Search the Community
Showing results for tags 'privacy'.
-
Before watching the video or posting a reply; please dear readers, hear me out first. I'm posting this because I believe in choice, no matter what it is so please keep an open mind upon continuing. No matter how you personally feel about the uploader, their content, Microsoft or telemetry data. Sign the petition because Burger King was right, we should have it our way. https://www.change.org/p/jerry-berg-microsoft-needs-to-add-an-off-option-to-telemetry-for-windows-10
- 10 replies
-
- microsoft
- windows 10
- (and 4 more)
-
The reason behind the bill: According to this article, the law might help companies like Microsoft updating our computers with security patches due to the amount of vulnerabilities they are finding. This is the bill they are trying to pass: Even if there will probably be no-one to enforce this bill, I hope it does help M$ and other companies to secure their piece of software... Edit: fixing the post to fit the community guidelines @Energycore
- 16 replies
-
- hacking tools
- nsa
-
(and 3 more)
Tagged with:
-
Montreal Police have been found to have obtained 24 warrants to surveil La Presse columnist 24/7. The warrants issued were broad, allowing the police to not only track his location at all time, but also to allow them to obtain the information of everyone who he contacted. Toronto Star CBC This is part of a bigger issue at hand. Last year the Canadian Government passed Bill C-51, a bill which the Harper government created to increase the police's power to surveil Canadians and which granted them more power to act on intelligence. This new bill created a warrant which can “contravene a right or freedom guaranteed by the Canadian Charter of Rights and Freedoms” or be “contrary to other Canadian law”. Overall, it's essentially the Patriot Act, but in Canada; but to see the police using the additional powers granted them in this bill (which was centered around terrorism) is disturbing. Sadly, this isn't the first time that an issue such as this has happened (specifically, the Montreal Police have done things like this before) and I suspect that it will only become all too common in the future.
- 48 replies
-
I bought an old 360 Slim at a garage sale. I then switched out the hard drive and downloaded my gamer tag to find that the privacy and online settings were locked to teen by the parents who set it up for their kids who are now in college. The parents can't remember the password and it's tied to an email they also don't know the password of. For some reason the email is gmail even though I think you need a Microsoft email to make an Xbox account. Anyone know how to completely wipe an Xbox 360. 100%. Until then I can't purchase any games or do most of anything. Thanks Microsoft!
-
The EU's court has ruled that dynamic IPs can no longer be stored by websites without there being a explicit reason like protecting the website against attacks. The plaintif (a member of the german pirate party) has argued that by storing his IP a website owner could over time build up a profile of his interests and should therefore be counted as "personal data" and be protected as such. Since the EU has begun enforcing stricter policies on cookies (such as having a banner that warns users that they are being tracked) it has been increasingly difficult for website operators to track its customers for statistics and advertising purposes. In its argument, the EU court has emphasized the legitimate need of website owners to guard against cyberattacks and that it views storing each visitors IP as a reasonable means to ensure cybersecurity. It is therefore likely that dynamic IPs will still be stored going forward, but only for administrative purposes, not for statistics and marketing. as ArsTechnica notes: " The case now goes back to the German Federal Court of Justice, which will make its judgment based on the CJEU's opinion. Given the top court's reasoning, it seems likely that Breyer won't be granted an injunction restraining Germany's federal sites from storing data about his visits. " Source 1: Ars Technica (20.10.16 1000 GMT+1) Source 2: Der Strandard (German Source) (20.10.16 1000 GMT+1)
- 6 replies
-
- privacy
- internet freedom
-
(and 2 more)
Tagged with:
-
Source: http://www.pcmag.com/news/349328/web-of-trust-browser-extension-cannot-be-trusted If you have Web of Trust installed in your browser or on your mobile device, it's time to remove it because they have been spying on their 140 million users. If you don't know what Web of Trust is, it's a browser extension and android app which will tell you how safe a website is, based off of community ratings. I used this extension a lot and for me to find this out really did shock me. I've since removed the extension and highly advise others to do so. More information (Wikipedia): https://en.wikipedia.org/wiki/WOT_Services#Privacy_issues
-
I was going through the community standards. I honestly had no clue they were even there. But I read something strange: Also discussions regarding ways to avoid or block legitimately installed monitoring/tracking software or the like is also not allowed. When I see this I think of the windows 10 privacy issues. Blocking this isn't illegal (as far as I know I'm not a lawyer). It may void your warranty but so will every other thread on this website. Why do the LMG staff feel this is important? You bought your software and if there is any form of spyware legitimate or not you have the right to remove it. edit: I see your point... I feel like I'm in first grade when school started I had no fucking clue how apostrophes worked. later after writing some stuff I went home and googled it... facepalm.jpg
-
In the case of yet another company determining that data collection is an essential function to perform their service, Sonos is updating their Privacy Policy to require the collection of a users email address, IP address, account information, device data, Wi-Fi Antenna data other hardware information, room names and error data. Users who opt out are being told that their device may receive degraded performance and cease to function in the future. http://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/ It's reason's like this that I think will hinder the develop of a truly integrated home system. This kind of forced data collection doesn't seem to be just for the benefit of the end user and adds another layer of security issues...
- 5 replies
-
- sonos
- home media
-
(and 1 more)
Tagged with:
-
Sources: The Guardian, Sophos The fuck?! Why would Facebook needs your nudes you might ask, here's a brief explanation from security company Sophos So basically, if you upload your nude photo to Facebook, it will pattern match what seems to be a photo of genitals and hash it so that if someone does revenge porn on you, it will be blocked. So it's kinda like Face ID but instead of a face unlocking while relying on a neural engine, it will turn photos of genitals into numbers so that if someone tries to leak your nudes, it will be blocked. So many things could go wrong with this Facebook strategy. For one, Facebook isn't known for being trustworthy when it comes to privacy and how sure are we that when someone uploads their nude photo, it will be automatically hashed and deleted after and not have some Facebook staff self-completing while hashing the picture? Secondly, how will they pattern match an initial nude photo with a leaked one given that people's bodies undergo changes all the time especially when being promiscuous? Another thing to remember is that Facebook isn't the only medium to share photos and videos. While Facebook might block it, Telegram wouldn't. Which makes me think, is revenge porn among exes rampant in Australia? Then there's the point of just don't take pictures of your nudes at all. While I am not telling people how they should live their lives and I'm a firm believer that "whatever you do within the privacy of your own mind or house is up to you as long as it doesn't spill in a deleterious manner on me." But both young people and adults should realize that whatever is posted on the Internet becomes permanent especially when automatic cloud backups are enabled. But then revenge porn is a serious issue and it can be hard to determine if a relationship is going to last. So just a tip, always anticipate that a relationship might go south so don't take nude pictures and more importantly, don't take videos of intimate moments.
-
You might not know it, but inside your Intel system, you have an operating system running in addition to your main OS, MINIX. And it’s raising eyebrows and concerns. https://www.networkworld.com/article/3236064/servers/minix-the-most-popular-os-in-the-world-thanks-to-intel.html
-
Sources: Business Insider, CNET, Twitter (John Paczkowski) My first reaction was "Oh Shit!". But then I don't do any crime so I guess I'm safe but to be fair, Apple didn't say that they will not cooperate with law enforcement agencies. In their own privacy statement, Apple says the following. In another document, Apple does accept subpoenas, search warrants and court orders as well [here]. For requests outside the US [here]. At the moment, the FBI can't unlock the iPhone because Touch ID is disabled immediately after 48 hours of not being used. The FBI won't risk to brute force the iPhone because Apple implemented an anti-brute force method where after 10 failed passcode attempts, it will wipe out all data. Here's another statement from Apple: I guess this is why local backups are still better. Also, Apple didn't say that they'll create an encryption backdoor nor would they help unlock the iPhone but only the iCloud contents. Which made me think Apple is operating in the US and they have to follow the law. It's odd that Apple offered to help first rather than having the FBI harass them just like in 2014. The Texas shooting is by no doubt atrocious and good thing that the shooter is dead. Apple in 2014 received an amicus curiae from the tech industry and non-government organizations in support of them refusing to create an encryption backdoor. Since little information has been revealed, I don't know what kind of aid will Apple give to the FBI. But why didn't the FBI unlocked the iPhone within 48 hours using the corpse's finger? This post will continuously be updated as more reports and statements are posted online. To be honest I'm surprised and disappointed.
-
Sources: Cornell University Library, Science Mag, and Threat post The article however didn't mentioned password managers so I guess it's safe to use a reliable password manager with two factor authentication. I have a feeling that as AI, machine learning and neural engines become more powerful, we might see cyber attacks much more serious. At the moment, it predicts what passwords are the easiest to guess to give companies chance to change their weak passwords into a more secure one. But as far as I'm concerned, most websites don't read passwords as plain text like "I<3myhotboss", websites read it hashed like this one "eed4b508e6f5acda3178c880bc490546" and I think there's already an online database containing hashed passwords that are used by hackers to brute force. But then, I can see this being used by legit password managers and they'll notify the user if the password they're using is easy to guess or has been used somewhere else so that they'll notify the user to change for a more secure password. So I'm all for this and I hope this will be implemented to current password managers.
-
Sources: Ars Technica, BBC News via Bitdefender I mean yeah, if they want to investigate something encryption can be a pain in the ass not to mention, encryption is used badly especially when cybercriminals create ransomware that either locks the user’s files or tamper the master boot record. At the moment, only a few ransomware has a publicly available decryption tools. [No More Ransom Project] But the thing is, anything you say can be used against you. That’s why in court hearings or during arrest by the police in most countries, the police reads the suspect’s Miranda Rights. Just imagine if the cops can read all outgoing and incoming emails via an encryption backdoor. Not only it is uncomfortable but for even something innocous and neutral message content can be used as a probable cause. Just as the San Bernardino iPhone 5c, it was just a pretense to grant the FBI unrestricted access to iPhone’s once they’re given a backdoor and even when they were able to unlock the iPhone 5c via a third party hacker, they found nothing. What’s disappointing is that even the current US DOJ calls weaker encryption as responsible encryption. What would happen if if the same weak encryption is used against the US government? What if someone like North Korea hacks US government databases? That’s why demanding for a backdoor or attenuated encryption is a gray area. This reminds me a video from Tom Scott who said that encryption backdoors are only as good if the current government is good. Edit: But then if I’m playing the devil’s advocate here, I would want a way to easily catch criminals. Let’s say I’m a cop organizing an investigation and my team arrested 10 criminals who are not only drug traffickers but also child pornographers. After arresting the crooks, my team found several computers that are using Full disk encryption. I could make a case in the court to demand let’s say Microsoft or Apple to produce a temporary backdoor to bypass Bit locker and File Vault. After decrypting ghe computers, my team found out their existing operations as well as phone numbers and IP addresses from other countries. The local cops can alert those countries that a bug gang of notorious criminals are with them so we basically put a criminal operation to an end. For more information about the NSA's spying playset, you can check out this video: On the flip side, I’d want to hear POTUS45 to say “unbreakable encryption is a yuuuggge, yuuuggge problem.” ?
- 122 replies
-
Source: Apple's Support Page and Whitepaper (FaceID_Security_Guide.pdf) via Tech Crunch It's good that Apple released a whitepaper to clarify the issue and I encourage everyone to read their support page as well as their detailed whitepaper as to how they keep Face ID secure and how they respond to Al Franken's questions so here are some key points from Appe: Basically very similar as to how Touch ID is securing fingerprint data. Touch ID is a capacitive CMOS sensor that takes a high DPI image of the fingerprint and converts it into math representation and discards the image after. The math representation is stored locally in the Secure Enclave of the A7 chip and above. Sucks for people with identical twins then but Apple didn't say that an identical twin can unlock it, it's just a lower probability. Again, this one should be tested among identical twins as I remember, even identical twins can't fool Windows Hello. As twins grow, they actually become more and more distinct. But then if you're 13 and below, your parents should just get you the regular iPhone 8 or better yet, no phone at all and focus at school. I wonder what does Apple mean by a mathematical representation? Is it just a random string of numbers and letters that are salted and hashed? They won't tell. I think they probably shouldn't. And finally, here's Apple's response to Al Franken if Face ID data is uploaded to Apple servers or not. Now this is the part that it's a little bit sketchy. Apple says that Face ID data is stored locally and encrypted so that's a plus. But then, you have the option to submit your Face ID diagnostic data as telemetry? I always commend Apple for their commitment to privacy and standing up against inserting encryption backdoors but Face ID diagnostic data? What do they mean by diagnostic data? Because I'm pretty sure my iPhone's Touch ID doesn't have diagnostic data. I hope Apple clarifies this and maybe a non-trollish forum member could clarify it. The good is that you have the option to disable Face ID telemetry and I think anyone with an iPhone X should unless Apple can do this in a very secure and private manner. I mean, macOS's telemetry is actually way less creepy than Windows 10 because they would just take diagnostic data and personal information like email addresses, usernames and passwords are filtered out before it's being sent. In fact, you can view the actual telemetry data on an iPhone and iPad which is very transparent unlike other operating systems and you can always opt out instead of asinine options of full telemetry or telemetry lite but no telemetry off.
-
https://thenextweb.com/security/2017/11/09/researchers-find-almost-every-computer-intel-skylake-cpu-can-owned-via-usb/ It has been discovered that it is now possible to "hack" into your Intel Skylake and above CPU via Intel's Management Engine (IME) and it's possible via USB. When they have access to IME they can basically do anything they want even use your encrypted storage. There is company Purism that is selling laptops with disabled IME and they planning selling smartphone as well. One good thing about this is that we will be able to "disable" it now or go ask AMD to remove their PSP since they already have opensource GPU drivers.
-
Sources: Ars Technica, WebKit, and PR News Wire Apple WebKit engineer John Wilander said that Intelligent Tracking Prevention "reduces cross-site tracking by further limiting cookies and other website data." Here is how it works, according to Wilander: Too bad for advertisers, good news for iPhone/iPad and Mac users I guess. I doubt Google is going to implement something similar to Chrome because their business model is about ads although ads in Gmail are very unobtrusive unlike Outlook. Chrome implemented a "Do Not Track" request but most advertisers just ignore that but it gives you the option to block third party cookies. I don't think this is anti-consumer at all because it will greatly improve user privacy. It's kinda creepy that a lot of the websites you visited are showing ads about that onesie you bought from an online store and it will haunt you for days. So with Safari, it will only allow it for 24 hours but after than that, it's gone. I think the reason why advertisers are worried is because this privacy feature is on by default so no more targeted ads based on browsing habits.
-
Apprently as a boss you have to be very carefull nowadays. Just stating in the rules that the use of a specific compagny asset is forbidden isn't enough anymore. The compagny set up this yahoo messenger account for him to talk to customers, but he also used it for some private conversation. As a boss you should always inform your employers of the fact that their messages can be subject to monitoring. If you as a boss fail to do so the person in question can appeal to articel 8 of the European convention on human rights Probably this will cause a lot of compagnies to make their rules even stricter and have employers even sign more papers before they are allowed in their IT envirioment. Personally I don't know if this is a good development. On one hand it's good that pricacy still means something, but on the other hand this makes it even harder for bosses to make sure compagny assets aren't used for other stuff. Source and complete article: https://www.theguardian.com/law/2017/sep/05/romanian-chat-messages-read-by-employer-had-privacy-breached-court-rules
-
So I came across this deal https://stacksocial.com/sales/vpn-unlimited-lifetime-subscription , and I want to know if someone with more knowledge in the matter would recommend this over other options. Thx in advanced.
-
I wonder if @LinusTech is still using his iRobot Roomba that he reviewed back in February 2015 or if he'll continue using his. Source: The Next Web This is a blatant invasion of privacy. I mean tracking your floor plan and giving off the data to other companies to target you ads? I get why Apple or Amazon would be interested with a house floor plan. Apple has their HomeKit API for home automation like telling the Roomba to turn itself on during the weekends to clean rooms and charge itself automatically. With Amazon it's kinda obvious what they would do with it, sell you ads about household cleaning chemicals perhaps or others. But Facebook? Then knowing your floor plan is kinda creepy. I can't really comment on the Roomba itself since I don't own one and I'm perfectly fine with just a 600W vacuum cleaner or even just a broom for under the bed cleaning.
-
Sources: Ars Technica, Reuters, BSI (Germany) The WaPo article reporting the same events is here It adds additional details about the role Kaspersky AV reportedly played in identifying the NSA material the employee stored on his home computer. In a statement, Kaspersky Lab officials wrote: This is a bit concerning. I've used Kaspersky AVs since college when my PC got infected by a nasty worm that hid all my essential files and replaced them with shortcuts and stupid Microsoft Security Essentials wasn't able to detect and remove it so I downloaded a 30-day trial of Kaspersky Internet Security and it detected the nasty worm and I was able to recover my files and from that day on, I've been a customer and I even installed it to my parents' PC at home. While I don't think home users have little to worry about, it is what the alleged spying it does. Until the US Senate hearing ensues, I'd still give them the benefit of the doubt unless the code inspection by US CERT and NIST found something deplorable. Founder and CEO Eugene Kaspersky responded to the allegations in his personal blog saying: I don't know if I'm buying Kaspersky's response there. But the crazy thing is that Israeli hackers penetrated inside Kaspersky Lab's own network and remain undetected for months just to know the shenanigans of the NSA but only to see that allegedly, Kaspersky is working hand in hand with the Russian intelligence. It does raise a lot of concerns but the caveat is that a lot of these evidences proffered against Kaspersky are unknown sources. I think Kaspersky is caught in the middle of a modern day cold war but doubts on cyber espionage cannot be ruled out until the 25th of October when Eugene Kaspersky himself will testify on the US Senate. In their company website, they explained how they work and how their cloud services protect user privacy which you can read here and here.. You be the judge. I'll just wait here as the story unfolds. Although reading their privacy statement on their cloud protection service, I kinda wish Microsoft would finally allow full disabling of telemetry in Windows 10. Maybe they'll finally add it in their Spring Creators Update? UPDATE: There was an Ars Technica article at the moment about how allegedly Kaspersky modified their AV to be used by Russian intelligence to steal NSA secrets. In the latest Reuters article, Germany's BSI federal cyber agency said that the malicious accusations to Kaspersky Lab have no evidence that the Russian government used Kaspersky Lab AV to spy US authorities. Here's the original press release from Germany BSI in the original German language. Any German member in LTT can translate it correctly: Is Google Translate correct in translating? I hope so. But I want to know on what grounds or how did the German BSI investigated and found nothing. If Germany is correct, then all of the allegations to Kaspersky Lab and Eugene Kaspersky is basically oral defamation due to geopolitical conflicts. I wish other intelligence agencies from other countries to come to prove or disprove the allegations.
- 19 replies
-
- cybersecurity
- anti virus
-
(and 3 more)
Tagged with:
-
so guys i´m going to write an essay about the realtion between politics and privacy(specifically internet privacy), so i it would be nice if you could recommend me some texts that have relation with that topic.
-
Google has introduced a new, increased security option for Google Accounts. Essentially, it adds an additional level of protection to your Google account - a physical key. You can register a physical key as well as a bluetooth dongle with your account. This code generator key will be required to log in on a new device. Codes from software authenticators and mobile phone verification attempts will no longer be valid. Advanced Protection bans all third party applications from accessing your account. This means that third party applications, for example honey pots placed by security services or criminals, will no longer be able to access your Google account. It unfortunately also means no more importing of your Google calendar to Outlook, using the default Mail app on your iPhone or even logging into Gmail on a browser that isn't Chrome. Additionally, there are more hoops to jump through to recover your account than usual if you lose your Security Keys and your account credentials. Advanced Protection is available as of today at the link below. I think this is an important tool for people who need to keep their correspondence and correspondents away from prying eyes. Journalists, political activists and victims of domestic abuse are all potential users of this feature. However, it will of course mean more inconvenience (not to mention the money you will have to spend on hardware code tokens), so I think that most people won't turn it on. It will also be interesting to see what happens when the first law enforcement agency tries to gain access to a protected account by force, and whether Google is willing or even capable of helping in this case if the security tokens are destroyed. Sources: primary source: https://landing.google.com/advancedprotection/ secondary source: https://www.wired.com/story/google-advanced-protection-locks-down-accounts/
-
This is a bit older but I thought it would be interesting for you guys here. So last year the police of the german capital Berlin was inquiring the cell phone data of every inhabitant of the city 32 times a year or every 11 Days. This was made public by the center-left government of the city which wanted to show the public some statistics for more transperency. The privacy advocators at the website of netzpolitik.org summarized the government report in a more readable way and found out that the technology is mostly used for "smaller" crimes like theft and robbery. I personally think this is a big step forward in transperancy of surveillance technologies but also shows us to what extend governments/polices use these on innocent people. Because while looking for one or a group of persons they inquire the cell phone data of tens of thousands of people. So what do you think about this? Source(translate): https://translate.google.com/translate?hl=de&sl=de&tl=en&u=https%3A%2F%2Fnetzpolitik.org%2F2017%2Ffunkzellenabfrage-letztes-jahr-landeten-handy-daten-aller-berliner-alle-elf-tage-bei-der-polizei%2F Source: https://netzpolitik.org/2017/funkzellenabfrage-letztes-jahr-landeten-handy-daten-aller-berliner-alle-elf-tage-bei-der-polizei/
- 53 replies
-
- privacy
- surveillance
-
(and 2 more)
Tagged with:
-
EPIC has filed a lawsuit against President Trump's Presidential Advisory Commission on Election Integrity (PACEI) for allegedly violating American voter's digital privacy rights by requesting sensitive voter information from several US states. EPIC's claims: 1. NOTE: This information requested was to be sent to an unsecured URL. 2. Furthermore, EPIC claims that such an action is a violation of the E-Government Act of 2002, which requires that federal agencies make a "Privacy Impact Assessment" before completing these requests for voter data (I am unsure as to whether this is because the commission stated intent to publish the documents publicly or whether this is because the commission requested such information via an apparently unsecured website). 3. EPIC also claims that such a request, even with a PIA, violates, both substantively and procedurally, the 5th Amendment of the US Constitution (and subsequent case law - NASA v. Nelson, Nixon v. Administrator of General Services, Whalen v. Roe). Substantive vs procedural law explanation: Substantive law violations refer to violates that break the spirit of a law - for example, uninvited guests being in your house (when you never made any hint of a suggestion that anyone could pop into your house). Procedural law refers to the documentation and specific procedurals that are required to determine if a violation took place and how to go about punishing/remediating it. For example, a coal facility may deposit coal ash into an artificial wetland nearby, but only at a 20 tons/day rate maximum (no more) and must document the permits to do so with local authorities and have appropriate instruments to measure its rate. If it does not do these things, it is procedurally violating a law (assuming it cannot exceed 20 tons/day). 4. It requests that what data has been collected be securely deleted, halt the collection of further data, that a PIA be completed, and that EPIC be compensated for its litigation costs. IMPACT ON YOU: If you live in America, this may be another reason to pay attention to government power over your records via digital means. As an American, I know I would not want my SSNs passing through an unsecured web page! Canadians need not worry and can just say "eyyyy" all day (unless, of course, your PM does similar in the future). For a list of the rest of the documentation, here is the EPIC web page dedicated to it.
-
In this post I will be sharing my findings on data collection done by antivirus softwares. So, I set out to find an antivirus that provided great security while respecting user privacy. A couple articles into my research it was clear that almost every AV software worth using collects user data in some form. User data might be personally identifiable or personally non identifiable. This article will go through what data antivirus softwares send and why they send it: Article. AV-Comparatives did an analysis of the data sent by various antivirus softwares which you can find here: AV-Comparatives Data Sending PDF. I recommend that you read the above article and the document yourself to get the whole picture as I am gonna touch on just a part of the info. Going through the document this is the conclusion I came to. Emsisoft Anti Malware is your best bet as recent tests by AV-Comparatives suggests that in most cases it keeps up with the top antivirus softwares out there and it doesn't collect the web addresses you visit, your local documents, your hardware and third party software info and the processes running on your PC. But you'll have to pay for the premium version as the free version doesn't offer real time protection. Although keep in mind that compared to other antivirus softwares it alerts users with more false positives, leaving it up to the user to make the decision. If you are looking for a free alternative then Avira seems like a good choice for tech savvy users. Avira lacks behavioral malware detection and its anti-phishing capabilities are mediocre at best. Also, Avira will transmit the web addresses you visit. Both Emsisoft and Avira strike a fair balance between protection and privacy. However, the data sending analysis done by AV-Comparatives is 3 years old and hasn't been updated. There is a good chance that the tested antivirus softwares have made changes to their privacy policies, which at least seems to be the case with Avira. Then I remembered Keys from NCIX mentioning how NCIX doesn't use any third party antivirus software on their PC and how they rely on Windows Defender and general browsing skills/internet know-how/ knowing what to click and what not to. But upon searching a bit about Windows Defender I found its Privacy Policy to be quite convoluted and the Privacy Settings to be somewhat limiting. There is also some general lack of testing for Windows Defender. In any case Windows Defender lags behind well rated third party antivirus softwares in terms of protection. Although iirc Keys did mention using MalwareBytes as a second line of defense. Keep in mind that MalwareBytes offers real time protection to its premium users only. And its privacy policy makes it plenty clear that they collect a lot of data. If this data collection doesn't bother you then BitDefender Paid Version might be a great choice for you. It has great reviews and results in independent lab tests. I suggest that you do your own research to find out which antivirus suits you the best. After all the research one thing stood out, that for a PC to be secure it needs to have several layers of security. Having good enough antivirus and antimalware running on your PC do help protect you. But, being vigilant while browsing the web and knowing what is safe to download and what isn't is just as important. It is recommended to regularly update your softwares and more importantly your browsers. Ad-Blockers like uBlock Origin (open source) can add an extra layer of security. And something like the Web Of Trust extension can help you identify potentially harmful web pages. However, it seems like you do have to let some of these tools have access to the web addresses you visit. Currently I have decided to stick to using Avast. But I might switch to Emsisoft. What do you guys consider to be a good privacy oriented security setup?