
OK
Time to change AV vendor (again)
Avast has agreed to cough up $16.5 million after the FTC accused the antivirus vendor of selling customer information to third parties. The US regulator filed [PDF] a lengthy complaint against Avast regarding its use and alleged misuse of customer data. The security shop collected people's info through its browser extensions …
It does rather seem to be an inevitable rule of the IT industry that all AV products turn to sh!te sooner or later.
Waaay back in the day, I used to use Norton. That got more and more bloated, and when it reached the point that the product was worming its tentacles into my system far deeper and more damagingly than any likely virus infection, I moved to AVG.
That in turn suffered its own enshittification - becoming bloated and succumbing to creeping featurism.
TBH these days on my remaining Microsoft boxes I just run with Windows Defender. Of mixed efficacy it may be, but at least it's pretty lightweight and still (mostly) tame-able.
Norton AV was always shit, like most AV products aimed at consumers, all the way back to the '90s. People bought it because back then Norton still had a great reputation it build mostly through its suite of system tools (Norton Utilities).
But yes, AV tools are pretty much all more or less crap, and if you're on Windows and can't/don't want to pay for something decent like Crowdstrike or SentinelOne then Defender is still a better option than any of the traditional AV products.
I'm not sure I can feel sorry for Avast users who got caught out by this, after all this isn't the first time Avast has misappropriated user data (they have a solid trac record of getting caught, apologizing and after a short while doing it again), so anyone who is still using them clearly hasn't paid attention.
Which is a pretty poor thing to do especially when it comes to chosing software that's supposed to protect you and your systems.
Does anyone still use AVAST these days? Now owned by a shady AF chinese firm that is thoroughly and utterly conntrolled by the CCP in Bejing.
Avast installers are pre-bundled with extremely nasty malware that drops its own payloads AND opens doors to remotely contact botnet servers and download even more horrific stuff.
Basically you install ANY Avast version in 2024, you've just ended your entire networks security and given complete control of your PC to the chinese government.
Why would anyone do this?
That is actually wrong information. Avast is not owned by the Chinese government. It is a publicly traded company, part of "Gen Digital" (NASDAQ: GEN).
https://press.avast.com/nortonlifelock-completes-merger-with-avast
It should be obvious. Norton (consumer) & Symantec (enterprise) shared the same endpoint security technologies under the hood. Completely different wrappers, interfaces, and use cases though. When Norton & Symantec split, the IP went to Symantec and Norton had to eventually find new technology somewhere else.
A company screws up. The government goes after them financially. Rather than compensating the affected consumers, the government keeps the money.
The plaintiff is also the judge and the jury. It just screams conflict on interest to me. This one fine probably justified the existence paid the salary of a dozen bureaucrats this year. I am tired of watching the government claiming they are protecting people, but all they doing is protecting their own self-interests.
Don't get me wrong... A company screws up, and they should be penalized. But the money should go to the victims, not the government coffers.
I still get spam sent to my dedicated Avast email address. I pointed this out on their forums when it first started many years ago but I was 'shouted down' and told that there were many valid reasons why an email address that included the text '.avast' could've been found by spammers even though I was not receiving spam from anywhere else.
Leaked or sold..they had clearly violated my privacy.
When I started servicing consumer computer users back in 2003, I evaluated several AV products, and found Avast came out very well. The free version was actually good, and the paid versions really did a some valuable things. But some time around 2011 or so, they changed. The free version kept advertising the paid-for versions. The paid-for versions kept advertising the higher-up paid-for version, and the ‘premium’ version kept advertising other products. It quickly became clear that they started to grow massively as a company, but not because they were any good.
One of the ‘products’ they pushed was a ‘secure browser’ extension that purportedly protected you by giving you better deals on stuff. So when you searched for a price on something, it replaced search results and prices with their own affiliate advertisers’ prices!
Eventually, this became an ‘Avast secure browser’ and at that point it started to become ‘evil’. The bought AVG, they merged with Norton - and we all know what Norton was positioned at in the market.
We stopped servicing home users in 2012, and now we’re pushing EDR on to our customers.
Avast has also been harvesting user data through a "confidential collaberator" {their words) through a Brazillian company called PSAFE through their mobile and desktop "DFNDR" apps.
The DFNDR mobile app uses Avast's software and has been tricking millions of users into installing the app through the use of fake virus warnings in push notifications that mimic system alerts.
It has been using the fake virus warnings since 2013 and tricks people into accepting the malicious push notifications by clicking on fake CAPTCHAS or fake media browser buttons through a javascript embedded in hundreds of websites that detect mobile devices.
When I reached out to Avast through their online user forums it took them almost a month before they finally admitted their partnership with the Brazillian company.
After exposing the fraudulent virus warnings on the Avast user forums I was given a lifetime ban without warning for my troubles.
I reached out to the FTC's online reporting website to report Avast's collaberation with PSAFE so that their DFNDR users can also be notified if their data was also harvested for Avast's Jumpshot program