Trading AV for Sandboxie & OD Scanners?


  1. Posts : 373
    Win 7 Ultimate 64-bit
       #1

    Trading AV for Sandboxie & OD Scanners?


    In searching for a new AV over the last week I became aware that the programs we rely on to protect us from spyware, adware, and viruses are themselves collecting vast amounts of data, potentially stockpiling massive profiles. FWs and AVs can potentially log every website visited and every exe executed, for weeks, months, and years on end.

    Of course as is always the case with privacy issues, the other side sites good reasons for collecting, say every URL visited. It must run each one through the cloud to make sure the site is safe. This assumes one has a Web shield of some kind enabled, but it's less clear if this data is still collected with Web shields disabled or not installed to begin with.

    It's also foggy when it comes to what files are uploaded to the AV, even if one has disabled cloud features and opted out of community sharing. It doesn't seem entirely transparent that AVs or FWs are abiding by user configuration choices.

    This started when I innocently came upon this article: Avast Antivirus Was Spying On You with Adware (Until This Week)

    which led to clicking on related articles (and Avast's response in its forum), but more importantly to a PDF by AV comparatives org on what data the leading AVs collect... http://www.av-comparatives.org/wp-co...ng_2014_en.pdf

    My concern: It is one thing to upload a file 'fingerprint' or URL for scanning to carry out the task at hand, but quite another to save that data, associate it with a unique ID directly tied to your private (or work) computer, and build an ongoing profile. The former is necessary, the latter isn't and if compiled and associated with your computer, becomes an invasion of privacy.

    I have used Comodo FW for years in spite of the rep for an iffy privacy policy (unclear verbage, open to interpretation, etc). I haven't read it recently. But being reminded of that (in a different article) was enough to kick it to the curb and use the Windows FW.

    I'm also not feeling good about using any real-time AV in this climate. It seems the ability to amass huge amounts of aggregate info is just too tempting for companies who have to scan your files and watch where you surf because you have asked them to perform a service that happens to lend itself to them taking it one step further. Are they though? Again, the whole thing is not transparent enough. But the long term implications and applications for such data profiles and the repercussions to the user cannot be determined or qualified. And that should give anyone pause, whether you care about the privacy aspect or not.

    So I am wondering just how late am I to the bus? Am using Sandboxie with FF and keeping a few good OD scanners for when I download softw (Emsisoft Em Kit, MalwareBytes, SUPERAntiSpyware...). Will update the OD sig's as needed, get offline, run said scanners, close them, and get back online. Run a full system scan maybe monthly. Offline.

    Just wondering if anyone else here has forsaken the real-time AV model for a different approach.. maybe even for other reasons... like how much faster the computer is without an AV and 3rd party FW. :)
      My Computer


  2. whs
    Posts : 26,210
    Vista, Windows7, Mint Mate, Zorin, Windows 8
       #2

    I do all my web access with a virtual Linux system. That's the first thing I fire up in the morning. Linux is not targetted by malware and people who have used Linux without any AV program for many years have never had any malware problem.

    If I download something for the host system, I first run it thru Virus Total in Linux before I move it to the host system. Then I know what I am up to.
      My Computer


  3. Posts : 373
    Win 7 Ultimate 64-bit
    Thread Starter
       #3

    Hey whs, thanks for that interesting option. I am not proficient in the least with Linux but I did create a few live drives in the past to try out distros and they have actually come in handy here and there for other things. Have also installed Ubuntu on a laptop for a family member in the past and worked minimally with it. Am not interested in a dual boot but running a virtual Linux system is an intriguing option.

    Have never run virtualware... mind telling me what VM tools/program you use? I'll Google for a tutorial...

    Many thanks!

    Edit: Just read the privacy policy for Virus Total... for my purposes I prefer an offline scanner to avoid the kind of data gathering they do, but to each his own! One could certainly install an OD AV in Linux if desired... :)
      My Computer


  4. whs
    Posts : 26,210
    Vista, Windows7, Mint Mate, Zorin, Windows 8
       #4

    Here are a few tutorials I made regarding a virtual Linux:

    1. Mint Mate in Virtual - it gives you all the information you need to install it in the free VMware Player. There are also a few links for setting it up.

    2. A canned Mint Mate - this is a setup Mint that I uploaded. You only have to download it and open it with VMware Player. A video I made explains how to do all that.

    3. A Mint Mate Demo - this should give you an idea how Mint Mate looks when it's setup (e.g. the 'canned version' above. This video was made from one of my installations on a flash drive, but a virtual Mint would look the same. The only function you cannot easily do with a virtual Mint is to rescue data from another system.

    If you have questions, post back.

    PS - the privacy thing with Virus Total does not bother me. All I check is downloaded stuff.
      My Computer


  5. Posts : 373
    Win 7 Ultimate 64-bit
    Thread Starter
       #5

    Appreciate it, whs! No need for rescuing data from another OS... live drives are great for that in those instances a whoopsie is done w/o a prior BU image. :)
      My Computer


  6. Posts : 373
    Win 7 Ultimate 64-bit
    Thread Starter
       #6

    Nice tutorial, whs. (LOL at putting Linux in the Music folder b/c there weren't any other folders there!) :-D Mint looks real nice... I like it better than Ubuntu. Great job on walking people through the experience and pointing out tips and highlights. Can really get a feel for how it operates.

    BTW that's some system you have there with ... how many processors!? (I'm on a 7yr old laptop with an AMD 1.9gHz dual core and 4GB RAM.) Still plenty to drive Linux of course. :) But must be nice to hit that chevron for the processors field and see a huge drop-down!
      My Computer


  7. whs
    Posts : 26,210
    Vista, Windows7, Mint Mate, Zorin, Windows 8
       #7

    It is a standard Dell XPS system with an i7 CPU.
      My Computer


  8. Posts : 1,049
    Windows 7 Pro 32
       #8

    Without an AV I especially recommend reading this: Best protection against malware?

    One user that comes to mind who hasn't been using an AV for a long time is @Berkey. In the above thread you'll find his signature with the other protection layers.
      My Computer


  9. Posts : 373
    Win 7 Ultimate 64-bit
    Thread Starter
       #9

    Tookeri said:
    Without an AV I especially recommend reading this: Best protection against malware?

    One user that comes to mind who hasn't been using an AV for a long time is @Berkey. In the above thread you'll find his signature with the other protection layers.
    Wonderful! This is just the kind of approach I'm looking for... local measures that protect! Many thanks!
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 10:31.
Find Us