@SweetieBelle: Where have you found that list on image in first post?
That’s what got me asking questions. The file is quite dated (2014) and many of the products have been updated and changed extensively since that time. For example, AhnLab’s offering has a completely new engine. It’s too bad there’s no update to the file.
I have asked quite a few companies offering AV products so far. All but one still appear to transmit personally identifying information after opting out, sometimes in plaintext. (Avast not included because they have not answered)
The general rule is simply that you cannot opt out.
Emsisoft was very forthcoming, explained exactly what was sent, how the back end of various features work, how they protect the data and so on. Their EULA is very clear that they do not sell, rent or pass on any data that they do collect.
If you opt out, the product will still work, you will still get updates, but the program hashes will not be sent so you will have to define which programs are trusted or not yourself. This is expected.
The URL filtering is based on a predefined local list, as opposed to scanning each page or sending the URL to a remote server.
My findings have been rather disturbing in general and privacy has not been preserved for the majority of AV products. I know this is consistent with most applications and even windows of course, however being able to control ones data is a selling point. Not everybody will lock these products down, but the option should be there.
Windows 10 has come under fire for near useless privacy controls. There is still a lot of data transmitted, even unencrypted. (Typically that occurs when multiple encrypted transmissions have failed). It can even bypass hosts file imposed restrictions.
Products that are expected to be trustworthy should be scrutinised.
Deceptive and untoward conduct, or misconduct if you will, can have national security implications. People trust this software due to preconceived beliefs held in regard to antivirus and firewall programs.
Russia accused of spying on U.S. officials using Kaspersky software
OCTOBER 11, 2017, 7:38 PM According to multiple reports, Israeli spies tipped off the NSA that Russia was spying on them, using antivirus software made by the Russian company Kaspersky Lab. Frank Cilluffo, Director of the Center for Cyber and Homeland Security at George Washington University and former senior homeland security official to former President George W. Bush, joins CBSN to discuss what these allegations mean.
I would like to know if for instance Avast does this locally with their list of URLs that trigger a popup. Most days I get a popup trying to scare me into buying their VPN or some other paid extra. Exactly when I visit a site. Obviously this is triggered by that visit. It’s too precise. Is this a local list or does Avast transmit every URL visited to themselves? Or maybe statistics about hits on the list. Aggregated or otherwise.
This when all the mentioned options known to transmit information have been disabled. So reputation services, Avast community, data sharing, cybercapture.
If a dev or PR person could weigh in, that’d be swell.
Have you got any answers from Avast by PM or the topic is going to be buried?
They have not replied to me in PM. They are now the only ones I have asked that have flat out not replied.