Author Topic: Avast Privacy  (Read 8592 times)

0 Members and 1 Guest are viewing this topic.

Offline Pindakaas

  • Full Member
  • ***
  • Posts: 142
Avast Privacy
« on: November 11, 2011, 08:52:28 PM »
I have a question about how Avast handles your privacy.

I have read the privacy policy and it's rather short.


For example , if a federal trojan is released to spy on everybody for research , some AV vendors produce no signature for the trojan on purpose , to serve the federals , is Avast doing that too ?

And my information i give to Avast , to what third party's is that send too , and does Avast check the privacy policy of the third party's to see if it's safe ?

I am not a criminal but i do not want an AV to set a hole in its AV to serve federals or goverments.

A AV needs to protect your privacy in all times in my opinion , and does Avast send information about the user if federals ask for it ?


The same question is for Easypass.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36810

Offline Pindakaas

  • Full Member
  • ***
  • Posts: 142
Re: Avast Privacy
« Reply #2 on: November 11, 2011, 09:18:00 PM »
ok i read it , but can a official say , is it detected or not


and i have more questions , not only about that particular trojan.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36810
Re: Avast Privacy
« Reply #3 on: November 11, 2011, 09:34:30 PM »
well, that was the question i could answer..
and as you did see in one of the threads ( you did click the links) it does detect the tree i found..

Offline Pindakaas

  • Full Member
  • ***
  • Posts: 142
Re: Avast Privacy
« Reply #4 on: November 11, 2011, 09:36:59 PM »
true , but Norton found it also in VT , while i heard that Norton excludes federal virusses

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36810
Re: Avast Privacy
« Reply #5 on: November 11, 2011, 09:41:35 PM »
true , but Norton found it also in VT , while i heard that Norton excludes federal virusses
heard and know are two different things    ;D     maybe they changed.....you should ask in Norton forum  

Offline Pindakaas

  • Full Member
  • ***
  • Posts: 142
Re: Avast Privacy
« Reply #6 on: November 11, 2011, 09:44:39 PM »
i did , they dont give a clear answer , they say i have to keep my computer up to date and dont do risky things , and the best way to protect against trojans is to '' not '' internet.


yea thats a helpfull answer....so yea , i already knew that.

Offline Gargamel360

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2347
  • Memento Mori
Re: Avast Privacy
« Reply #7 on: November 11, 2011, 09:45:41 PM »
I'm not official, but even if they do not work with authorities, there is a chance they will still not detect it sooner or later, even if the are flagging it now (the fact they ever detected it to begin with pretty much answers your concerns, though).  

Its a trojan, after all.  It tries to hide or obfuscate its intentions.  And provided the makers of the malware tweak it on the regular (or it changes itself), then Avast! will do what all vendors do....go from detecting it, to not, then detecting it again.  Same good old cat and mouse as always.  This of course allows a certain amount of plausible deniability to enter the equation  ;)  

One thing going for Avast!, they are not based in US or China, the biggest sources of this escalating cyber-espionage, so they are outside the scope of much of the strong-arm tactics those resident authorities might employ.

Ultimately, this is like chasing your tail, there is going to be precious little facts to go on, and plenty of FUD.  If you can't put it out of your mind (or at least to the back of it), adding aggressive security like a HIPS might be something for you to look into.
Signature?  But I gots no pen....

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6712
  • Trust only what you test yourself!
Re: Avast Privacy
« Reply #8 on: November 11, 2011, 09:45:56 PM »
does Avast send information about the user if federals ask for it ?

It depends upon the country. Here in the USA we have certain agencies which can and do look for certain behaviors. ie; sedition, treason, terrorism and other illegal activities. Our government can do "domestic" spying within certain parameters and they need to show reasonable cause. As far as avast giving information there has to be a good reason for them to disclose such information.  :)
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline Pindakaas

  • Full Member
  • ***
  • Posts: 142
Re: Avast Privacy
« Reply #9 on: November 11, 2011, 09:49:41 PM »
I'm not official, but even if they do not work with authorities, there is a chance they will still not detect it sooner or later, even if the are flagging it now (the fact they ever detected it to begin with pretty much answers your concerns, though).  

Its a trojan, after all.  It tries to hide or obfuscate its intentions.  And provided the makers of the malware tweak it on the regular (or it changes itself), then Avast! will do what all vendors do....go from detecting it, to not, then detecting it again.  Same good old cat and mouse as always.  This of course allows a certain amount of plausible deniability to enter the equation  ;)  

One thing going for Avast!, they are not based in US or China, the biggest sources of this escalating cyber-espionage, so they are outside the scope of much of the strong-arm tactics those resident authorities might employ.

Ultimately, this is like chasing your tail, there is going to be precious little facts to go on, and plenty of FUD.  If you can't put it out of your mind (or at least to the back of it), adding aggressive security like a HIPS might be something for you to look into.



Yea true

Offline FlyingRobot

  • Full Member
  • ***
  • Posts: 105
Re: Avast Privacy
« Reply #10 on: November 11, 2011, 10:53:19 PM »
I think it is a great idea to inquire about a company's position WRT to cooperating with (domestic and/or foreign) government agencies and get that in the public record so to speak.  The simple act of asking... seeing if and how the company responds... may tell you something.  I believe Avast Software is based in the Czech Republic.  I am not familiar with the technical and practical legal climate in that country.  In general, though, many government agencies wield great power and are capable of "making things happen".  In many places there are national security, etc angles which they can use to legally prevent a company from disclosing anything about a government order.  Some companies will spend substantial sums of money to fight such actions.  Most surely would not.  So, although some companies truly make an effort to stick to angelic principles and do what is best for their customers, it is unwise to believe that they will (be able to do so) in all cases.  Sometimes, another party (be it government, organized crime, a lone blackmailer) has leverage and overwhelming advantage over you (be that company or individual employee, legal or illegal).

Nearly all privacy policies are worthless.  In general they are crafted so as to make the customer FEEL safe while still allowing the company to engage in privacy degrading practices.  Looking at the Privacy Policy at http://www.avast.com/en-us/privacy-policy for example, notice it says "When you register, or otherwise give us personal information, AVAST Software a.s. (formerly ALWIL Software a.s.) will not share that information with third parties without your permission...".  So far so good, but then comes: "other than for the limited exceptions already listed."  What are those exceptions?  I see two: "to help us create and provide content that is relevant to you" and "to alert you about product upgrades, special offers, and other information and services available from from AVAST Software a.s. (formerly ALWIL Software a.s.), in accordance with your requests".  That creates a loophole such that Avast Software CAN share your information with third parties as long as those third parties are involved in doing those two things.  Note: I'm just using this as an example.  I currently don't know precisely what Avast Software is or is not doing with respect to information sharing.  One important question would be whether Avast Software is using a third party CRM type firm to handle the client database, process purchases, communications, things like that.  A surprising number of even large/deep-pocketed companies (that COULD be doing and SHOULD be doing things in house) use such firms.

If you are concerned about privacy I would recommend you do NOT participate in the avast community, do NOT use WebRep, and do NOT use the CreditAlert thing.  Make every effort to PREVENT your personal identity and information from being linked/linkable to the software you have running on your machine. 

Offline Pindakaas

  • Full Member
  • ***
  • Posts: 142
Re: Avast Privacy
« Reply #11 on: November 11, 2011, 10:57:10 PM »
Yea but i think almost every antivirus does some kind of third party activity , i am currently using Emsisoft Anti Malware and Online Armor Firewall , and those programs are not bad at handling privacy.

I think i will buy Easypass thats why the question

Offline FlyingRobot

  • Full Member
  • ***
  • Posts: 105
Re: Avast Privacy
« Reply #12 on: November 12, 2011, 12:10:54 AM »
I'm not familiar with Avast EasyPass.  Does it store your (password) data on Avast servers or sync devices through Avast servers?

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67274
Re: Avast Privacy
« Reply #13 on: November 12, 2011, 11:58:37 AM »
Does it store your (password) data on Avast servers or sync devices through Avast servers?
Both. It needs to store the info to allow syncing.
The best things in life are free.

Offline FlyingRobot

  • Full Member
  • ***
  • Posts: 105
Re: Avast Privacy
« Reply #14 on: November 12, 2011, 09:12:25 PM »
Based on a quick read of some descriptions it looks as if EasyPass stores data on the local device and synchronizes that with the Avast server(s).  Such a model simplifies implementation and certain usage patterns.  There are other approaches such as syncing with your own server, syncing to/from a portable device, and syncing in a peer to peer fashion.  While less friendly to the unsophisticated and/or more convenience oriented user, the later can offer better protection.  Note: I wouldn't call manually copying files to another device "syncing", but support for that is worth mentioning.