New
#1
Trading AV for Sandboxie & OD Scanners?
In searching for a new AV over the last week I became aware that the programs we rely on to protect us from spyware, adware, and viruses are themselves collecting vast amounts of data, potentially stockpiling massive profiles. FWs and AVs can potentially log every website visited and every exe executed, for weeks, months, and years on end.
Of course as is always the case with privacy issues, the other side sites good reasons for collecting, say every URL visited. It must run each one through the cloud to make sure the site is safe. This assumes one has a Web shield of some kind enabled, but it's less clear if this data is still collected with Web shields disabled or not installed to begin with.
It's also foggy when it comes to what files are uploaded to the AV, even if one has disabled cloud features and opted out of community sharing. It doesn't seem entirely transparent that AVs or FWs are abiding by user configuration choices.
This started when I innocently came upon this article: Avast Antivirus Was Spying On You with Adware (Until This Week)
which led to clicking on related articles (and Avast's response in its forum), but more importantly to a PDF by AV comparatives org on what data the leading AVs collect... http://www.av-comparatives.org/wp-co...ng_2014_en.pdf
My concern: It is one thing to upload a file 'fingerprint' or URL for scanning to carry out the task at hand, but quite another to save that data, associate it with a unique ID directly tied to your private (or work) computer, and build an ongoing profile. The former is necessary, the latter isn't and if compiled and associated with your computer, becomes an invasion of privacy.
I have used Comodo FW for years in spite of the rep for an iffy privacy policy (unclear verbage, open to interpretation, etc). I haven't read it recently. But being reminded of that (in a different article) was enough to kick it to the curb and use the Windows FW.
I'm also not feeling good about using any real-time AV in this climate. It seems the ability to amass huge amounts of aggregate info is just too tempting for companies who have to scan your files and watch where you surf because you have asked them to perform a service that happens to lend itself to them taking it one step further. Are they though? Again, the whole thing is not transparent enough. But the long term implications and applications for such data profiles and the repercussions to the user cannot be determined or qualified. And that should give anyone pause, whether you care about the privacy aspect or not.
So I am wondering just how late am I to the bus? Am using Sandboxie with FF and keeping a few good OD scanners for when I download softw (Emsisoft Em Kit, MalwareBytes, SUPERAntiSpyware...). Will update the OD sig's as needed, get offline, run said scanners, close them, and get back online. Run a full system scan maybe monthly. Offline.
Just wondering if anyone else here has forsaken the real-time AV model for a different approach.. maybe even for other reasons... like how much faster the computer is without an AV and 3rd party FW. :)