AVG Proudly Announces It Will Sell Your Browsing History To Online Advertisers

An anonymous reader writes: AVG, the Czech antivirus company, has announced a new privacy policy in which it boldly and openly admits it will collect user details and sell them to online advertisers for the purpose of continuing to fund its freemium-based products. This new privacy policy is slated to come into effect starting October 15. The policy says: We collect non-personal data to make money from our free offerings so we can keep them free, including: Advertising ID associated with your device; Browsing and search history, including meta data; Internet service provider or mobile network you use to connect to our products, and Information regarding other applications you may have on your device and how they are used.

Epic Fail?

[ToxicBanjo]

Haven't used any of their products but it sounds to me that in this age of data breaches and privacy dwindling that people are not going to take kindly to this move. I think they'll see a huge drop-off in the use of their services.

Re:Epic Fail?

Did Target and Home Depot lose lots of customers? Yeah, didn't think so.

Re:Epic Fail?

[ToxicBanjo]

Did Target and Home Depot lose lots of customers? Yeah, didn't think so.

Completely different situation. AVG is saying they will include your browser history and searches, so on. For your analogy to be comparable it would have to be Target and Home Depot following people around who leave the store to see where else they shop, what they buy, and what they look for in catalogues/flyers. And then sell that to 3rd parties.

Re:Epic Fail?

I'm willing to bet a big chunk of AVGs users consists of parents/family of people who installed it for them way back when they were one of the go-to solutions and those people don't know or care that they even have options.

Re:Epic Fail?

So you think a massive data breach of credit and debit card information wouldn't cause people to stop shopping with a company but their browser history is going to be the tipping point? lolwut?

Re:Epic Fail?

[Lunix+Nutcase]

Doubtful. Most of their customers aren't likely even going to be aware of the change in the first place.

Re:Epic Fail?

Problem will be the computer guys, who will make sure to tell all their customers that data is being sold.

Re:Epic Fail?

Why would they? They are perfectly open and honest about it, which is more than you can say about f.ex. their American counter-parts.

Re:Epic Fail?

[kheldan]

You're right; my first reaction to reading this was "Hmm, I don't use AVG right now, but I'm sure as hell not going to use it in the future, or recommend it to anyone for any reason". What they're doing is, in my opinion, not appropriate for an antivirus/antimalware producer to be doing, since they're operating like malware. What they should be doing, is to start charging for their software, if they're short of money. Let the market decide whether or not their product is good enough to pay for. If it's not then they'll just have to improve it. If they can't then they die off, simple as that. If it's a matter of marketing, then get someone with better marketing game to get a better market share for their product. But otherwise, 'epic fail'? Hell yes it is!

Re:Epic Fail?

[Desler]

Poor guy. He had to leave with his golden parachute. *crocodile tears*

Re:Epic Fail?

[Desler]

And based on what evidence do you claim that most people are using AVG because of some mythical "computer guy" versus just downloading it themselves because some random website recommended it or it was simply preloaded by the OEM of their computer?

Re:Epic Fail?

[BitZtream]

Which is ironic considering they'll continue on using all the services that hide or lie about the fact that they do this very thing.

NOTHING is free. The laws of physics simply don't work that way, and they do apply to people and behavior as well. People will move on to another product ... which is selling their information due to a clause that sounds completely benign in paragraph 12 of page 43 of the EULA.

*sigh*

People will cut off their nose to spite their face at the drop of a hat.

Re:Epic Fail?

Didn't exactly happen with Microsoft and Windows 10. How is that different?

Re:Epic Fail?

[JMJimmy]

Luckily AVG's decline started long ago and many of those people switched their parents/families to avast!

Re:Epic Fail?

[wardrich86]

Who will probably be next to pull this stunt. It already bothers me when it gives me pop-up "warnings" about some of the sites I visit. Like keeping anonymous and crap.

Re: Epic Fail?

Different AC here, but your narrative is one of not being able to do anything about corporate greed and overreach. Usually people like you are out there trying to blunt boycotts and other actions before they start, saying it's hopeless, won't work, etc. If you're not a paid shill you're missing out on an income opportunity.

Now, reality check. The people who lost the most due to Home Depot's and Target's abect stupidity were those companies and the credit card companies that had to reissue countless cards. I had mine done, and because I did, I suffered no damage from those incidents. The banks of course did, and they didn't and won't forget that. It would be nice if people in general had long memories of corporate wrongs as well.

One can't repair privacy the same way, once it's damaged, and so AVG products, even paid ones, will have no place in my universe from now on.

For those who hold up Windows 10 as an example, Microsoft gave themselves a huge black eye over that one, and their adoption numbers are largely the result of what's essentially a forced upgrade via a multi-nagware campaign.

The real issue with Microsoft, AVG, and also the usual social media suspects, is that since most people in the US are working multiple jobs trying to survive while praying a medical problem doesn't bankrupt them, they simply don't know. It's not like the corporate owned mass media goes out out its way to talk about real issues or anything.

Given proper information people can be surprisingly rational, which is why we have these massive well funded campaigns to make sure people are not properly informed. That's one problem. Another is the too big to fail issue. That Target and these other companies had enough resources to survive their incompetence is actually a problem all by itself.

Re:Epic Fail?

[Desler]

You claimed that a mythical "computer guy" was gonna tell AVG's users about this. But I don't see any evidence that most people use AVG because of a "computer guy" versus it just being preloaded by an OEM.

Re:Epic Fail?

[Type44Q]

This is especially true, considering their savvy customers switched to other AV programs over a decade ago (for me, it was when I caught Blaster on an Winblows system running fully-updated AVG)...

Re:Epic Fail?

[Hoban+Washburne]

Indeed, big slap in the face for folks who use both the free and paid-for product. Personally, I gave it up years ago in favor of avast-free on the few windows workstations I have in the family (gaming for me and the kids).

Re:Epic Fail?

[lgw]

You promoted his "some users" to your "most users", and then argued it wouldn't be "most", but he never made that claim.

I think the news will get to enough users to cause a problem, over time. Most low-information PC users turn to someone technical for help eventually. I have no idea how many of those "knows computers" people are /. readers, or will otherwise have heard of this, but I'd bet it was a significant percentage. However, that will be spread over years, and ther may not be enough of a immediate backlash for AVG to back down - I expect there won't be.

Re:Epic Fail?

[mjm1231]

People will forgive your mistakes. What you do intentionally is another matter.

Re: Epic Fail?

I'm not the AC you responded to, but I had fraudulent charges on my bank account because of this. It took 10 minutes at the bank to get a new card and all transactions were canceled within a day without my interaction.

Re:Epic Fail?

[whoever57]

For your analogy to be comparable it would have to be Target and Home Depot following people around who leave the store to see where else they shop, what they buy, and what they look for in catalogues/flyers. And then sell that to 3rd parties.

Or just getting their customers to sign up for "a loyalty card", which supermarkets seem to be very successful at.

Re:Epic Fail?

[Baloroth]

Easy enough to get around that with avast, just enable silent mode. I've been running with that on constantly for years.

Re:Epic Fail?

[garbut]

A breach is very different from a policy.

Re:Epic Fail?

This is true however they DID lose a lot of customers. I was looking to invest in said companies during/after that databreach. They both had a noticeable set of customers not going back.

Re:Epic Fail?

[Maxo-Texas]

Well, it's a fairly effective anti-virus for free.

If it cuts the number of free users without cutting their paying user base, then it's no loss to them.

However, I keep up on the most effective anti-virus and no longer use them as they were not in the top group last year.

Here's a current comparison for 2015.

http://www.pcmag.com/article2/...

It focuses on paid but the free version quality is analogous.

AVG rates 3.5 stars. Not something I'd care to use.

I use a combination of malwarebytes and avast on my different machines currently.

I'm fairly unlikely to pay for anti-virus.

Because of the Windows 10 set up, my next computer will probably be a Linux machine. I've been noodling around the edges for about 8 years (including running a knoppix boot disk and going to a software stack that runs on linux and windows).

Re: Epic Fail?

[NapalmV]

I missed the part where Home Depot and Target announced that they will knowingly and intentionally selling your credit card numbers to hackers. If they had such notice posted by the cash register, would people still swipe?

Re:Epic Fail?

[hairyfeet]

I quit giving it to customers a couple years ago when it became REALLY bloated. If you need a free AV I'd recommend Comodo or Avast Home, Comodo for those that want more control and more features (as it comes with vm desktop mode for secure browsing,an option to use their DNS for phishing site blocking, and the option to always run your browser in a VM) and Avast for those that just want an AV without the extras. Both are really good at stopping malware cold (in fact Comodo was one of the only free AVs that stopped the government sponsored malware that was in the news recently) and don't slow down the system like AVG did.

As for TFA? Its getting to the point where active measures are gonna have to be taken against the products we use as OOTB they are little better than spyware. We have 2 of the 3 major OSes spying on their users (and I have no doubt Apple will step theirs up with the iWatch tanking and iPad sales dropping) and now even AVs are being used as trojan horses to snatch your info. It must be a great time to work for the TLAs, after all these corps don't have to worry about any of those pesky domestic spying laws or warrants or any other minor inconveniences, just show up at MSFT or Google or AVG and get all the info you want on the user at a one stop shop, heck I bet they even provide coffee and donuts while they wait.

Re:Epic Fail?

[rtb61]

There are various version of free. In this case you would think by now, government would be producing digital policemen and providing them free because the cost of that is less the the cost of the losses to the community. So a decision to provide free security software from government sources, saves the community money and saves them much more than the cost of producing that software so that net gain is completely free (fuck lost corporate profits).

Re:Epic Fail?

[tlhIngan]

And based on what evidence do you claim that most people are using AVG because of some mythical "computer guy" versus just downloading it themselves because some random website recommended it or it was simply preloaded by the OEM of their computer?

Preloaded AV is almost always McAfee or Symantec - these companies pay the OEM lots of $$$ in order to preload 30-day, 6 month or even 1 year trial subscriptions onto new PCs. OEMs love it because it subsidizes the price of the PC (which is why Windows PCs cost less - the Windows license is paid for by the preloaded trialware), and the less clueful customers love it because their PC comes with "useful" software out of the box.

The "computer guy" in this situation is usually the store flunky - said user comes in and wants to see if there's a cheaper way to get his AV, because it's alerting them the subscription is almost over and either renew online or buy a new copy. Store flunky points to the racks of AV software, and picks out AVG as "better than what you have".

Alternative is person asks someone else and gets AVG as "it's good, and it's FREE - you don't have to pay for it".

Re:Epic Fail?

[davester666]

The ONLY thing different between AVG's policy and Microsoft's is that AVG explicitly tells you what they are doing. A lot of companies are doing this, but they just couch it in vague terms like "data" or "information".

Re:Epic Fail?

[MikeLip]

No, they aren't. They are telling you what they are doing. Anyway, who in this world thinks ANYONE gives away software? It's getting paid for somewhere. The problem is the cheap buggers who think a few bucks if a horrible thing, and that all software should be free because they are an entitled jerk. So AVG comes up with a way to monetize their product which, after all, THEY paid to produce. Newsflash; Coders like to eat too. Some even support families. They tell you upfront they are doing it. Don't like it? Use something else and pay for it.

Re:Epic Fail?

[Maxo-Texas]

No preference. Haven't had a virus in years (Since I was on the Amiga computer and "Something wonderful is happening... your computer has become alive.")

Re:Epic Fail?

[camperdave]

Ah! but that's opt-in.

Re:Epic Fail?

[kheldan]

Uh... I think you responded to my comment when you thought you were responding to someone else, because I can't make heads or tails out of what you said in the context of what I said; I'm saying that it's irrelevant whether they're telling you they're going to collect and sell data about their users, they shouldn't be doing it at all, and if they need money then they should just start charging for their software instead. Don't know about whoever it was you intended to respond to, but I don't cry when something I was getting for 'free' isn't free anymore, beyond a literal 5 seconds of thinking 'aw, that sucks!', after which I move on. To reinterate my position on their choice of action: I think it's inappropriate for them to be even collecting data on their users, let alone selling that data, as an antivirus/antimalware company. It's like a pharmacy selling cigarettes (sorry, best analogy I can come up with at 6:35am on a Sunday morning; {insert better analogy here}).

Re: Epic Fail?

[philmmaker]

Of course the bank has no problems cancelling these fraudulent transactions doesn't the FDIC pay for it?! And by the FDIC I mean WE the tax payers. What's priceless is that the banks and retailers get to look like benevolent custodians of our financial security, struggling against a chaotic storm of nefarious hackers!!!

Re:Epic Fail?

[yuhong]

Win10's privacy policy may be a bit vague but it didn't explicitly state that they would be selling browser history or other sensitive data like AVG does.

Re: Epic Fail?

[yuhong]

Given to anti-piracy groups?

Re:Epic Fail?

[mscir]

Panda has been working great for me, updates faster than Avast too.

Re:Epic Fail?

[aybiss]

Then I disagree. What did you think they were giving you free AV for before this announcement? Fun?

Re: Epic Fail?

[david_thornley]

No, credit cards have about as much to do with FDIC as hedgehogs do. Nor is FDIC a simply taxpayer bailout, since banks pay into it. Presumably, in a massive bank failure, it could become a taxpayer bailout, but that again has nothing to do with credit cards.

My legal protections with a credit card are that I'm liable for $50 in fraudulent charges if I notify the issuer reasonably promptly. In fact, all credit card issuers I'm familiar with in the US waive that $50. That's their decision, not the government's. Somebody is going to eat those fraudulent charges, normally the merchant, but in no case would the card holder or taxpayers be on the hook.

Re:Epic Fail?

[wardrich86]

It stops the pop-ups, but the fact that the AV is paying that close attention to the sites that I visit... I have no idea if it's selling any of this information.

Re:Epic Fail?

[Cinnamon+Beige]

For your analogy to be comparable it would have to be Target and Home Depot following people around who leave the store to see where else they shop, what they buy, and what they look for in catalogues/flyers. And then sell that to 3rd parties.

Or just getting their customers to sign up for "a loyalty card", which supermarkets seem to be very successful at.

Almost none of those are much use outside of the store--and given that nearly every single one in my area does tailored coupons, if they were that good at stalking customers I'd not be getting coupons for peanut butter and pork. That, or they want me dead.

Best alternative?

[sproketboy]

What's the best alternative right now for windows?

Re: Best alternative?

[snowsnoot]

How about not even using one. Most of them suck anyway, they don't catch the clever malware and they hog resources and slow down your PC. Just be smart on the web, rely on the Windows built-in tools and you don't need one I find.

Re:Best alternative?

Eset Nod32.

You have to pay for it, but it's worth it.

Re:Best alternative?

Microsoft Security Essentials. Back it up with Spybot Seach and Destroy or Malwarebytes MBAM or both.

Try not to download stuff from shady sites. If you're really concerned with something run it through Jotti or Virustotal or VirSCAN.org.

Re: Best alternative?

[Opportunist]

I dare say that's like saying "I don't need no safety belt, I know how to drive a car".

Yes. Problem is, you're not the only one driving. Neither are you the only one making connections in your machine. And I'm not even talking about some kids you may or may not have which seem to be a magnet for all kinds of malware.

There are far too many programs on your computer that open up connections that can be (and are) abused as attack vectors. You open a PDF (a benign one, not one sent by "lawyer" telling you about that unpaid ebay bill) and your PDF-reader starts making connections. You open up a game selling platform and it opens up a browser that connects to its maker or the maker of the game you plan to buy (or just look at). And we're not even touching browsers, online ads and them being one of the key contemporary attack vectors.

And no, Windows tools don't cut it. Why? Because EVERY malware HAS to circumvent them Because they are installed on EVERY Windows machine. No way around it. Malware has to be tested against them (and yes, it is) and has to be undetectable by everything every user has by default installed. Because, well, why bother launching a virus that is detected BY DEFAULT?

And no, malware doesn't need admin privileges anymore to cause damage. Just ask anyone who has been subjected to cryptolocker and its various variants. The current batch of banking trojans also doesn't need any elevated privileges to cause troubles. All it takes is a certificate and some creative rerouting of your traffic...

Re:Best alternative?

[Opportunist]

Wait, I'm confused, he said it's for Windows? What's his problem with crashes?

Re:Best alternative?

[tompaulco]

I didn't like Eset. We had it on our corporate systems and it was a resource hog. We had to take our laptops home so that we could work 24 hours a day for the company for no extra pay, and I left it on all night at home, but it would not run the full scan overnight. Instead, it would run it as soon as you got back in to work, and would churn on the hard drive for about an hour.I'm sure this was partly the corporate setup.
I'm neither with that company, nor Eset anymore.

Re:Best alternative?

[Desler]

Try not to download stuff from shady sites. If you're really concerned with something run it through Jotti or Virustotal or VirSCAN.org.

Ignoring the fact that lots of malware doesn't come from "shady sites" and in fact comes from ad networks serving malware, most of the time unintentionally, on legitimate sites that show the ads.

Re:Best alternative?

[campuscodi]

Bitdefender

Re:Best alternative?

I've never stopped using Avira, no problem with that.

I'm using Comodo as a Firewall and for execution protection, but they have an Antivirus, too. From what I hear, it's pretty good.
It's sort of complicated to get into if you want complete control over everything, but it's very extensive.

Re:Best alternative?

[CronoCloud]

If the Ubuntu privacy thing bothers you there's always:

sudo apt-get remove unity-lens-shopping

There are also plenty of other distros. I personally recommend XFCE spins of Fedora/RHEL/CentOS.

Re: Best alternative?

That depends. If people use their computers for creative endeavours then Linux is not an option.

It might be ok for hobbyists, though.

Re:Best alternative?

[Jarik+C-Bol]

Bitdefender is scamware, or at least it was last time I messed with it. "Free AV" then a month later "Pay 30$ to unlock your free AV!"

Re: Best alternative?

[Xenx]

I'm having trouble determining if sarcastic, an idiot, or a troll. You try to reinforce your negative opinion of AV software, by stating you use AV software.

Re:Best alternative?

[bigfinger76]

Shill script needs updating.

Re:Best alternative?

[hudsucker]

You need to download the free product.

Bitdefender.com > Home Users > Toolbox > Free Antivirus leads to Bitdefender Antivirus Free Edition.

Re:Best alternative?

[andymadigan]

Windows Defender. No, seriously. I haven't seen any issues over 2 years, even with multiple non-technical users. It works, stays out of the way, doesn't slow the machine down, doesn't demand money or personal information.

Re:Best alternative?

[sproketboy]

Thanks. Finally a serious answer. ;)

Re:Best alternative?

[wbr1]

Bitdefender free

Re:Best alternative?

[Ja'Achan]

If that link redirects to the localized homepage (like it does for me) try the 'platform' icon link on this page

Re: Best alternative?

[fafalone]

You seem to think that the extremely rare malware to make it through on such a vector would then be stopped by AV. Unlikely. If you're well versed in security practices and diligent in following them, especially blocking ads and properly configuring your firewall, AVs are of no benefit and just waste resources.

Re: Best alternative?

[camperdave]

Ah! I see. Use the built in browser to download and install linux, and then be malware free. Clever.

Re:Best alternative?

[Cro+Magnon]

Compared to Windows 10, complaining about Ubuntu's privacy is like an elephant calling a cow big.

Re: Best alternative?

[david_thornley]

I write bad fiction* using multiple windows with vim, myself. This works great on Linux, and it is a creative endeavor. I think you lack imagination.

*Most people go through a period of writing bad fiction before they write good fiction. My bad fiction period is several decades and still going. I'd like to write good fiction sometime, but as long as I'm having fun, who cares?

Re:"you are the product" is for Cows

[Irate+Engineer]

You are all products. Products get SOLD! SOLD! products SOLD! YOU PRODUCTS!!!

Mooo!

My reaction

[satch89450]

sudo vi /etc/hosts
i
127.0.0.1 avg.com
:wq

Problem solved. Can't sell what you don't have.

Re:My reaction

[Opportunist]

Getting updates for the AV suite might be a wee bit complicated now, though...

Re:My reaction

[thegarbz]

You think he's worried about updates to AVG when his OS requires the use of commands such as "sudo" and the program "vi"?

Reminds me of JetBrains and Mozilla!

This reminds me of what has happened with JetBrains, a Czech company who makes popular programming tools.

They recently announced some significant licensing changes that involved a subscription model. As any sane person would expect, the customers absolutely hated this decision. The uproar was significant, with an extreme level of dissent. Paying customers, many of them who had been customers for years and years, explained that they will move away from JetBrains' products immediately.

Given the extreme degree of public outrage regarding these completely unwanted licensing changes, JetBrains said they'd listen to the customer feedback.

In the end, JetBrains backpeddled somewhat and adjusted the licensing options. However, many customers are still unhappy, and severe damage has already been done. Lots of long time JetBrains customers are now suffering from the dreaded FUD: fear, uncertainty, and doubt. Because of this, many are still considering moving to alternate tools.

All it takes is one single change like this, doing something that the customers do not want, and everything goes to hell. Previously loved companies can become distrusted outcasts.

Mozilla could be considered an extreme case of this. Once considered among the most respected and beloved organizations, years of unwanted changes to Firefox have driven away many of Firefox's users (Firefox's market share across all platforms is likely in the single digits now). Users just don't like being treated poorly, especially if there are alternatives! Firefox's users got fed up with the constant and awful UI changes, so they moved to Chrome. Now Mozilla is facing irrelevancy, as they end up with fewer and fewer people using their software. It's a real shame, but that's what happens when you shit all over your users and customers!

Re:Reminds me of JetBrains and Mozilla!

[gweihir]

Full agree on Firefox. I mean, how stupid can you be? This must be at the very top of the stupidity ever displayed by a popular FOSS project. Well, there is Gnome, of course.

Re:Reminds me of JetBrains and Mozilla!

[Hognoxious]

In the end, JetBrains backpeddled

You mean they issued an RMA?

Re:Reminds me of JetBrains and Mozilla!

[Cinnamon+Beige]

[...]

However, Chrome's performance is also far better than Firefox's, for real world browsing.

So if you use Firefox, you get a shitty UI, and shitty performance.

If you use Chrome, you get a shitty UI, but good performance.

[...]

I usually have a resource monitor running in the background, especially when I'm browsing. I have both Firefox and Chrome, too, and I can and will have lots of tabs open since I've often been flipping between many, many pages as I'm working, especially if I'm doing research for a paper--as a result, stability and resource management are pretty major, as well as crash recovery and performance under heavy use. This probably works decently well as a heavy-duty test for real-world browsing, too, unless you really don't do much except watch cat videos.

Firefox is the only one that can actually handle it--I've got nearly a thousand tabs open though many are not loaded, and it's not even lagging. Chrome becomes practically unusable at about 20-25 tabs loaded, well below where Firefox starts misbehaving, and if it crashes I'm going to have to fight it in order to get back most of those tabs as session restore is not a feature it has natively & the extension I did find is vastly disappointing as it isn't automatic and doesn't allow selective restoration.

I keep Chrome around mostly because certain sites perform and behave better on it, and those sites are either Google-owned or, well, possessed by buggy scripts I have to allow to run to use the site. Since one crashed tab won't take all of Chrome down with it--which on the flip side is why it sucks up resources like a pig if you need a lot of tabs--it's not so bad with crashy sites. (That said, the overlap between 'sites owned by Google' and 'sites with essential but buggy scripts' is...interesting.)

I do agree on how bad Firefox's UI is, but honestly it still behaves better than Chrome does when you need lots of tabs, even with how much of a pain it can be to click between tabs sometimes since they thought the curved profiles were utterly essential. Would it have really been too much for them to let that be a skinning option, if they thought the reason why people were picking up Chrome was because it looks 'pretty'?

Bottom line is, even with its unwieldy UI and memory leaks, Firefox does what I need a browser to do--and Chrome just can't.

(That said, it is quite good if what you want to do is watch cat videos and play with Facebook, and switching browsers seems to break some of the tracking. That, or the ad servers have gotten very confused over what I've been reading...)

They made the disclosure

[onepoint]

At least they made the disclosure, which is a step in the correct direction for a consumer to make a choice.
while I might not like it, it's correct.

Re:They made the disclosure

[BitZtream]

Exactly.

You know what they are going to do, there is no confusion, you can simply choose not to use their product or pay in a different way for a version that doesn't sell your info.

You can make an informed choice, which makes it fair, and imo, acceptable to do so.

Re:They made the disclosure

[Desler]

Except their policy states:

Unless the specific product states otherwise, all AVG products and services are included under this Privacy Policy.

So there's no reason to believe that their pay products aren't doing the same thing. The only choice is to stop using all their products.

Re:They made the disclosure

[janoc]

They have been at this for a while. AVG was autoinstalling extensions into all Windows browsers that automatically redirect your browsing through an AVG proxy (supposedly to keep you safe from viruses, ehm) for a long time. So this was only a matter of time.

BTW, AVG is not really a Czech company anymore. They have moved to the US and in the Czech republic is only their R&D centre now (Czech programmers cost 1/10th of what an US one would).

Re:They made the disclosure

[ultranova]

At least they made the disclosure,

Did they actually make the disclosure, or was it buried somewhere in a 50-page legalese boilerplate document that exists precisely to hide anything important?

Because there's lying, lying by omission, and lying by drowning someone in so much irrelevant detail important things go unnoticed. All are forms of intentional deception, and none should be excused.

Re:They made the disclosure

[lurker412]

They sent me a heads up email with a link to the new policy. So they're being up front about it. That said, I don't care for it. I've used their free version for probably close to 10 years, but I'll be looking for a replacement soon. Avast? Microsoft Essentials? Dunno. In all that time, I think AVG gave me one false positive and once it failed to warn me of something that I could immediately see was suspicious. Not a single true positive, IIRC. My sense is that the threats these days are much more sophisticated than the AV software supposedly keeping us safe. AV software has become like the life vests under the seat in airplanes. There's a remote chance that it will save you some day, but that's about it. Safe practices in browsing and email are probably orders of magnitude more important.

See the positive side

[Opportunist]

At least you get something in return, you get an antivirus product free of charge.

With some competitors, you pay for the privilege to have your privacy sold off.

Re:See the positive side

[Desler]

Execpt they have pay products and their privacy policy explicitly says:

Unless the specific product states otherwise, all AVG products and services are included under this Privacy Policy.

So unless you have evidence otherwise, their paying customers are paying for the priviledge to have their privacy sold.

Re:See the positive side

[Intron]

My definition of "free of charge" does not include frequent pop-ups telling me to pay for an upgrade to be really protected. I tried Avast and AVG and ended up getting a non-intrusive alternative.

Re:See the positive side

Avast has a "Silent/gaming mode" toggle which persists through reboots. It makes Avast 100% non-intrusive.

Re:See the positive side

[Opportunist]

Probably to avoid the usual fallout of being mocked for using $product which has $flaws and $speculation_about_privacy_invasion.

Insert the values of your choice for the variables. It's all valid.

AVG is dreadful

[JustAnotherOldGuy]

In my experience AVG is dreadful and only somewhat effective.

I used it for years when it was good, and then it started to want to do updates that never "took"...so it would try to do the update again, and again, and again. Sometimes it would start but not run or it would error out. Then it started displaying nag screens with ads for the "Pro" version.

I dumped it and moved to Comodo which seems less needy and doesn't pester me with ads.

Ask and you shall receive.

[Deathlizard]

So. More ask Toolbar disguised as AVG Secure search...

Similar to

[tompaulco]

This is similar to a company selling both radar detectors to the public and radar systems to the police.
I stopped using AVG in favor of Avast probably 5 or 6 years ago, maybe longer now, I can't remember. The thing with AV is that you have to keep changing companies every 4 or 5 years because the awesome one goes from being free and relatively resource unintensive to being not free, a resource hog, and sometimes, as in the case of AVG, even sells your information to the people who are the source of most of the viruses.

The cycle of a product

[Dan+East]

It's interesting watching so many software products (and OSes, etc) go through the same cycle. A new player comes on the scene and innovates or simply does things better than the competitors, they become popular and get a decent install base, they stagnate and / or bloat, their usefulness and effectiveness drops, and then often times they turn Evil as a last ditch effort is made to monetize what is left of their users.

I really liked AVG at one time. For me it was the free go-to antivirus product, and it really did a better job removing the malware of the day when it was at its peak (oh, around 8-10 years ago).

The good point about it

[Blaskowicz]

It will not long so long, because the AVG software will flag it and it will delete itself.

Alternatives to AVG

[BringMyShuttle]

A timely PC MAG review rating many free anti-virus programs: http://www.pcmag.com/article2/...

Don't let the door hit your bum on the way out, AVG

Re:Alternatives to AVG

[grimJester]

Thanks, this is what I came here to find.

Re:Alternatives to AVG

[phantomfive]

The sad thing is that none of them work very well. But at least some don't spy on you horribly.

Re:Alternatives to AVG

[Chris+Mattern]

Norton?? Dear God, no. If you're willing to step up to the plate and pay for something decent, ESET is pretty good.

Not mine

[drinkypoo]

I never installed the browser add-on component.

But I guess now I'll move to Comodo anyway, and hope that's better for a while

Re:Not mine

[ihtoit]

I think I'll get back to work on my read-only browser sandbox. It seems to be the only way to be sure these days.

Sad.

[astro]

It's sad. There was a time, not SO many years ago, where I strongly recommended AVG to people as the lightest, least intrusive Antivirus solution for Windows. The decline makes me frown.

kudos

[shentino]

Kudos to AVG for being honest enough to admit it in advance and gives its potentially paranoid customers a chance to opt out.

I wish more companies did this. It's a little slimy, but it's a lot LESS slimy when they don't try to hide it.

No, I'm not being sarcastic.

Avast

[fluffernutter]

I switched to Avast a long time ago.

HTTPS scanning

[Artem+S.+Tashkinov]

./ has neglected an even bigger elephant in the room: most modern AV products insert their own HTTPS certificate into the OS you're running for your "safety" and "protection".

In short they scan the traffic which wasn't meant to be scanned by third parties, thus AV vendors circumvent the vary basis of encryption.

Welcome to a brave new world. Then your PC hasn't really belonged to you since 2008 or something but no one cares anyway: http://libreboot.org/faq/#inte...

I wonder if there's anything left to buy nowadays which is yours truly and which doesn't spy on you or have a dozen of backdoors for NSA/CIA/M5/etc.

Re:HTTPS scanning

[LVSlushdat]

Yes, there is.. and you don't have to "buy" it... Its called Linux.. Of course, having said that, I wonder how long it will be before the "government" decides that anybody who is not doing their internet business with an "approved" operating system, namely Windows or Mac, will be marked as a "terrorist".. I hope I'm dead and buried by then, but the way the world is going, I wonder (I'm 65 y/o now)....

Re:HTTPS scanning

[jonwil]

I run the free version of AVG (without any of the browser add-on crap installed) and I dont see any indications that its MITM'ing SSL traffic inside SeaMonkey (my primary browser).

Re:HTTPS scanning

[thejynxed]

It won't happen, not with how many government systems I am aware of run on some version of the Linux kernel with a myriad of shells and desktop spaces on top of that kernel. Oh, and much of their network equipment also runs on some form of Linux as do many of their security terminals. Now if we could just get the military to stop using Windows on important things like nuclear powered naval ships...

Re:HTTPS scanning

[ledow]

Sorry but that's not true - and Google and other websites, not to mention end-users, are capable of detecting these kinds of things.

To intercept traffic, you need to have accepted a trusted root certificate at some point. Doing so can MITM traffic but all your local SSL connections will be signed by that cert. That rings alarm bells in modern browsers, not to mention it's as simple as double-clicking the green bar to find it.

No modern AV that I've used has done this. However, I *have* manually pushed such a config for a web filter in the schools I work. It's not just as simple as nobody noticing - shit breaks when you do that if you're not careful and make certain exceptions.

But what I would really say was the cause of your complaint was letting your AV interfere at all in your web browser. It has no fucking need. There's no need to scan web pages before you browse them, as you browse them, or browse them on your behalf. That's not a reason that I've ever deployed AV for. That's what web proxies are for. And that's where you do your interception.

The problem is really "Internet Suites" which consist of AV (live-scanning and scheduled disk scans), firewall, intrusion detection, rootkit detection, even hooking of various functions within the operating system. Hell some of them are basically hypervisors letting you run unknown programs in isolated containers, task manager replacements, etc. That's feature-creep.

There is no evidence I can see that Sophos or Comodo install MITM certificates (unless you specifically configure it as such manually in Enteprise versions of Sophos, but that's an entirely different product DESIGNED to do that).

And if you're worried - turn off your AV. AV is one of the most privacy-intrusive things ever - it logs and records exactly what files and processes you manipulated when, analyses them, can send them back to the cloud, and interferes in EVERY file read and write you ever do, infected or not. As such, I have much more distrust of AV for that (especially given that I believe that companies like Kaspersky have been accused of all kinds of nasty things in collusion with governments) than anything to do with putting a quite obvious certificate in a certificate store that you can browse, and which each certificate signed by that will differ from the original when there are entire processes inside browsers and online to detect such things.

Re:HTTPS scanning

[ledow]

P.S. Try https://www.grc.com/fingerprin...

If your fingerprints on that page differ from the fingerprints on your browser's cert for those sites, you're being MITM'd.

e.g.
www.grc.com
01:56:D3:AC:CF:5A:3F:B8:8F:0F:B4:30:88:2D:F6:72:4E:8C:F2:E0

Re:Makes sense to me

[Desler]

Unless the specific product states otherwise, all AVG products and services are included under this Privacy Policy.

That's from this new policy.

What part of this ISN'T personal data?

[LOGINS+SUC]

New AVG Privacy Policy -- "We collect non-personal data to make money from our free offerings so we can keep them free, including: Advertising ID associated with your device; Browsing and search history, including meta data; Internet service provider or mobile network you use to connect to our products, and Information regarding other applications you may have on your device and how they are used."

It's not personal. We don't identify you by name, we just follow you around and record every single thing you do, when you do it, where you do it, and if you've a webcam attached, we'll film you while you do it, then sell it to any and everyone who pays.

In other words, we're providing you a "free", self-defending keylogger.

Re:What part of this ISN'T personal data?

[Dahamma]

No, you don't get it - your fingerprints and DNA aren't personal! They don't actually have your name spelled in them...

Re:What part of this ISN'T personal data?

[q4Fry]

No, you don't get it - your fingerprints and DNA aren't personal! They don't actually have your name spelled in them...

They identify you as DATAGGA.

Did they announce the hack ahead of time?

[raymorris]

If the perpetrators announced that they planned to hack Target and sell your credit card information, would you have shopped there, knowing what would happen? I wouldn't. Maybe you are that stupid, but I don't think most people are.

Ceasing to shop at Target AFTER the hack had already occurred would be closing the barn door after the horses has bolted. You'd only be hoping to indirectly influence management of other companies to hopefully increase the budget for security, which might reduce the risks of some breach somewhere. Switching from Target to Walmart after the news only increases your own risk, because Target's systems were swarmed with security experts from the FBI and private security companies - they got READ security conscious real quick.

Here AVG is announcing ahead of time, "if you use our product we WILL release your information." You can choose now to not have your information released by not using their product.

They know their customers

[behrooz0az]

Ignorant

AVG Filtering Negative Press?

[threc]

Well would you look at that: http://i.imgur.com/YsNjWCc.png

Thanks for protecting me AVG. /sarcasm

Re:AVG Filtering Negative Press?

[ledow]

That's just scumbaggery of the highest order, and you're not the first to report it.

Fuck you, AVG, and I was someone who sent dozens, if not hundreds of people your way over the years by my recommendations - and not just "free" users.

Comodo are my current "least hated" equivalent, but even they are doing some funky shit with their shellcode injection options being active EVEN WHEN DISABLED and interfering with things like the newest versions of Chrome being able to load successfully. Shit like that shouldn't happen if I've turned the option off - god knows how many random blue-screens and crashes that accounts for world-wide and nobody would suspect their firewall/antivirus of interfering in programs in that manner.

Re:AVG Filtering Negative Press?

[Hoban+Washburne]

self-preservation at it's finest!

Re:AVG Filtering Negative Press?

[nadaou]

My guess is that it found the hosts file localhost blackholing in this post:

http://yro.slashdot.org/commen...

No conspiracy theories needed.

p.s. why haven't you uninstalled AVG yet? Will it detect itself as malware now?

Re:AVG Filtering Negative Press?

[nnull]

It makes you wonder what else they're blocking.

AVG Internet Security blocked this article

[pefisher]

So I went into the AVG control center, turned link scanner off, reloaded the page, and now it's letting me read it.

People still use AVG?

[Dunbal]

Seriously I stopped using AVG like 9 years ago when they started dicking around caching web pages and sticking their nose where they didn't belong.

so whats next ?

[bobjr94]

Their data collection will include doccuments read during scans or returning some of the images on your computer ? Sounds like the next step.

When virus scanners become viruses

[WaffleMonster]

Way to destroy your brand. It will be amusing to watch other virus and malware scanner pushing updated definitions to detect and remove AVG.

At the risk of getting flamed...

[ewhenn]

At the risk of getting flamed, at least they disclose and are up front about it. I can guarantee you that lots of companies are selling your personal data... ermmm.. I mean "anonymous marketing information" without telling you about it. To me that's infinitely worse. While I don't like AVG's actions, at least they have the decency to tell you about their policies in direct terms.

And this is a surprise?

[Chris+Mattern]

Remember, when they give you the software for free, you're not the customer. You're the product.

Now I'm curious

[notequinoxe]

if there's gonna be a sufficient boycott and shitstorm regardind this ass move.

Re:Oh the irony!

[Opportunist]

Yes, it was an admittedly bad attempt at being funny.

Sorry, but you don't expect me to use A-material for charity, do you?

Great minds think alike & I'll do ya 1 better

See subject: I never get malware -> APK Hosts File Engine 9.0++ SR-2 32/64-bit http://start64.com/index.php?o...

FREE & adds speed, security, + reliability, doing more with less, more efficiently vs. browser addons & locally installed DNS servers @ home + fixes DNS' redirect security issues - obtaining its data vs. online threats & adbanner blocking from 10 reputable sites in the security community - using something you already have vs. "bolting on browser addons 'MOAR' that's usermode slower & increases messagepassing, cpu + ram overuse overheads & actually SPEEDS YOU UP 2 ways (adblocking + locally cached in RAM favorites placed @ the TOP of hosts for fastest resolution speed), whereas by way of comparison, other "so-called security 'solutions'" SLOW YOU DOWN!

* :)

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news...

&

It's GUARANTEED safe & clean per it being checked by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...

+

In its 32-bit model also https://www.virustotal.com/en/...

---

"The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"...

APK

P.S.=> By "yours truly" - "The Lord of Hosts" so-to-speak:

PERTINENT QUOTE/EXCERPT:

"The image this title brings to mind is of a mighty military commander, one who can at a mere word summon rank upon rank of protective power" from https://answers.yahoo.com/ques... & THAT WORD = hosts!

(Accept NO substitutes!)

...apk

MBAM

[warich]

Malwarebytes's Anti-Malware. Hands down.