Friday, 30 May 2014

Antivirus: The balance between privacy and security

I read an article the other day which showed antivirus software in a whole new light. At Makeuseof they had picked up on a report by AV-comparatives that analysed what data was being transmitted by a host of antivrus products.

I have been using a wide variety of security products over the years and this year I was so impressed with the latest free version of Avast I very nearly purchased the paid for version. I am now having second thoughts though as I have read the report linked above that, worryingly, found a number of popular products send the following information and files to the company (either encrypted or unencrypted, it is not clear):

  • The computer name
  • The Windows username
  • The local IP address
  • Information about third party applications
  • Information about running processes
  • Operating System event logs
  • A list of all visited URL's
  • The name and path of files
  • Documents that may be classified as suspicious

I don't understand why, if the product sends a unique identifier for the user and machine on which it is installed, things like Windows username and computer name are required.

I have highlighted documents in the list as this is potentially the one most troublesome. It is entirely possible your sensitive documents could end up stored somewhere in EU/Russia/Korea/USA just because your antivirus product classified it a certain way.

There is a longer list of what information is sent, but some of this information, such as version numbers and operating systems, is obviously essential for updates and so forth.


I urge you to check out the report, and also the MakeUseOf article, which both have good summaries of the findings. I mentioned Avast, which is by no means the worst, and another of my favourite free tools, Avira, seems to come out of it fairly well. I have just checked out the Avira privacy policy and it states "Avira sends suspicious programs only (executable files) to our secure German data centers. Avira does not send any personal data. Files such as pdf, doc, xls as well other personal data, like pictures and videos are not being automatically sent.".

AhnLab and Emisoft are two paid for products that won't send URL's or documents over the internet.

Making the choice between which product to use/buy should not have to be a choice that involves how much privacy you are willing to give-up, but rather how good it is at keeping you secure. At the moment though it seems to be both.

No comments: