (free or paid), and my main problem is the privacy policy. Because, IMO, a program that know everything about you (to protect you better?) is kinda the same as having spyware. Indeed some programs tell you that they can share (sell?) with 3rd companys the info they get from you.

So anyone know a good private AV?

Because I don't know if privacy is worth sacrificing for protection. I didnt have any virus problem in years. And I know theres no way to be 100% protected or 100% anonymous
That link you posted shows only 2 companies, Emsisoft and AhnLab, do value customers' privacy.

Read here

Is Your Antivirus Tracking You? You’d Be Surprised At What It Sends

The Most Privacy-Conscious Antiviruses

AhnLab sends the least amount of data according to this test. It won’t send URLs you visit, personal documents, or even executable files and other personal information to the antivirus company. It will transmit information about the antivirus product, a unique identifier for your computer, your operating system version, and hashes of files. A hash will let the antivirus company detect whether the file matches another file they know about, but it won’t actually let them view any of the contents.

Emsisoft also comes out looking good. They send a bit more information when you encounter malicious files — for example, they’ll send suspicious executable files to the antivirus company — but they’ll never send a list of websites you visit or your documents over the Internet


Both of these products are paid antivirus products. They’re the only antiviruses in the study that don’t send the most sensitive types of data to an antivirus company.
 

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
Let's start by talking about what privacy policies really talk about on security software and why are they there.

In order for a program to provide a better protection, some data may be collected. For example: hash of files detected/flagged as false positives, in some cases any file that may be potentially included to the database. If you know how a malware database/signature works, then you'd understand why. Does this mean Avast reads all your personal documents and stores them? No, they do not.

Does your antivirus sell your personal files to local government upon request? Possibly yes. There's hardly any company that can say "no" to law. If your concern is that, do not use Windows at all. I do not know how Linux works but it's pretty much the same surely.

Some other antivirus may submit less information, but they pretty much all collect at least the basics: information to know who you are such as IP, MAC Address, system configuration to know under what circunstances malware is triggered/detected, etc.

You can google and search for antivirus that submit less information but the truth is you'll have to believe what they wrote on their website, because you'll never know what they know about you and if they give it to any government or whatever.

You can try what HarborFront commented up but i wouldn't even trust. AV-Comparatives tests upon company's payment to appear on the test, so nothing assures me they just didn't include as safe the ones who paid the most. Once again, there's nothing you can do. Privacy is a myth. Live with it or mgirate to Linux.
 
F

ForgottenSeer 58943

First, if you want any privacy with your AV you won't run any of the US products.. Webroot, Norton, McAfee and Trend send your entire life out to 'someone else'. In the case of most of those, US Intelligence. Also, AV's leaking telemetry is an intelligence boon already as that data can be intercepted and based on recent leaks - they DO intercept it.

ClamAV is very private, but the problem is pretty lousy.
F-Prot sends almost no outbound data, but again, it's not too good these days.
Emsisoft is reported to limit data and also use SSL for what they do send.

Forticlient actually sends very little information. If you disable the Web Filter, it doesn't send much of anything. If you have an on-site Fortigate appliance it sends NOTHING and only relies on the Fortigate appliance for all of it. (including updates)

Ahnlabs no longer supports consumer products so good luck there but Ahnlabs has always been really good.

More importantly I think we need to look at what is being sent specifically. Generally, Intelligence will try to gather intrusive data from AV streams, but if that data is limited to things like programs installed, versions, etc, then there isn't much intel gained however they could use that data for tailored operations. So for this reason an AV should probably limit itself to 'threats' or 'possible threats' and not every single thing installed or what the computer is doing every single moment.
 

Elpibe

Level 3
Thread author
Verified
Sep 26, 2015
126
That link you posted shows only 2 companies, Emsisoft and AhnLab, do value customers' privacy.

Read here

Is Your Antivirus Tracking You? You’d Be Surprised At What It Sends

The Most Privacy-Conscious Antiviruses

AhnLab sends the least amount of data according to this test. It won’t send URLs you visit, personal documents, or even executable files and other personal information to the antivirus company. It will transmit information about the antivirus product, a unique identifier for your computer, your operating system version, and hashes of files. A hash will let the antivirus company detect whether the file matches another file they know about, but it won’t actually let them view any of the contents.

Emsisoft also comes out looking good. They send a bit more information when you encounter malicious files — for example, they’ll send suspicious executable files to the antivirus company — but they’ll never send a list of websites you visit or your documents over the Internet


Both of these products are paid antivirus products. They’re the only antiviruses in the study that don’t send the most sensitive types of data to an antivirus company.

Yes, thats based on the link i posted, its from 2014.

Let's start by talking about what privacy policies really talk about on security software and why are they there.

In order for a program to provide a better protection, some data may be collected. For example: hash of files detected/flagged as false positives, in some cases any file that may be potentially included to the database. If you know how a malware database/signature works, then you'd understand why. Does this mean Avast reads all your personal documents and stores them? No, they do not.

Does your antivirus sell your personal files to local government upon request? Possibly yes. There's hardly any company that can say "no" to law. If your concern is that, do not use Windows at all. I do not know how Linux works but it's pretty much the same surely.

Some other antivirus may submit less information, but they pretty much all collect at least the basics: information to know who you are such as IP, MAC Address, system configuration to know under what circunstances malware is triggered/detected, etc.

You can google and search for antivirus that submit less information but the truth is you'll have to believe what they wrote on their website, because you'll never know what they know about you and if they give it to any government or whatever.

You can try what HarborFront commented up but i wouldn't even trust. AV-Comparatives tests upon company's payment to appear on the test, so nothing assures me they just didn't include as safe the ones who paid the most. Once again, there's nothing you can do. Privacy is a myth. Live with it or mgirate to Linux.

Im not talking about governments, im saying that a lot of programs tell you in their privacy policy that they can share (sell) the info they have from you to other companies. I already say that i know theres nothing 100% anonymous, but i dont want to someone know everything about me, and to make it worst, make money with that.
 
  • Like
Reactions: bribon77

ispx

Level 13
Verified
Well-known
Jun 21, 2017
616
i dont want to someone know everything about me, and to make it worst, make money with that.

so you are ok with them knowing some part about you but not everything about you, interesting.

well then here is my advice to you, go off-line permanently. even your cable tv provider knows what you are watching.

as for the making money part, every time you visit a website they are making money with that, be it cnn / hotmail / youtube.
 
F

ForgottenSeer 58943

but i dont want to someone know everything about me, and to make it worst, make money with that.

Your concern is VERY valid. Because frankly, even if you encrypt and/or take extreme privacy considerations on your endpoints, if your AV is closely monitoring you all of that could be rendered useless.

If recent events are of any concern, then we should be asking about how AV's can seemingly be hijacked and utilized to spy and what precautions companies take to eliminate/reduce that risk. If an AV product is limiting data transmission even if it gets shoved a compromised update it won't show too much data to the attacker anyway.

Your question is even more important to me.. I've already had 2 AV products compromised on my highly secure network. Trend Micro core files were replaced and redirecting telemetry. Just a few weeks ago Kaspersky Free was hijacked. Multiple installs were served compromised updates. Unfortunately for them when they compromised a few Kaspersky Free installs they tried to utilize a traversal protocol I block on my Fortigate by default so any impact was largely nullified.. (Zero evidence the machines were compromised, just the product itself) However by doing this they broke multiple Kaspersky Free installations causing them to be unable to update themselves and/or get hung on updates. Each one had to be manually removed and re-installed.

I don't just randomly pick an AV and install it anymore and I am involving myself in studying AV's at a deeper level. This book will scare the hell out of most people;

Wiley: The Antivirus Hacker's Handbook - Joxean Koret, Elias Bachaalany

Linux isn't viable for most people (myself included), and isn't the panacea people make it out to be.
 

Elpibe

Level 3
Thread author
Verified
Sep 26, 2015
126
so you are ok with them knowing some part about you but not everything about you, interesting.

well then here is my advice to you, go off-line permanently. even your cable tv provider knows what you are watching.

as for the making money part, every time you visit a website they are making money with that, be it cnn / hotmail / youtube.

Im not ok with that but,
don't blame the game blame the player
. I cant change how "internet works" and make companies to be more "private". How many ppl read the Terms or the Privacy Policy? 10% 5%? Its like a rule that everyone have that they must know things about you, even if it has nothing to do with the main objective of the program. Is like a music player says "i need to know all the webs you visit" in their policy, that makes any sense? (invented example just to show my POV)

Your concern is VERY valid. Because frankly, even if you encrypt and/or take extreme privacy considerations on your endpoints, if your AV is closely monitoring you all of that could be rendered useless.

If recent events are of any concern, then we should be asking about how AV's can seemingly be hijacked and utilized to spy and what precautions companies take to eliminate/reduce that risk. If an AV product is limiting data transmission even if it gets shoved a compromised update it won't show too much data to the attacker anyway.

Your question is even more important to me.. I've already had 2 AV products compromised on my highly secure network. Trend Micro core files were replaced and redirecting telemetry. Just a few weeks ago Kaspersky Free was hijacked. Multiple installs were served compromised updates. Unfortunately for them when they compromised a few Kaspersky Free installs they tried to utilize a traversal protocol I block on my Fortigate by default so any impact was largely nullified.. (Zero evidence the machines were compromised, just the product itself) However by doing this they broke multiple Kaspersky Free installations causing them to be unable to update themselves and/or get hung on updates. Each one had to be manually removed and re-installed.

I don't just randomly pick an AV and install it anymore and I am involving myself in studying AV's at a deeper level. This book will scare the hell out of most people;

Wiley: The Antivirus Hacker's Handbook - Joxean Koret, Elias Bachaalany

Linux isn't viable for most people (myself included), and isn't the panacea people make it out to be.

I dont want to random pick an AV either or just choose it because its effective. Its pros and Cons, privacy vs protection. I can live without AV, aside from keyloggers or ransomwares, a lot of malwares do what AVs and other softs do legaly, steal and sell your info.
 
  • Like
Reactions: bribon77
D

Deleted member 65228

If I was in-need of security software and was concerned regarding privacy then I would personally pick Emsisoft Anti-Malware and even disable cloud features if necessary. They have one of the neatest privacy policies for the functionality their product provides, IMO one of the best out of all the common vendors people will go to.
 
Last edited by a moderator:

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Also Emsisoft for me.

Antivirus software: protecting your files at the price of your privacy
Emsisoft | Privacy Policy

They have a privacy tab in the settings of Emsisoft Anti-Malware:

150427-version-10-privacy.png
 
Last edited:
F

ForgottenSeer 58943

I might go back to Emsisoft myself. I left it because the FP's were causing issues for 'others' in this home. I will just be more thorough with my whitelisting. That SSL checkbox in Emsisoft is more important than most people think.. Some AV's transmit on port80 which is ridiculous..

I am trying to get a license for Ahnlabs v9.0.. Not easy! Maybe considering a return to Forticlient. Now Emsisoft is added to the mix of consideration. I don't want my AV harvesting much of anything.

That AVC list is scary, companies like Trend and Webroot literally track everything and send everything out.
 
F

ForgottenSeer 58943

The most private AV for me is probably Forticlient because I control the updates, telemetry and logging. Also I can dig into the XML for it and completely disable a few logging/telemetry features. But according to AVC's audit, Forticlient was one of the ones that sends the least amount of data - that can be attenuated even further by various means. At least with Forticlient it's much less likely an update can be tampered with because my own appliance services the updates. Also you can download updates manually if you have access to the Fortinet FTP server, which I do but I am too lazy to do that with the large number of systems I have.

The only thing I am thinking is neither Emsisoft or Forticlient offer a blended solution. I already have Bit Defender scanning my gateway on Untangle in transparent. Along with ClamAV (LOL), and Fortiguard Antivirus/IPS, then on top of that Fortisandbox. Any endpoint solution I choose should logically be a completely unique engine rather than a rehash of one of the gateway scanners I have. The problem is, most custom engine/signature solutions aren't suitable for me.
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
HF that is a 3 year old analysis, may be things have changed for ahnlab too as of 2017, just my two cents :)
Agreed. Short of reading the privacy policy of the AV vendors and accepting/rejecting them there's no latest comparison table being made of the AVs
 
Last edited:
  • Like
Reactions: bribon77 and ispx

Node

Level 3
Verified
Aug 6, 2017
100
If privacy is really an extensive concern to you then I highly suggest you switch to a Linux distribution such as Whoonix, Tails, or QubesOS. Windows by itself has some sketchy things regarding privacy but in terms of other security software, they can generally access and be a MITM (man-in-the-middle) for certain objects to essentially make sure the item(s) you're visiting or that is affecting your usage isn't malicious.
 
  • Like
Reactions: bribon77
D

Deleted member 65228

You can always try to use the privacy invasion to your own advantage; for example by having fake information on your Windows profile, using VPN and pre-whitelisting any folders which will be used to store sensitive/private files - you can even sandbox your browser and have all contents of data it made during that session cleaned afterwards.

they can generally access and be a MITM (man-in-the-middle)
It is related to HTTPS scanning support, and evolves around certificates.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top