- May 16, 2013
- 844
@darko999 maybe thats why I use Kaspersky, closer to my country less bandwidth to use. 
Why does Trend Micro send telemetry to data mining firms?
- Thread starter Slyguy
- Start date
- Status
- Jan 27, 2017
- 3,318
If the CIA want's in, any AV won't really do anything to help you, and might actually increase your threat surface.
That's just the way it is. Sure, there are ways to keep the CIA out, or to make things effectively impossible for them barring local L1 physical intrusion, but for all practicality, even discussing AV's and the CIA is relatively pointless conversation IMO.
I think you failed to understand that article you posted. No offense intended. That was a vault-7 dump showing CIA talking about the 'difficulty' of various security products. In the EXTREMELY unlikely event you become a direct target for intrusion, magical security products, expensive UTM's, and placebo products won't do much to help you. That's where raw network security knowledge will be required to save you. Get those vlans out, fire up the SIEM, and point all of your traffic through an APT appliance. Barring that? Ditch Windows and enjoy your Debian/Linux box...
That's just the way it is. Sure, there are ways to keep the CIA out, or to make things effectively impossible for them barring local L1 physical intrusion, but for all practicality, even discussing AV's and the CIA is relatively pointless conversation IMO.
I think you failed to understand that article you posted. No offense intended. That was a vault-7 dump showing CIA talking about the 'difficulty' of various security products. In the EXTREMELY unlikely event you become a direct target for intrusion, magical security products, expensive UTM's, and placebo products won't do much to help you. That's where raw network security knowledge will be required to save you. Get those vlans out, fire up the SIEM, and point all of your traffic through an APT appliance. Barring that? Ditch Windows and enjoy your Debian/Linux box...
@darko999 maybe thats why I use Kaspersky, closer to my country less bandwidth to use.
LOL Russian CIA can access to Kaspersky as well. It doesn't matter what antivirus you are using at this point. CIA can access them anytime they want.
You have to beware if you a have ASUS Router with Trend Micro built-in as its AV for IoT protection
- Apr 4, 2017
- 27
I'm not worried about the CIA, after all they work for us. Am I wrong? We pay them with our taxes and elect their bosses by democratic vote.
What really worries me is that a private company gets my money in an opaque way.
If so, I'd rather infect myself with Wannacry than keep trusting them.
We pay these companies to defend ourselves against unscrupulous people.
It's going to be worse the remedy than the disease.
What really worries me is that a private company gets my money in an opaque way.
If so, I'd rather infect myself with Wannacry than keep trusting them.
We pay these companies to defend ourselves against unscrupulous people.
It's going to be worse the remedy than the disease.
- Apr 4, 2017
- 27
From your list, at least AVAST, AVG and Panda, sell your information to third parties, for example browsing habits and who knows what else.
I don't say it, they say it in their privacy policy.
Gdata blocked my license after a couple of clean Windows installations. Support says he can't help me. Very good product but discarded with this licensing policy.
I use Trendmicro after many years of trial and error with other products. It is the only one that meets all the requirements that I expect from an antivirus. (I just wish they had a real firewall)
I've tried several times Emsisoft and I don't like it.
The behavior blocker seems very primitive but effective.
This makes it useless with non-advanced users.
Any company is able to put on the market something similar. A good behavior blocker, it blocks only harmful actions and has no false positives.
SONAR, GDATA, Trendmicro are an example to follow.
The rest of the product without decent firewall and Bitdefender's definitions seem like a joke to me.
- Apr 4, 2017
- 27
The only part of an antivirus is not its definitions. Remember that Gdata uses its own definitions in addition to Bitdefender.
I have not expressed well to what degree the definitions of Bitdefender seem bad. English is not my native language. But compared to Kaspersky are nothing of any other world. Also those of Norton or Trendmicro seem better to me. The problem is that Emsisoft uses a very primitive behavior blocker, without firewall and mediocre definitions accompanying all this with constant questions that the program should be able to answer without my help.
The signatures of an antivirus, except those created in a dynamic way by machine learning, are the least important part. The companies share the definitions and in a couple of days they all detect the same.
Last edited:
In Gdata, Gdata engine/definitions vs BD engine/definitions which is better? If BD engine/definitions is better than Gdata must be a joke, right?
I know you can choose which engine to use in Gdata, however, if Gdata uses its own engine/definitions only would it be a great AV?
- Apr 4, 2017
- 27
To not overlap signatures, Gdata removes from its definitions what Bitdefender is adding to theirs.
- Apr 4, 2017
- 27
I think you know better than I do. I don't know where this conversation is going.
I just wanted to know if Trendmicro is selling my browsing habits or my privacy in general.
Because it was still bound to old PC, you didn't uninstall G Data before doing "clean win instalation", or you used it too many times, in that case, support does answer and help reseting it, my lic also got blocked but what I did was, register trial, update program/modules and enter old credentials and it worked without need to contact support.
- Sep 3, 2017
- 831
G data doesn't remove its definitions even though there is an overlap from Bit defender as well. This is done in emsisoft to reduce Cpu burden . In other words Dual engines in G data does their job independently and update signatures accordingly irrespective of its detection engine.To say further all these signatures (Engine B) are automatically processed 24/7 on VM ray machine that's completely virtualised and connected to G data (Microsoft Azure Cloud) ..hand by hand Analysts does their job as well.So its impossible to remove its own signatures before / after Bit defender detects it. You can confirm the same in Mt hub tests as well as Web blocking.
Information above is according to my tests as well as confirmation of my findings from Ralf Benzumler (Head -G DATA Security Labs).
No (Software) / AV is perfect in terms of privacy and sniffing.. though a few are better. If u want to be free from sniffing and data collection :
just remove ethernet cables and disconnect wifi and switch off your laptop
- Sep 3, 2017
- 831
Each AV company share the samples itself ith other vendors before it reach the analysts or they have a common source like VIRUSTOTAL which is checked by all AV vendors multiple times a day for new hashes. Some even sit beside it 24/7 365 days a year to scan and update their Databases (BLINDLY) faster than ever (Off-topic)
So there is no independency during journey of samples but REAL INDEPENDENCY comes into scene whether they are analyzing the sample in the labs or blindly adding signatures as a proof from other TOP AV vendors:notworthy:
..>95% of the vendors follow it including some highly over rated AV (s) .Which AV vendors "copy" others and "blindly" add sigs without analyzing them first? Are you talking about X vendors who use e.g Bitdefender engine, and as a result F-Secure in your definition copy Emsisoft, so multiple vendors in VT shows up with same Bitdefender signature? Not really sure what you are saying.
Last edited by a moderator:
- Sep 3, 2017
- 831
VirusTotal, a service owned by Google that allows anyone to upload suspicious files, aggregates data and shares information with security firms. The service aims to help internet hygiene by flagging up instances where security vendors have not yet detected particular malware samples.Which AV vendors "copy" others and "blindly" add sigs without analyzing them first? Are you talking about X vendors who use e.g Bitdefender engine, and as a result F-Secure in your definition copy Emsisoft, so multiple vendors in VT shows up with same Bitdefender signature? Not really sure what you are saying.
To answer..its not about Bit defender..or its dependent Vendors (F secure , Emsisoft or G data ..)-- Have their own technologies beside 3rd party
VIRUS TOTAL -- Dr web tested rivals and results are same .
Viral virus bunfight: Dr Web tested rivals like Kaspersky Lab
The point is not Dr Web/ Kaspersky..but moscow vendor long ago before even kaspersky said that 95% of the vendors scan on the hashes and update DB with same FP'S as well..and walked out from VIRUS BULLETIN stating this
Proof: One prominent AV vendor (in MT) in my test detected DR.WEB website as a PHISHING website for 3 months.
reason is they simply copied from the Live feed Phishing list and blindly updated to their DB
When i shared the details in MT..it was removed right away..Do you think it is a FALSE POSITIVE and leave it
That how now the business is.. PITY
- Apr 4, 2017
- 27
G data doesn't remove its definitions even though there is an overlap from Bit defender as well. This is done in emsisoft to reduce Cpu burden . In other words Dual engines in G data does their job independently and update signatures accordingly irrespective of its detection engine.To say further all these signatures (Engine B) are automatically processed 24/7 on VM ray machine that's completely virtualised and connected to G data (Microsoft Azure Cloud) ..hand by hand Analysts does their job as well.So its impossible to remove its own signatures before / after Bit defender detects it. You can confirm the same in Mt hub tests as well as Web blocking.
Information above is according to my tests as well as confirmation of my findings from Ralf Benzumler (Head -G DATA Security Labs).
No (Software) / AV is perfect in terms of privacy and sniffing.. though a few are better. If u want to be free from sniffing and data collection :
just remove ethernet cables and disconnect wifi and switch off your laptop
- Sep 3, 2017
- 831
It is dedicated to paper work.. 90% of the G data static detections would be same in combo with 2 engines..
Have a look at its tests in MT or Youtube.
- Apr 4, 2017
- 27
It may be so. But back to the question of whether Gdata is a joke because they use the definitions of Bitdefender, I still say no. Gdata has other powerful modules that are more important than the signatures. What's more, the signatures of all antivirus are a joke if they are not accompanied by other modules. We have all seen real Malware not detected for weeks in VirusTotal by almost any antivirus signature and this is easily blocked by the pro active modules of several companies.
- Sep 3, 2017
- 831
Q is not about G data or F secure about how blind the av vendors working on..
Regarding G data - OFF TOPIC
Myself a G DATA user for 6 yrs
- Status
Similar threads
