VPN seems like a gigantic "Man In The Middle" attack on my security --

Avast Free Antivirus / Premium Security
1

Can you explain? All of my sensitive communication is being filtered through your servers.

It just seems like a gigantic security hole. Who controls the encryption key? Avast or me ??

2

If you could give some details about your problem then maybe somone from avast is able to explaine :wink:

3

This forum is for the av applications and not for avast SecureLine.

4

I actually don’t have a problem, so this Avast email on Sep 22 suggests that I should look for one.

Subject: "What else would you do online, if you knew it was 100 percent safe?

Hacking into your internet connection is shockingly easy — the instructions are available on the web! And that’s just the criminals — there’s nosey neighbors, annoying advertisers, or curious government agencies peeking into your personal business.

What is Avast SecureLine VPN?

A Virtual Private Network, or VPN, is an app that encrypts your internet connection. With the click of a button, everything you do online is covered under an impenetrable blanket — and nobody can see what you’re doing underneath.


What could possibly go wrong?
5

Wrong
Avast has servers all over the world.

6

http://screencast-o-matic.com/screenshots/u/Lh/1506292239776-67598.png

http://screencast-o-matic.com/screenshots/u/Lh/1506292199910-6198.png

http://screencast-o-matic.com/screenshots/u/Lh/1506292094039-91387.png

7

As far as I’m aware, the Avast SecureLine VPN product isn’t free, so I don’t know how it could be on your system and working if you didn’t know/pay for it ?

8

For the original question, it’s kinda irrelevant where the servers are.

I wouldn’t really call it a “gigantic security hole” as VPN is quite a standard thing. Now VPN won’t “decrypt” e.g. your HTTPS communication - it’s just another layer on top of that - but yes, the servers can see the plaintext data of your communication, simply because they have to forward your traffic.
So it all comes down to trust - if you don’t trust Avast (or the particular VPN provider in general), you probably don’t want to install their VPN and route your traffic through their servers.

I think the same actually applies to an antivirus…

9

@1n1r2

Possibly are you asking about “Real Site”

https://www.avast.com/faq.php?article=AVKB188

If not my apologies.

10

Well, if you pay for VPN you probably have a reason.
For instance you don’t want to be traced, or you need to access some services that are blocked for your country, or maybe you surf the web from a public hotspot and you want to encrypt all your communications.
Using anyone’s servers, like Avast’s, is not “zero risk”, but it’s a trade-off. You do that if you think the risks in using Avast VPN are less relevant than the benefits you get from their VPN. Like others said it is a matter of trust, but let me add it’s a matter of economic interest too. If Avast spied on you, and were caught, nobody would use their products any more. That would cost them a lot of money, besides legal consequences. Of course that doesn’t mean they can’t be hacked (see what just happened with the CCleaner incident), but the same could be said for your ISP provider, your email provider, your social networks, your operating system and software programs, etc. etc.