Hello Avast community. It’s a while I’ve been using the Avast 6 version. Now it updated to version 7. Great great, until I notice that there’s a new “Feature” called Remote Assistance. >:(
The problem with this “feature” is that ANYONE who can open the avast interface can allow ANYONE to completely control the computer. It also proudly says it “bypasses firewalls” and “routes through avast servers”. :-[
Say a library has avast installed, they nicely put in admin passwords etc, but forgot AVAST PASSWORD! Then a user clicks on REMOTE ASSISTANCE code, calls his criminal friends, and BAM!! Post-exploitation fase. Or if a employee with industrial secrets with all his files encrypted has AVAST, but in all his troubles didn’t password protect it, a criminal could activate REMOTE ASSISTANCE, install a bootkit/rootkit, and VOILA!
Avast, a company protecting “150 000 000” users, must be VERY proud how it uses malware techniques for “convenience” of its user. ???
How many of those “150 000 000” users have a password for avast, hm? Even if they all would have a 7 word diceware phrase, this “feature” is another added complexity which can be exploited.
SO, Avast, if you actually CARE about the security of your users, and not how GOOD you LOOK for CONVENIENCE, REMOVE this “Feature” from avast. If you want, you can make it available as a separate package for users who, despite the above, want this “Feature”.
THANKS!
Indoctor
EDIT: Finally, after 5 pages of senseless arguing, avast developers show some transparency.
http://forum.avast.com/index.php?topic=93989.msg749530#msg749530
Topic subject edited.