I was just sent a beta of a commercial product following my reporting a problem.
When I tried to install it, Avast said it was "very rare (!) and potentially dangerous and forwarded a copy to Avast Virus Lab. I don’t have the right to distribute this product so if you’d asked I would have refused.
I’m just curious whether you have considered the legal implications of stealing software like this?
FWIW: I trust both Avast and the supplier of the software, but I do think you ought to get the user’s permission - then it’s just piracy not theft - and he can say no.
As an avast user like yourself, I don’t see a problem with this as you aren’t distributing it, because this is very new and unknown it is uploaded to be analysed. Having been analysed, it is less likely to be detected as “very rare (!) and potentially dangerous” this not only helps you but inadvertently the company as its product is less likely to be pinged.
Many modern AV have cloud resources as it aids learning on new potential threats and takes a lot of the load of the users system.
It doesn’t help anybody as this was a beta which will probably contain debug traps, or at the very least a different version code, so will be a different binary to that which is finally distributed.
I guess I feel slightly violated. I’m uncomfortable that Avast takes the view that files on my PC can be uploaded without my permission. Maybe Avast will limit itself to install files and not my accounts or password vault. You wouldn’t expect a friend that you invited into your home to avail himself of things even if he knows you don’t want them.
In any case that file might have been distributed under commercial-in-confidence (or “for your eyes only” if I worked in MI5 which I don’t. Then I’d have to kill them all!!: ;)).
It depends on the reason you invited that friend into your house. In Avast’s case, it was for the express reason of keeping your computer (files) safe. With that in mind, Avast was doing it’s job and the job you expected it to do.
You would have to disable lots of elements that use the cloud services, reputation services, CyberCapture, Hardened Mode - Aggressive (if you use this). These are the ones that come to mind, I don’t know if there are more of the live shields that would also check the avast cloud.
I don’t feel violated, I feel protected, but each to their own.
The problem is many of the AVs out there use cloud services.
Hi,
you reported the official and neccesary behaviour of your anti-virus program.
If you share business secrets via the internet you should encrypt them
It’s not like anyone at avast! will actually look at it. They get thousands of files every minute. Your file will just pass through automated systems that don’t really care about anything other than whether it’s malware or not.
Hello,
if you don’t want to share the files you can disable it in settings (both checkboxes in “Privacy”) and also disable CyberCapture feature in General settings.
MSE 4.10 doesn’t use cloud services, yet has a detection rate of 99.6% for widespread and prevalent malware and 100% for 0-day malware attacks, inclusive of web and e-mail threats
@ John712,
Sorry but you are incorrect in your belief. The following comes directly from Microsoft’s mouth:
“In relatively rare cases, when Windows Defender AV needs additional intelligence to verify the intent
of a suspicious file, it sends metadata to the cloud protection service, which can determine
whether the file is safe or malicious within milliseconds”.
Thank you for your answer, but… all links are about Windows Defender and not about MSE.
For MSE, in order to have cloud detection enabled , you have to have MAPS selected, which, for privacy reason it is not recommended.
