You Entrust Your PC to Antivirus, but Do You Trust the Antivirus Company?
We might have gone all the wrong way in letting the basic concepts to be substituted and obscured, and the recent AV-Comparatives Data Transmission Report opens up the curtain to yet another dark Orwellian drama - antivirus companies. Or, should I say corporations? To think of it, what is the difference between Google, Microsoft, AVG, McAffee, Avast and Apple companies? They are structured and organized according to the same principles of profit and efficiency, where lucrative free offers are either bait for the purchase of a commercial product, or means of data mining.
For decades, we've been parroting tech gurus saying a trusted antivirus solution is the key to our cybersecurity, letting our trust to antivirus products translate into blind trust to product providers.
Recently, Symantec published its report containing some highly troubling data - an antivirus solution, as we now know it, is capable of protecting user PCs only partially, namely, can eliminate only 45% of threats; and personalized approach is the next big thing in the AV industry. In fact, Symantec is dead serious about it, saying there is no future in the antivirus product industry other than the highly personalized solutions for business clients; the company plans to focus on that.
Now, going from bad to worse, AV-Comparatives report suggests our antivirus programs and suites collect and upload to the company's servers all sorts of very interesting things. We strongly suggest you take a look at the report yourself, as well as read that User Agreement to your antivirus, EULA, already.
Here is an interesting insight into your antivirus program. If you are running Avast, AVG, AVIRA, Bitdefender, BullGuard, eScan, ESET, Fortinet, F-Secure, G DATA, Kaspersky Lab, McAfee, Microsoft, Panda, Sophos, Symantec, Trend Micro, Vipre, and Webroot antivirus product, odds are you didn't bother to read EULA before you paid for the license, or before you clicked on 'I have read and agreed.' Too bad because you might discover your AV program does these things quietly in the background (I'd say behind your back):
- Assign your computer a unique ID to identify you in the user database
- Upload your browsing history to the company servers
- Upload ANY file or document to the company servers, even if it's not executable
- Transmit your computer's name, IP, system language, installed and uninstalled programs, running processes, Windows user name to the company servers
AV-Comparatives conducted the research in three crucial steps by actually reading EULA of each AV product studied; running the AV products in a virtual machine to identify what these products are sending to their companies; and asking the AV companies to fill out the questionnaires and explain what their products transmit. The major focus was on the first two stages, since the companies' answers in the questionnaires often contradicted what the antivirus products did.
The results are more than disappointing. Only eScan and Fortinet do not assign your machine a unique ID in their system; only Emsisoft, Vipre and AhnLab don’t transmit your browsing history to their servers.
While half of the companies admit transmitting documents and non-exe files, the other half won't answer that question, so the answer is a silent 'yes.' Even though some products have an opt-out option, AVG, Webroot, McAffee and Trend Micro don't leave you a choice.
AhnLab and Emsisoft look relatively clean, with all our favorite AVs looking suspicious at best.
Antivirus companies need to collect malicious files and web links to analyze them and create signatures, but they surely don't need our geo-location and computer's name to do that, or do they? Some companies swear the data is being uploaded to different servers, so they never know which ID belongs to which browsing history, or a private document.
But wait, there is more bad news - all that data is siphoned out of your machine unencrypted, so anyone on your local network, or a hacker, can get access to that golden pot of your private documents and systems stats.
Why would large tech corporations be interested in your personal data, you ask? For one, to sell you something. Knowing your IP, location, browsing history, private documentation, a company knows how and what to sell to you, or can provide this data to a third-party 'partner', or to NSA for a change. Unintentionally, of course.
Isn't it ironic users install antivirus products to protect themselves from the hackers, but who is to protect users from the companies they rely on for protection?
Images source: AVG