Jump to content

Avast is now officially spyware - selling user data!

Furiku

spacer.png

So, avast antivirus suite, favorite free antivirus package of 400 million people has been caught selling user browsing and other  user data for advertisers and other nefarious purposes.

This officially changes status of Avast from antivirus suite supposed to protect us from spyware and malware and other nasty things into spyware itself.

 

Avast CEO Ondrej Vlcek happily commented the following:

Quote

"there’s no privacy scandal here. All that user information that it sells cannot be traced back to individual users"


Personally I already stopped using Avast some years ago when they started adding signatures to all my emails without user consent advertising their product. (Still an avast user using web protection or email protection? send a test email with gmail and you'll be surprised to find out this is true. )

 

Free lunches aren't free after all.

 

 

 

https://www.forbes.com/sites/thomasbrewster/2019/12/09/are-you-one-of-avasts-400-million-users-this-is-why-it-collects-and-sells-your-web-habits/

Link to comment
Share on other sites

Link to post
Share on other sites

bruh

 

QUOTE ME  FOR ANSWER.

 

Main PC:

Spoiler

|Ryzen 7 3700x, OC to 4.2ghz @1.3V, 67C, or 4.4ghz @1.456V, 87C || Asus strix 5700 XT, +50 core, +50 memory, +50 power (not a great overclocker) || Asus Strix b550-A || G.skill trident Z Neo rgb 32gb 3600mhz cl16-19-19-19-39, oc to 3733mhz with the same timings || Cooler Master ml360 RGB AIO || Phanteks P500A Digital || Thermaltake ToughPower grand RGB750w 80+gold || Samsung 850 250gb and Adata SX 6000 Lite 500gb || Toshiba 5400rpm 1tb || Asus Rog Theta 7.1 || Asus Rog claymore || Asus Gladius 2 origin gaming mouse || Monitor 1 Asus 1080p 144hz || Monitor 2 AOC 1080p 75hz || 

Test Rig.

Spoiler

Ryzen 5 3400G || Gigabyte b450 S2H || Hyper X fury 2x4gb 2666mhz cl 16 ||Stock cooler || Antec NX100 || Silverstone essential 400w || Transgend SSD 220s 480gb ||

Just Sold

Spoiler

| i3 9100F || Msi Gaming X gtx 1050 TI || MSI Z390 A-Pro || Kingston 1x16gb 2400mhz cl17 || Stock cooler || Kolink Horizon RGB || Corsair CV 550w || Pny CS900 120gb ||

 

Tier lists for building a PC.

 

Motherboard tier list. Tier A for overclocking 5950x. Tier B for overclocking 5900x, Tier C for overclocking 5800X. Tier D for overclocking 5600X. Tier F for 4/6 core Cpus at stock. Tier E avoid.

(Also case airflow matter or if you are using Downcraft air cooler)

Spoiler

 

Gpu tier list. Rtx 3000 and RX 6000 not included since not so many reviews. Tier S for Water cooling. Tier A and B for overcloking. Tier C stock and Tier D avoid.

( You can overclock Tier C just fine, but it can get very loud, that is why it is not recommended for overclocking, same with tier D)

Spoiler

 

Psu tier List. Tier A for Rtx 3000, Vega and RX 6000. Tier B For anything else. Tier C cheap/IGPU. Tier D and E avoid.

(RTX 3000/ RX 6000 Might run just fine with higher wattage tier B unit, Rtx 3070 runs fine with tier B units)

Spoiler

 

Cpu cooler tier list. Tier 1&2 for power hungry Cpus with Overclock. Tier 3&4 for overclocking Ryzen 3,5,7 or lower power Intel Cpus. Tier 5 for overclocking low end Cpus or 4/6 core Ryzen. Tier 6&7 for stock. Tier 8&9 Ryzen stock cooler performance. Do not waste your money!

Spoiler

 

Storage tier List. Tier A for Moving files/  OS. Tier B for OS/Games. Tier C for games. Tier D budget Pcs. Tier E if on sale not the worst but not good.

(With a grain of salt, I use tier C for OS myself)

Spoiler

 

Case Tier List. Work In Progress. Most Phanteks airflow series cases already done!

Ask me anything :)

Link to comment
Share on other sites

Link to post
Share on other sites

There is A LOT of misinformation circulating around and people just don't understand half of it. People need to learn how security software even works today and they'll understand. I may not agree with them selling data anyway, anonymized or not, but I know their inner workings of malware protection side and what all is required to be efficient. AVAST Software is not really standing out because ALL antivirus companies use similar methods in one or the other way. If back in the day detecting binaries and hoping users will submit you malicious samples or suspected samples, those days are long gone. These days security companies run huge data centers that hoard samples automatically, feed them to these data centers and sort them automatically, form threat models using mathematical algorithms so every sample that arrives to the data center next can easily be flagged either as CLEAN or MALICIOUS. Everything that is inconclusive gets on a separate feed that is checked by actual humans and then they analyze samples and fine tune the systems to deal with them automatically in the future. And all this data processed in data centers is then feed back to users via cloud systems that basically all antiviruses use. Back in the day you downloaded detection signatures once a day, every 6 hours, every hour etc depending on antivirus design. And those gaps in between could lead to infections and missed samples. Cloud systems compare samples you've obtained to the huge databases they have on servers and instantly give a response. If no match is found this way, your system sends the sample to data center where above mentioned automated systems probe it and instantly classify it. Verdict is sent back to the user and client side antivirus flags the sample as malicious or allows it to execute. And to have this efficient, just feeding samples is not enough. You need to know where the sample came from (was it known browser, 3rd party binary (EXE), what was the URL it came from etc), you need to know what the sample is trying to contact and what are the protocols used, similar applies to phishing sites detection. Just knowing "oh user landed on phishing webpage" is not enough. You need to know how user got to the phishing website, what website he was visiting prior, how the transfer to the phishing website happened, was it script, was it manual user click, was it from e-mail or from another webpage etc. Knowing all this helps you yet again form threat models and crack down on source instead of trying to catch up flagging phishing addresses one by one. I've been learning antimalware systems for basically 20 years and I know their inner workings. Maybe not to absolute detail and algorithms used, but detailed basics. protection these days is all about big data and protection it provides is the best we've had in 30 years of existence of antivirus or security software. Back in the past antiviruses were always playing a catch up game. Today, they can actually be ahead of the game in a lot of cases. Getting infected today is actually really hard, where back in the day, even the best antiviruses often missed a lot of things. And all this is possible thanks to cloud systems and efficient contextual detection of suspicious samples or threats.

Link to comment
Share on other sites

Link to post
Share on other sites

Avast has been bad for years and years.. and years. Even worse after they aquired AVG.

CPU: Ryzen 5800X3D | Motherboard: Gigabyte B550 Elite V2 | RAM: G.Skill Aegis 2x16gb 3200 @3600mhz | PSU: EVGA SuperNova 750 G3 | Monitor: LG 27GL850-B , Samsung C27HG70 | 
GPU: Red Devil RX 7900XT | Sound: Odac + Fiio E09K | Case: Fractal Design R6 TG Blackout |Storage: MP510 960gb and 860 Evo 500gb | Cooling: CPU: Noctua NH-D15 with one fan

FS in Denmark/EU:

Asus Dual GTX 1060 3GB. Used maximum 4 months total. Looks like new. Card never opened. Give me a price. 

Link to comment
Share on other sites

Link to post
Share on other sites

16 minutes ago, RejZoR said:

There is A LOT of misinformation circulating around (...)

There is still a difference between the activity that you describe, i.e. using anonymized  user data to optimize the protection, and SELLING said data to third parties who have absolutely no direct link to the actual protection activity.

 

Personally, I don't really think selling anonimized large scale aggregate browsing data is that big of a deal. That kind of data is akin to saying: 20% of users who saw this page clicked through to this page next. Etc. Not really a breach of privacy in my opinion.

 

In any case, Avast should disclose that they sell this kind of data. It might be in that "fine print" that you just clicked "agree" to.

Link to comment
Share on other sites

Link to post
Share on other sites

5 minutes ago, Geoff35674567 said:

Microsoft's antivirus

bruh? 

| Intel i7-3770@4.2Ghz | Asus Z77-V | Zotac 980 Ti Amp! Omega | DDR3 1800mhz 4GB x4 | 300GB Intel DC S3500 SSD | 512GB Plextor M5 Pro | 2x 1TB WD Blue HDD |
 | Enermax NAXN82+ 650W 80Plus Bronze | Fiio E07K | Grado SR80i | Cooler Master XB HAF EVO | Logitech G27 | Logitech G600 | CM Storm Quickfire TK | DualShock 4 |

Link to comment
Share on other sites

Link to post
Share on other sites

Worth noting that Avast Firefox extension was recently banned by Mozilla too.

The author of AdBlock Plus found that it tracked pretty much everything you did in your browser, far more than what's necessary for security purposes. For example it tracked when you switched tab focus too and sent that data back to Avast, possibly to track how much time you spent reading for example an article, and all this data was sent back to Avast with a unique user ID.

 

You can read about it here:

https://palant.de/2019/10/28/avast-online-security-and-avast-secure-browser-are-spying-on-you/

 

Link to comment
Share on other sites

Link to post
Share on other sites

6 minutes ago, LukeSavenije said:

how dare you offend Microsoft defender masterrace?

I mean it's like "fuck you for selling my data, i'll personally give it to them instead"
I like Defender.

5 minutes ago, LAwLz said:

Worth noting that Avast Firefox extension was recently banned by Mozilla too.

The author of AdBlock Plus found that it tracked pretty much everything you did in your browser, far more than what's necessary for security purposes. For example it tracked when you switched tab focus too and sent that data back to Avast, possibly to track how much time you spent reading for example an article, and all this data was sent back to Avast with a unique user ID.

 

You can read about it here:

https://palant.de/2019/10/28/avast-online-security-and-avast-secure-browser-are-spying-on-you/

 

No wonder i feel like deja vu.

4 minutes ago, Geoff35674567 said:

i bought shares in MS back in the 90s

Ok that make some sense.

| Intel i7-3770@4.2Ghz | Asus Z77-V | Zotac 980 Ti Amp! Omega | DDR3 1800mhz 4GB x4 | 300GB Intel DC S3500 SSD | 512GB Plextor M5 Pro | 2x 1TB WD Blue HDD |
 | Enermax NAXN82+ 650W 80Plus Bronze | Fiio E07K | Grado SR80i | Cooler Master XB HAF EVO | Logitech G27 | Logitech G600 | CM Storm Quickfire TK | DualShock 4 |

Link to comment
Share on other sites

Link to post
Share on other sites

2 hours ago, Geoff35674567 said:

Microsoft's antivirus

What data does Microsoft Defender ATP collect?

Microsoft Defender ATP will collect and store information from your configured machines in a customer dedicated and segregated tenant specific to the service for administration, tracking, and reporting purposes.

Information collected includes file data (such as file names, sizes, and hashes), process data (running processes, hashes), registry data, network connection data (host IPs and ports), and machine details (such as machine identifiers, names, and the operating system version).

Microsoft stores this data securely in Microsoft Azure and maintains it in accordance with Microsoft privacy practices and Microsoft Trust Center policies.

This data enables Microsoft Defender ATP to:

  • Proactively identify indicators of attack (IOAs) in your organization
  • Generate alerts if a possible attack was detected
  • Provide your security operations with a view into machines, files, and URLs related to threat signals from your network, enabling you to investigate and explore the presence of security threats on the network.

Microsoft does not use your data for advertising.

Is my data isolated from other customer data?

Yes, your data is isolated through access authentication and logical segregation based on customer identifier. Each customer can only access data collected from its own organization and generic data that Microsoft provides.

microsoft-defender-atp-next-generation-protection-engines[1].png

There is more that meets the eye
I see the soul that is inside

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

PiHole & UBlock Origin stop 99% of my ads. I have a custom extension to stop ads on Youtube and another for Twitch. My Google email is used only for casual stuff (I have a private email address for personal & sensitive use), I have all telemetry disabled on Windows 10 and actually mostly use Ubuntu anyway. Heck I delved ass deep into Googles settings centre to disable all forms of tracking I could on my phone. I don't give anything to anybody if I can help it.

 

Instead of targeted ads I tend to see relevant ads, for example if I go on Amazon and look at TVs then I will see ads for TVs.

Main Rig:-

Ryzen 7 3800X | Asus ROG Strix X570-F Gaming | 16GB Team Group Dark Pro 3600Mhz | Corsair MP600 1TB PCIe Gen 4 | Sapphire 5700 XT Pulse | Corsair H115i Platinum | WD Black 1TB | WD Green 4TB | EVGA SuperNOVA G3 650W | Asus TUF GT501 | Samsung C27HG70 1440p 144hz HDR FreeSync 2 | Ubuntu 20.04.2 LTS |

 

Server:-

Intel NUC running Server 2019 + Synology DSM218+ with 2 x 4TB Toshiba NAS Ready HDDs (RAID0)

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, Geoff35674567 said:

How did you think these "free" antivirus made their money? I just use pihole, clonezilla, Microsoft's antivirus, and linux for web surfing.

By selling their paid products? Reason more and more of them offer free versions is because your cloud efficiency is directly proportional to your cloud user base. The more users you have worldwide feeding into your data centers, the more protection at higher accuracy you're offering. So, those free users with limited functionality are feeding protection systems with data which are then protecting ALL users. And paid users and corporations are the ones actually paying in the end for the protection.

 

Also it's funny you mention Microsoft's antivirus in a topic like this...

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, maartendc said:

There is still a difference between the activity that you describe, i.e. using anonymized  user data to optimize the protection, and SELLING said data to third parties who have absolutely no direct link to the actual protection activity.

 

Personally, I don't really think selling anonimized large scale aggregate browsing data is that big of a deal. That kind of data is akin to saying: 20% of users who saw this page clicked through to this page next. Etc. Not really a breach of privacy in my opinion.

 

In any case, Avast should disclose that they sell this kind of data. It might be in that "fine print" that you just clicked "agree" to.

It's also not clearly defined where is avast! obtaining this info exactly. Is it only the SafePrice extension for browsers collecting this data or is it from their security extension and antivirus itself too. If it's SafePrice extension only, then it seems reasonable. It's entirely marketing based extension. If it's antivirus and the security extension, then I can see it as a problem. But we don't have exact info on that so I'm not gonna go on witch hunts based on info I don't have.

Link to comment
Share on other sites

Link to post
Share on other sites

How about AVG free?

Specs: Motherboard: Asus X470-PLUS TUF gaming (Yes I know it's poor but I wasn't informed) RAM: Corsair VENGEANCE® LPX DDR4 3200Mhz CL16-18-18-36 2x8GB

            CPU: Ryzen 9 5900X          Case: Antec P8     PSU: Corsair RM850x                        Cooler: Antec K240 with two Noctura Industrial PPC 3000 PWM

            Drives: Samsung 970 EVO plus 250GB, Micron 1100 2TB, Seagate ST4000DM000/1F2168 GPU: EVGA RTX 2080 ti Black edition

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, captain_to_fire said:

Worth noting that the text you're quoting is for "Microsoft Defender ATP", which is not the same as "Windows defender" that is built in to Windows 8 and 10.

The Windows Defender ATP is an enterprise feature.

Link to comment
Share on other sites

Link to post
Share on other sites

FYI Microsoft Defender is bad and not enough AV, for dumbass people on the internet going to random bad sites and downloading and installing malware like dumbasses its not enough.

Just last week my mother PC got infected with services.exe rootkit i couldnt get rid of it over remote control i had to reset her pc over video call instructions annoying AF.

After i installed her Bitdefender free alongside windows defender, it makes the system run like horsecrap, its mostly fine but when scanning downloads and files it makes the PC sluggish.

 

This is 100% the fault of microsoft, they did not create a proper windows APi and windows store for all apps to use, instead they have this UWP garbage that is broken by design, no one uses, and no one will pay 30% or more of their revenue to microsoft so we will continue to have people installing software from .exe downloaded from internet.

Without a store with verified signed apps and default block of any .exe and script running its impossible to ensure windows safety, any vulnerability or malware getting into your PC, once it executed any sort of script or .exe you are done for, antivirus wont help much except with cheap viruses, real viruses piss on AV.

The solution is prevention not "an army" (the AV) trying to defend my OS from getting infected and making PC super slow.

Which is why i would love to see Android promoted to Desktop/Laptop OS with Pro Apps.

Hopefully once Apple switches to arm for laptops and Huawei makes Harmony OS universal for all their devices and more, google and microsoft get forced to make a new secure lightweight OS, or at least adapt Android to desktop.

Link to comment
Share on other sites

Link to post
Share on other sites

18 minutes ago, LAwLz said:

Worth noting that the text you're quoting is for "Microsoft Defender ATP", which is not the same as "Windows defender" that is built in to Windows 8 and 10.

The Windows Defender ATP is an enterprise feature.

Can't find the one for Windows Defender for consumers. I was thinking they have the same privacy policy considering that both have the same scanning engine and they feed off the same cloud component.

There is more that meets the eye
I see the soul that is inside

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

15 minutes ago, yian88 said:

FYI Microsoft Defender is bad and not enough AV, for dumbass people on the internet going to random bad sites and downloading and installing malware like dumbasses its not enough.

Not true, Windows Defender actually ranks very highly, among the top, in independent antivirus tests.

 

https://www.av-test.org/en/

 

In any case, no antivirus is 100% foolproof, you still need to use common sense. If you click every link in every suspicious e-mail you get, for sure sooner or later you will be out of luck, antivirus or no.

Link to comment
Share on other sites

Link to post
Share on other sites

20 minutes ago, yian88 said:

-snip-

Controlled Folder Access and Windows 10 in S Mode I think. From my personal testing, Controlled Folder Access stops the execution of applications that is not trusted by Microsoft. I noticed that it blocked BitTorrent from writing to disk weeks ago.

 

Also, Windows Defender is on par with the top antivirus programs.

https://selabs.uk/download/consumers/epp/2019/jul-sep-2019-home.pdf

https://www.mrg-effitas.com/wp-content/uploads/2019/11/MRG_Effitas_2019Q3_360.pdf

https://www.av-comparatives.org/tests/real-world-protection-test-july-october-2019/

There is more that meets the eye
I see the soul that is inside

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×