Avast WEBforum

Consumer Products => Avast Mac Security => Topic started by: somehacker on June 16, 2015, 07:30:10 PM

Title: SecureLine VPN Auto Install?
Post by: somehacker on June 16, 2015, 07:30:10 PM
Is sneaking software onto my machine a new business model for you?

That's the kind of scummy behavior I expect from craphole download sites, not (supposedly) reputable software companies. How about you never do that again?
Title: Re: SecureLine VPN Auto Install?
Post by: Asyn on June 16, 2015, 07:30:48 PM
See: https://forum.avast.com/index.php?topic=172142.0
Title: Re: SecureLine VPN Auto Install?
Post by: somehacker on June 16, 2015, 08:20:39 PM
I already figured out how to get rid of it.

I want to know that you won't do it again.
Title: Re: SecureLine VPN Auto Install?
Post by: specimen9999 on June 16, 2015, 08:39:16 PM
I want to know that you won't do it again.

lol
Title: Re: SecureLine VPN Auto Install?
Post by: somehacker on June 16, 2015, 08:41:05 PM
lol

Yeah, that's what I'm expecting too. I'm about to uninstall and add Avast to my list of crapware vendors.
Title: Re: SecureLine VPN Auto Install?
Post by: specimen9999 on June 17, 2015, 02:25:00 AM
lol

Yeah, that's what I'm expecting too. I'm about to uninstall and add Avast to my list of crapware vendors.

The lol was in reference to the 'air of self-importance' of your comment.
Title: Re: SecureLine VPN Auto Install?
Post by: freiheitner on June 17, 2015, 02:25:38 AM
I got this too. Thankfully I had a good outbound firewall installed (Little Snitch) which let me know this unexpected and unwanted app was trying to make a connection.  Avast has been removed from my machine.  I'm sure it's no big deal to Avast since they weren't making any money off me with their free anti-virus, but they're sure as heck not going to make money off me by sneaking software onto my machine and installing it without my knowledge.  I thought Avast was in the ANTI-malware business.  I don't think I'll be using them again for anything.

Don
Title: Re: SecureLine VPN Auto Install?
Post by: freiheitner on June 17, 2015, 02:29:23 AM
lol

Yeah, that's what I'm expecting too. I'm about to uninstall and add Avast to my list of crapware vendors.

The lol was in reference to the 'air of self-importance' of your comment.

I think it's hardly an air of self-importance to expect that an anti-malware company not surreptitiously install software on a user's machine.  That's pretty much rule #1 of anti-malware -- don't install things the user didn't ask for.

Don
Title: Re: SecureLine VPN Auto Install?
Post by: Eddy on June 17, 2015, 02:37:28 AM
avast doesn't install software without the users approval.
So if secure line was installed, you have given permission for it to install.
Title: Re: SecureLine VPN Auto Install?
Post by: graysonkilmer on June 17, 2015, 04:42:02 AM
avast doesn't install software without the users approval.
So if secure line was installed, you have given permission for it to install.

incorrect.
my experience, and probably everyone else here, was that this software installed overnight without any warning from avast, opening avast or clicking any "okay" dialogue in avast.

if you mean that years ago, when we first installed and agreed to the TOC, there was fine print on the 18th page that said avast has the right to install additional software... then fine, jokes on us, you got us....
however, I think its a stretch to say that this qualifies as us purposefully downloading the application.

its nice to see the mods rub it in our face though instead of understanding the users frustration.


if only there was software that could prevent unwanted software from being installed in the background without our knowledge.....

 
Title: Re: SecureLine VPN Auto Install?
Post by: tumic on June 17, 2015, 11:57:55 AM
Is sneaking software onto my machine a new business model for you?
This "freemium" business model is used by Avast for more than a decade, so the answer is no,
it's nothing new.

That's the kind of scummy behavior I expect from craphole download sites, not (supposedly) reputable
software companies. How about you never do that again?
I'm sorry, but as this is an essential part of the company business strategy, it will for sure happen again.

Every time we add a new component to Avast Mac Security (no matter whether paid or not), it will not only
be part of the installation, but also part of the program update. For paid components You will however not
be forced to use them and always have the possibility to uninstall them, if you wish.
Title: Re: SecureLine VPN Auto Install?
Post by: somehacker on June 17, 2015, 12:04:56 PM
Is sneaking software onto my machine a new business model for you?
This "freemium" business model is used by Avast for more than a decade, so the answer is no,
it's nothing new.

That's the kind of scummy behavior I expect from craphole download sites, not (supposedly) reputable
software companies. How about you never do that again?
I'm sorry, but as this is an essential part of the company business strategy, it will for sure happen again.

Every time we add a new component to Avast Mac Security (no matter whether paid or not), it will not only
be part of the installation, but also part of the program update. For paid components You will however not
be forced to use them and always have the possibility to uninstall them, if you wish.

And here I thought you were a reputable company. Your software has been removed from my machine. I'll be sure to share my experience every chance I get.
Title: Re: SecureLine VPN Auto Install?
Post by: Eddy on June 17, 2015, 12:06:43 PM
avast is a reputable company.
They can't help it if users don't know things.
Title: Re: SecureLine VPN Auto Install?
Post by: freiheitner on June 18, 2015, 05:16:18 AM
avast is a reputable company.
They can't help it if users don't know things.

I'm not sure whether to call that comment ignorant or arrogant. Not knowing that a piece of software has downloaded, installed and launched a completely separate piece of software in the background without providing the user with any form of option is not what a rational person should consider to be the user's fault. You don't know what you don't know. Now that I know Avast is sneaking in separate apps AND LAUNCHING THEM without any action on my part, I know that Avast is no longer reputable. I too will gladly share my thoughts on this matter with others. This is not good business for a self-proclaimed anti-malware company.
Title: Re: SecureLine VPN Auto Install?
Post by: Eddy on June 18, 2015, 05:30:41 AM
avast is not sneaking in anything, they are honest and open about it.
Title: Re: SecureLine VPN Auto Install?
Post by: somehacker on June 18, 2015, 01:16:32 PM
avast is a reputable company.
They can't help it if users don't know things.
avast is not sneaking in anything, they are honest and open about it.

Wow. Know why users don't know things? Your honest and open company installed it without asking.

Your break with reality is amazing.
Title: Re: SecureLine VPN Auto Install?
Post by: Davidek on June 18, 2015, 02:28:08 PM
Hi,

I hear the frustration expressed here but I do feel it's being a bit harsh.  Avast has an AV security product that is made up of different modules.  The VPN is another module in the whole ecosystem of the software package.  If you see it from that angle then I hope you can understand what our intent was.  It certainly is not to sneak anything past our users.  The icon is prominently placed on the top menu bar and it's easy to uninstall.  No one is required to use or purchase the module at all.

Any software that is installed needs to do updates from time to time and part of that is to install new features that the software makers believe will add value to their end users.  This case is no different.  We've gotten plenty of requests to offer a VPN and it's a legitimate security feature/tool.  We don't log users behaviour and our intent is to give you a tool to stay private online.

So, we'll certainly consider the feedback and try to do better in the future.

Thanks,

Davidek
Title: Re: SecureLine VPN Auto Install?
Post by: Eddy on June 18, 2015, 06:13:42 PM
It is not my company, nor do I work for avast.

Users can read about new things on avast's website (blog) as well as here on the webboard.
They are (exceptions prohibited) not forced to install a update, it is their own choice.
Title: Re: SecureLine VPN Auto Install?
Post by: somehacker on June 18, 2015, 11:12:52 PM
Hi,

I hear the frustration expressed here but I do feel it's being a bit harsh.  Avast has an AV security product that is made up of different modules.  The VPN is another module in the whole ecosystem of the software package.  If you see it from that angle then I hope you can understand what our intent was.  It certainly is not to sneak anything past our users.  The icon is prominently placed on the top menu bar and it's easy to uninstall.  No one is required to use or purchase the module at all.

Any software that is installed needs to do updates from time to time and part of that is to install new features that the software makers believe will add value to their end users.  This case is no different.  We've gotten plenty of requests to offer a VPN and it's a legitimate security feature/tool.  We don't log users behaviour and our intent is to give you a tool to stay private online.

So, we'll certainly consider the feedback and try to do better in the future.

Thanks,

Davidek

I used to pay for you product. I will not be doing so again. I installed an antivirus product, nothing else. Installing additional software without notification or permission is not acceptable behavior for a reputable company.

That's the same crap Bonzi Buddy pulls. Do you like the company you're keeping?

It is not my company, nor do I work for avast.

Users can read about new things on avast's website (blog) as well as here on the webboard.
They are (exceptions prohibited) not forced to install a update, it is their own choice.

Your apologetics need work. I shouldn't have to follow Avast's blog to know that they're going to install something on my computer. It's also worth pointing out that the default behavior is to auto-update. Your assertion that we had a choice in the matter has more holes than a colander.
Title: Re: SecureLine VPN Auto Install?
Post by: Eddy on June 18, 2015, 11:54:21 PM
Quote
I installed an antivirus product, nothing else.
You are wrong.
You installed a security product, not just a anti-virus product.
Nowadays there is no such thing as a anti-virus product anymore.
Quote
Installing additional software without notification or permission is not acceptable behavior for a reputable company.
It is not additional software, it is part of the security package that you have chosen to install.
avast did notify the users.
Only thing the users have to do is reading the changes on the avast website and/or on this webboard.
By installing the software you agreed with the terms/license conditions, that means you have given permission.
Users have the option to disable automatic updates.
Quote
It's also worth pointing out that the default behavior is to auto-update.
Ofcourse the default is auto-update.
It will make sure the user has the latest/best protection there is without having to worry about it.
Title: Re: SecureLine VPN Auto Install?
Post by: somehacker on June 19, 2015, 12:24:27 AM
Quote
I installed an antivirus product, nothing else.
You are wrong.
You installed a security product, not just a anti-virus product.
Nowadays there is no such thing as a anti-virus product anymore.
Quote
Installing additional software without notification or permission is not acceptable behavior for a reputable company.
It is not additional software, it is part of the security package that you have chosen to install.
avast did notify the users.
Only thing the users have to do is reading the changes on the avast website and/or on this webboard.
By installing the software you agreed with the terms/license conditions, that means you have given permission.
Users have the option to disable automatic updates.
Quote
It's also worth pointing out that the default behavior is to auto-update.
Ofcourse the default is auto-update.
It will make sure the user has the latest/best protection there is without having to worry about it.

That's funny, when I installed the software it was called Virus Protection, not Avast kitchen sink. There are tons of anti-virus only products. Making things up doesn't make you correct.

It is most certainly additional software. It's even a separate application.

EVERY other piece of software I have notifies me when it changes features or wants to install something new. NONE of them make me read their blog to find out about updates.

Seriously, who reads T&C? Doesn't matter anyway, because putting something in the T&C doesn't make it good behavior.

Updates are good. Teaching users that they can't trust update channels is bad. Get your head straight and stop defending bad behavior.

EDIT: I'd also like to point out the huge number of views on the uninstall thread (~3500 at time of edit). It's obvious that this was unwelcome. How's that sinking ship of an argument feel?
Title: Re: SecureLine VPN Auto Install?
Post by: doc4 on June 19, 2015, 02:33:47 AM
I installed avast to prevent software I don´t want to be installed on my mac. Discovering that you yourself – without asking me – do what I installed your software to prevent, takes away all your credibility. So I will remove your products. And encourage everyone else to do the same.

No-one will trust a security company that violates the security they claim to protect.
Title: Re: SecureLine VPN Auto Install?
Post by: honesey on June 20, 2015, 03:16:49 AM
I'm in the same boat with my mac. Came down via an auto update with no user consent, no asking for my mac password, nothing.

I wouldn't have minded if it said avast is going to install this, hence giving me an option to either agree or opt out then no issues, should have known better though when the big scandal hit with the safe price and toolbar stuff. Since it hadn't I have also uninstalled avast from my mac and installed another a/v onto it.

I will also be telling everyone to avoid avast like the plague on both windows and mac, don't get me wrong awhile back you used to be good, granted you could kill the popups and voices, but now you have just become like AVG. Over bloated and trying to pass on other services to users when all they want is a good free antivirus. Yes I understand you have to make money and or inform users of your premium product (s) but seriously it should be the users choice.
Title: Re: SecureLine VPN Auto Install?
Post by: m132456 on June 21, 2015, 08:42:48 AM
I've used Avast for years, will continue to do so, but, this caused a heap of trouble for me.

I was installing a separate VPN client (as I believe it is a good idea) just the other day, and was installing lots of stuff from CNET and the likes as I'm setting up a new Mac. It took me a while to figure out (1) what Secureline VPN was and (2) Who installed it (it wasn't me, and I couldn't believe for sure it was Avast - I figured it could be that my new VPN provider worked with Avast or that it was pure malware). And then how to remove it, I just quit it and dragged it to the trash - I hope that's enough.

Anyway, what's wrong with giving the users a choice? A clear message saying we offer a 7 day trial of our new blablabla and then install if the user accepts would have sufficed.

Like I said, a VPN is a good idea, but it also depends on whether you trust your provider or not. Avast so far hasn't showed why they should be trusted above anyone else.
Title: Re: SecureLine VPN Auto Install?
Post by: specimen9999 on June 21, 2015, 10:23:38 AM
I've used Avast for years, will continue to do so, but, this caused a heap of trouble for me.

I was installing a separate VPN client (as I believe it is a good idea) just the other day, and was installing lots of stuff from CNET and the likes as I'm setting up a new Mac. It took me a while to figure out (1) what Secureline VPN was and (2) Who installed it (it wasn't me, and I couldn't believe for sure it was Avast - I figured it could be that my new VPN provider worked with Avast or that it was pure malware). And then how to remove it, I just quit it and dragged it to the trash - I hope that's enough.

Anyway, what's wrong with giving the users a choice? A clear message saying we offer a 7 day trial of our new blablabla and then install if the user accepts would have sufficed.

Like I said, a VPN is a good idea, but it also depends on whether you trust your provider or not. Avast so far hasn't showed why they should be trusted above anyone else.

That's not the correct was to uninstall it, there's a uninstall option from inside the Secureline app in the top menu, there are other important tidbits left in the system besides the .app.
Title: Re: SecureLine VPN Auto Install?
Post by: Eddy on June 21, 2015, 05:52:28 PM
Quote
There are tons of anti-virus only products. Making things up doesn't make you correct.
No there are not. Viruses are very rare nowadays. anti-virus is a name from the old days and is nowadays basically a misnomer. Tools like avast detect a lot more than just viruses. e.g. Trojans, Browser Hijackers, Pup's etc. I dare to bet you can't even name one true anti-virus product that nowadays exist.
Quote
It is most certainly additional software. It's even a separate application.
As I said, it is a security package.
Quote
I'd also like to point out the huge number of views on the uninstall thread (~3500 at time of edit).
3500 views is not the same as 3500 people. People who don't have a problem with it normally don't post it. If the did it would be at least several millions of people saying they are happy with it.
Quote
Avast so far hasn't showed why they should be trusted above anyone else.
Get the huge clue. avast is the largest in this field of expertise.
Title: Re: SecureLine VPN Auto Install?
Post by: somehacker on June 22, 2015, 01:24:21 AM
[I dare to bet you can't even name one true anti-virus product that nowadays exist.
Sophos Endpoint AV. McAfee AV. Symantec AV. Eset NOD32. Get out of fantasy land and stop acting like you know what you're talking about.

As I said, it is a security package.
Saying it a second time isn't much of a refutation. It's like you're repeating yourself because you don't want to listen to the truth.

If the did it would be at least several millions of people saying they are happy with it.
What did I tell you about making things up?

Get the huge clue. avast is the largest in this field of expertise.
Is that field installing things without asking? Behaving like a drive by downloader?


EDIT:
I just found out Avast man in the middles all of your SSL traffic if you don't disable the scan secured connection option in webshield. Why should I trust a "security package" to spy on my online bank account? My medical records? You're out of your mind if you can't see how big of a security problem that is.

How can you be defending this company?
Title: Re: SecureLine VPN Auto Install?
Post by: tumic on June 22, 2015, 03:21:33 AM
I just found out Avast man in the middles all of your SSL traffic if you don't disable the scan secured connection option in webshield. Why should I trust a "security package" to spy on my online bank account? My medical records? You're out of your mind if you can't see how big of a security problem that is.

Well, if the data shall be checked by the AV, they must be "spied" by the AV. And I would really like to know, where the "security problem" is (and why it is at the same time not a security problem, that your browser and operating system "spies" your bank account). If you don't trust Avast, then do not install it. Because at the moment you install Avast, it has access to any data on your machine regardless wheter HTTPS scanning is on or off...
Title: Re: SecureLine VPN Auto Install?
Post by: somehacker on June 22, 2015, 03:45:24 AM
Well, if the data shall be checked by the AV, they must be "spied" by the AV. And I would really like to know, where the "security problem" is (and why it is at the same time not a security problem, that your browser and operating system "spies" your bank account). If you don't trust Avast, then do not install it. Because at the moment you install Avast, it has access to any data on your machine regardless wheter HTTPS scanning is on or off...

I like the use of superfluous quotes to try to discredit me. Arguments work better when you use sources or logic instead of cheap tricks.

If all you're watching for is unwanted software, you don't need to spy on my SSL connections in my browser. You can get everything you need through normal system monitoring.

I uninstalled all of your products when you installed SecureLine without my permission. Seeing as you look official, why the hell did your company think it was okay to do that?

Title: Re: SecureLine VPN Auto Install?
Post by: Eddy on June 22, 2015, 03:47:11 AM
Quote
Sophos Endpoint AV. McAfee AV. Symantec AV. Eset NOD32
Welcome to the real world. Neither of them is a plain anti-virus product. You should start with learning the differences between all kinds of malware. A virus is just one form of them. Protection against only viruses is like having no protection at all. As I said "anti-virus" is a name from the old days. It is still being used to avoid confusion amongst the users. A better name nowadays would be "anti-malware" or "anti-thread(s)".
Quote
because you don't want to listen to the truth.
The truth is that you have a lack of knowledge. Here is a good place to start for you: https://en.wikipedia.org/wiki/Malware
Quote
Is that field installing things without asking?
That is the freemium business model that the avast staff thinks will bring in the most revenue. It is used for many years by many (small/medium/large) companies worldwide. And no not everyone is happy with this business model, including people from avast. https://forum.avast.com/index.php?topic=169059.msg1225615#msg1225615
Title: Re: SecureLine VPN Auto Install?
Post by: somehacker on June 22, 2015, 01:19:20 PM
avast is not sneaking in anything, they are honest and open about it.

I'm amazed you haven't suffocated from having your head in the sand this long. In what way is installing and running something without notifying the user or getting permission from them not sneaking? How is that open or honest?

Before you tell me to read the blog again: Have you ever read Hitchhiker's Guide to the Galaxy? Remember the beginning with Arthur's house and the bulldozer? The Vogons with the Earth? That's the same thing you're defending.

Seriously, stop repeating yourself and come up with a real argument or get out of this thread. You're not contributing anything.

Welcome to the real world. Neither of them is a plain anti-virus product. You should start with learning the differences between all kinds of malware. A virus is just one form of them. Protection against only viruses is like having no protection at all. As I said "anti-virus" is a name from the old days. It is still being used to avoid confusion amongst the users. A better name nowadays would be "anti-malware" or "anti-thread(s)".
You're nitpicking terms instead of coming up with a real defense. Doesn't matter though, because none of those products do anything besides protect my computer from running unwanted software. Tell me again how I'm wrong.

The truth is that you have a lack of knowledge. Here is a good place to start for you: https://en.wikipedia.org/wiki/Malware
I'm familiar with malware. What does VPN software have to do with it? Tell me I don't know what I'm talking about again. I'm loving this.

That is the freemium business model that the avast staff thinks will bring in the most revenue. It is used for many years by many (small/medium/large) companies worldwide. And no not everyone is happy with this business model, including people from avast. https://forum.avast.com/index.php?topic=169059.msg1225615#msg1225615
Freemium is where you offer a bare bones product that has features you can unlock for money. The business model you're talking about is the one used by Ask Toolbar and Bonzi Buddy. That one's called scummy.
Title: Re: SecureLine VPN Auto Install?
Post by: tumic on June 22, 2015, 01:20:17 PM
I like the use of superfluous quotes to try to discredit me. Arguments work better when you use sources or logic instead of cheap tricks.

Sorry, but  you are the one that discredits himself by not giving arguments and using cheap tricks. It is You that writes: " You're out of your
mind if you can't see how big of a security problem that is", but can not explain the "security problem"...

If all you're watching for is unwanted software, you don't need to spy on my SSL connections in my browser. You can get everything you need through normal system monitoring.

What is "normal system monitoring"? If you mean filesystem scanning, than this is not sufficient for preventing numerous
malware attacks that are executed from memory as the browser loads some content from the network. Such malware may
never "see" the filesystem and still be executed and that's why the webshield is there.
Title: Re: SecureLine VPN Auto Install?
Post by: somehacker on June 22, 2015, 01:29:14 PM
Sorry, but  you are the one that discredits himself by not giving arguments and using cheap tricks. It is You that writes: " You're out of your
mind if you can't see how big of a security problem that is", but can not explain the "security problem"...
Sorry, I was too busy using "cheap tricks" like logic and examples. I missed that. The problem is that you've put a piece of software on my computer that has the express purpose of spying on me, then done something to show you can't be trusted. How do I know you're not sending my data back to your company? How do I know you're not sharing it with other people?

Aside from the trust problems: How do I know your SSL implementation is good? Is your source code open? Has it been audited? May I see the report?

I'll answer your next question when you answer all of mine. Why the hell did your company think it was okay to install SecureLine without notification or permission?
Title: Re: SecureLine VPN Auto Install?
Post by: tumic on June 22, 2015, 02:36:13 PM
The problem is that you've put a piece of software on my computer that has the express purpose of spying on me, then done something to show you can't be trusted.
It was not us who installed Avast onto your computer...

How do I know you're not sending my data back to your company? How do I know you're not sharing it with other people?
We do. And you have agreed with that in the license when installing Avast.

Aside from the trust problems: How do I know your SSL implementation is good?
You don't. But how do you know, that your browsers implementation is good? Even if it is opensource,
you really have gone through every line of the code and are sure there is no bug? In 2014, every major
SSL/TLS implementation had a serious security issue. Have you known that before it was discovered?
Or are you using your own browser with your own SSL implementation and so You are not affected by
bugs in all that "bad" implementations?!

Does all that sound absurd? Of course it does. But it is as absurd as writing "aside from the trust
problems". Unless being a security expert with lots of free time, You only have trust available to judge
whether some SSL implementation is good or not.

Is your source code open? Has it been audited? May I see the report?
No. No. No.

Why the hell did your company think it was okay to install SecureLine without notification or permission?
Because it is considered being a part of the "Security suite" you have installed. A new part but still a part of it.

And now that I have answered all your questions, I would like to know why you consider the HTTPS scanning
option a "security problem". Or to be more precise why you consider just this particular option a security problem
in a software suite, that runs several components under root and even has its own kernel modules loaded
(thus having access to any data on your computer).
Title: Re: SecureLine VPN Auto Install?
Post by: somehacker on June 22, 2015, 11:44:01 PM
It was not us who installed Avast onto your computer...
A fair point. I misspoke. You had a piece of software on my computer capable of spying on me, and then you did something showing how untrustworthy you are.

We do. And you have agreed with that in the license when installing Avast.
I meant all of my browser activity and sensitive info. Are you admitting to that?

You don't. But how do you know, that your browsers implementation is good? Even if it is opensource,
you really have gone through every line of the code and are sure there is no bug? In 2014, every major
SSL/TLS implementation had a serious security issue. Have you known that before it was discovered?
Or are you using your own browser with your own SSL implementation and so You are not affected by
bugs in all that "bad" implementations?!
I haven't been through every line, but I have examined several. The fact that yours is closed source is not a good thing.

The fact that every implementation had serious flaws found wasn't a surprise to most people in the security community. We had been expecting vulnerabilities to be discovered in some of the older ciphers for quite some time. Qualys' SSL Labs tool has been suggesting disabling most of the problematic SSL options since before the vulnerabilities were found.

Does all that sound absurd? Of course it does. But it is as absurd as writing "aside from the trust
problems". Unless being a security expert with lots of free time, You only have trust available to judge
whether some SSL implementation is good or not.
Actually, the only absurd thing here is a closed source SSL implementation.

No. No. No.
You have a closed source SSL implementation that hasn't been audited? Holy ... that's really bad. Rule #1 of crypto is never roll your own. If you haven't even had someone audit your code, you're just hoping nothing bad ever happens. I'm failing to find the words to express how horrifyingly bad that is. So glad I uninstalled.

Because it is considered being a part of the "Security suite" you have installed. A new part but still a part of it.
I installed antivirus! Not a suite! Seriously,

And now that I have answered all your questions, I would like to know why you consider the HTTPS scanning
option a "security problem". Or to be more precise why you consider just this particular option a security problem
in a software suite, that runs several components under root and even has its own kernel modules loaded
(thus having access to any data on your computer).
You still haven't answered all of my questions. Why are you (a "security" company) trying to teach users that they can't trust update channels? Why are you mimicking the behavior of the malware you're supposed to be protecting users from? Most important (the second question I asked in this thread): is Avast going to continue this underhanded, dishonest, and scummy behavior?

I view that as a problem because you've got a closed source crypto implementation that only serves to increase the attack surface of my machine. I get that you need root access to my machine, but since you already have that why did you have to make browser security worse?
Title: Re: SecureLine VPN Auto Install?
Post by: tumic on June 23, 2015, 01:11:48 PM
I meant all of my browser activity and sensitive info. Are you admitting to that?
Yes. If you use the browser extensions (those are again optional like SecureLine), than all URLs
you visit are collected and used to gather marketing analytics data sold here:
https://www.jumpshot.com (https://www.jumpshot.com). The data are of course aggregated, anonymized and sensitive
stuff is stripped, but they are collected.

Actually, the only absurd thing here is a closed source SSL implementation.
Well, in fact we use OpenSSL in combination with Apple's Security Framework (certificate checks),
but since it is much easier to use OpenSSL wrong than right ;-) I do not consider our implementation
as whole to be open source. But we are not that crazy to implement all of the ciphers, hash algorithms
and other cryptographic stuff ourselfs.

Why are you (a "security" company) trying to teach users that they can't trust update channels? Why are you mimicking the behavior of the malware you're supposed to be protecting users from? Most important (the second question I asked in this thread): is Avast going to continue this underhanded, dishonest, and scummy behavior?
I have already answered this questions and the answer is Yes. It is the business model of Avast to sell
you additional products whenever possible. The core Avast products are "free", but that doesn't mean
you do in fact not pay for them. You only do not pay with money but with being the target of various
marketing campaigns instead.
Title: Re: SecureLine VPN Auto Install?
Post by: specimen9999 on June 24, 2015, 05:08:20 PM
In reference to the fact that the user claims to have installed an Anti Virus and not a suite, I would like to remind the user that the Product is in fact called 'Avast Free Mac Security' which indeed implies it is a suite of security tools.
Title: Re: SecureLine VPN Auto Install?
Post by: tumic on June 24, 2015, 10:52:58 PM
In reference to the fact that the user claims to have installed an Anti Virus and not a suite, I would like to remind the user that the Product is in fact called 'Avast Free Mac Security' which indeed implies it is a suite of security tools.

That's true, but the product was "rebranded" just a year ago, so it is perfectly possible that he really
had installed "Avast Antivirus". But to be honest, the naming is only a marketing "game" - the Windows
version is still named "Avast antivirus" even thought it contains many components that are not antivirus
related and is thus much more a security suite than the Mac version...
Title: Re: SecureLine VPN Auto Install?
Post by: Eddy on June 24, 2015, 11:23:29 PM
Fact remains that somehacker agreed with the license terms when installing avast.
He should stop making false accusations en start reading the terms/license that he agreed with.

If he doesn't like them, he is free to remove avast and use something else.
Not that it will make much of a difference because others have something simular in their license.
Title: Re: SecureLine VPN Auto Install?
Post by: StormyWeather on June 24, 2015, 11:47:26 PM
I made an account for the sole purpose of agreeing with the user about the questionable business practices of a security company that installs an additional application on my machine, without prior warning or permission granted. Yes, it is a separate application, my computer treats it as such. I've used Avast for years, on all of my laptops (including 5 machines over 6 years) and mobile phones (3 devices over 3 years). The company has my contact info and could have easily promoted this new product. Instead, I get a random new icon, with no explanation. This is EXACTLY what my security program is supposed to PREVENT.

I am extremely disappointed in Avast. Did you not learn anything from the U2/ Apple fiasco? People do not like things installed on any of their devices, without any warning. You can argue that you are doing it for the customer's convenience, but the customer will often feel like you have violated our trust in a poorly conceived promotion.

You were a pretty good company with a solid product. I am sad that I can no longer use it, but I'd rather not risk my devices and see what other surprises you'll put on my mobile and tablet since you already violated my laptop. 
Title: Re: SecureLine VPN Auto Install?
Post by: enesha on July 31, 2015, 03:42:06 PM
I too am posting on here for the first time because of this.  Yes we installed an full security suite.  Yes we agreed to auto updates.  However those updates were supposed to be for virus definitions and updates to the program itself.  When you are installing, the software tells you all about the different parts and you get to decide what to install.  We want security software to work for us and keep us safe.  To stop bonzai buddy and whatever else tried to install itself from the web, on top of the normal virus protection.  What we do NOT want, is your company to install whatever it feels like installing because it thinks it knows better than us.  I never gave permission for another VPN to be installed.  As a matter of fact, I have one from another company, and yours would conflict.  Then not only do you install it, You have it running.  Taking up system resources without permission.  What part of this business practice do you think is above board?  Just saying we gave permission for updates months ago when we installed in insufficient on it's face.  This software is supposed to be designed to detect PUP, not install one itself.  As you can hear on here, it is definitely unwanted by many people.  35000 views is quite a lot.  Not to mention the people who don't know to come here and find out.  It's sleazy business and you know it.    Software should NEVER install NEW software (just saying it's part of the suite does not excuse it) on a users machine without consent.  That's the entire theory behind PUP's and other things.  You want to act scummy like that, fine, but don't try and rationalize it.  Don't try to make people out to be bad guys when they are pissed that YOU modified THEIR computer without so much as a "by your leave".  How dare you think you can do something to a users computer without their permission.  Using the permissions it was granted to protect a users system to load it up with apparently any software you deem fit, just because it is part of your suite, or in the users best interest.  You are not in a position to know what they user wants.  You do not know if there is some software that may conflict with  the sleaze-ware you want to push on us.  Luckily I have little snitch and was notified that it was trying to connect and I could shut it down.  But look at it like this...  You are pushing unwanted-unasked for software onto a users computer that then runs and makes connections to the internet, even without signing up or asking permission to connect.  How is that anything but dirty.  Saying that we allowed updates when we installed avast is disingenuous at best.  We allowed updates to the definitions and the software we opted for.  We did not give blanket permission for you to install what you want when you want.  Then choosing to attack users / customers / potential customers because they are angry and frustrated about this sneaky action is ridiculous.  Users come here to find out what the hell you people did and you attack them?  Try to shame them for being pissed?  Another sign that your side is being shady.  So you act like a virus or malware and modify a computer outside the parameters of the install or what was agreed to, then dress down the people for being pissed.  No matter how you try and spin it, FORCING software onto a customers computer, with no notification or warning of any kind, software that touches deep into the network system to route ALL network traffic, and that software begins contacting the net and calling home immediately is just plain crappy.  It will not make you new friends.  It will not make you look good.  Makes you seem like the bad guys.  How you don't see that, I 'm not sure.  Im sure that some people would have happily installed it and paid for a vpn, had they known what you wanted.  On the other hand I think the vast majority of people don't need or want a vpn, but you don't care either way.  Force it onto your computer then maybe scare and trick you into paying for it and you get the money.  Sounds like a lot of other shady business from the web where you get something unwanted installed and you get tricked into paying for it.     

Shame Avast.  Shame
Title: Re: SecureLine VPN Auto Install?
Post by: gnj on August 04, 2015, 03:24:22 AM
I've used Avast for years, will continue to do so, but, this caused a heap of trouble for me.
 I just quit it and dragged it to the trash - I hope that's enough.

That's not the correct was to uninstall it, there's a uninstall option from inside the Secureline app in the top menu, there are other important tidbits left in the system besides the .app.

The installer does *not* get all those tidbits. There were several leftovers (found by name) that I manually removed
Title: Re: SecureLine VPN Auto Install?
Post by: specimen9999 on August 04, 2015, 03:58:17 AM
Quote
The installer does *not* get all those tidbits. There were several leftovers (found by name) that I manually removed

Then can you please share the list of those files?

If you are referring to .plist files, these are innocuous and make no difference, and, like it or not, most uninstallers will not delete them.
Title: Re: SecureLine VPN Auto Install?
Post by: gnj on August 10, 2015, 09:03:20 AM
Strange: I have paid Avast on my wife's Win machine --- no Avast SecureLine in sight on that computer.  ;)

   Anyway, after testing it every which way on my Mac, I decided to "buy" it.  ;D

   Activation failed.  :-[

   Tech phone support failed: 
1. An AV program must be interfering ---    :o
2. It won't run on a Mac --- (I must have been hallucinating when I was test running it every which way during the week of free trial)  :-[
3. Refused to escalate, referred to Avast web support  >:(

    Anyway, I went to my payment service for dispute resolution --- and (surprise!) the vender had decided to skip dispute resolution, so it was escalated to claim status almost immediately.  :D

   Somebody in the Avast marketing/ business departments needs to be fired.    :-\
Title: Re: SecureLine VPN Auto Install?
Post by: gnj on August 10, 2015, 09:14:11 AM
Quote
The installer does *not* get all those tidbits. There were several leftovers (found by name) that I manually removed

Then can you please share the list of those files?

If you are referring to .plist files, these are innocuous and make no difference, and, like it or not, most uninstallers will not delete them.

   Besides the plists, there were invisible items in assorted places ---- startup items, boot files, launch agents/daemons, possibly others (working from personal memory here)
Title: Re: SecureLine VPN Auto Install?
Post by: specimen9999 on August 10, 2015, 12:58:53 PM
Quote
The installer does *not* get all those tidbits. There were several leftovers (found by name) that I manually removed

Then can you please share the list of those files?

If you are referring to .plist files, these are innocuous and make no difference, and, like it or not, most uninstallers will not delete them.

   Besides the plists, there were invisible items in assorted places ---- startup items, boot files, launch agents/daemons, possibly others (working from personal memory here)

Those ARE removed by the uninstaller.

PS: and obviously not removed if you just drag the app to the trash.
Title: Re: SecureLine VPN Auto Install?
Post by: Hans97 on December 12, 2016, 11:33:42 AM
avast is a reputable company.
They can't help it if users don't know things.

Avast was very reputable earlier, but now I'm getting tired of their sneaky behaviour. Unlike most others, I'm fully aware of what I'm doing on my computer, as a IT and Computer scientist.
Yesterday that sneaky crap sowftware "SecureLine VPN" sneaked into my computer as well. And I know how!
That damn Avast software made a popup, who nagged about it was time to update my Avast again. I have skipped it several times, but yesterday I thought, why not?
When done I noticed this new annoying Avast addon.
So that necessary update was not that necessary after all, as Avasts actual intention was to sneak in a new crap module, which I don't need! I don't use unsecure Wi-fi networks, and are not involved in any illegal activities! So completely useless! Also get some damn fake notice from Avast quite often, that my computer need some improvement, with registry and old software etc. That notice is not genuine, it's just random generated crap message to lure people into buying the license to use that crap module.

So you Eddy really need to get real, Avast is really abusing their users by acting this way.

I have recommended Avast to lots of customers, but that's gonna END now! Thank you very much Avast.
Title: Re: SecureLine VPN Auto Install?
Post by: Eddy on December 12, 2016, 12:56:50 PM
First of all you are posting in a thread that is dead for over a year.

Secondly, a VPN isn't about using (possibly) insecure WiFi networks, it is about data encryption, adding a extra security layer to your data traffic.

You're clearly not a IT/Computer scientist or you are a real lousy one.
Title: Re: SecureLine VPN Auto Install?
Post by: Hans97 on December 13, 2016, 01:04:09 AM
First of all you are posting in a thread that is dead for over a year.

Secondly, a VPN isn't about using (possibly) insecure WiFi networks, it is about data encryption, adding a extra security layer to your data traffic.

You're clearly not a IT/Computer scientist or you are a real lousy one.

Woah, thank you for that informative post. Yeah, I'm so lousy that I don't know how to protect my network. Or perhaps I've already have BETTER protection than Avast can offer? Thought about that?