dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
2206

HA Nut
Premium Member
join:2004-05-13
USA

3 recommendations

HA Nut

Premium Member

Disturbing information on Avast

»www.howtogeek.com/199829 ··· is-week/

"Avast Online Security Extension Added a "Shopping" Component"

I was very unhappy to read this.

lordpuffer
Legalize It Joe!
Premium Member
join:2004-09-19
Old Town, ME
Nokia XS-110G-A
Linksys Velop MX5300

lordpuffer

Premium Member

Thanks for the info.....That is disturbing. I've been an Avast user for years. For me, I updated the program the other day. There was so much bloat in it, and it slowed down my PC so much that I used the uninstall utility and trashed Avast. I installed MSE, and my PC is running much faster now. I'm done with Avast.

Kilroy
MVM
join:2002-11-21
Saint Paul, MN

1 recommendation

Kilroy to HA Nut

MVM

to HA Nut
I jumped ship from Avast! about a year ago due to them wanting to install extra garbage in the paid version and having pop up ads for more of their products. Sorry, I'm a firm believer that if I'm paying for your product I'm not paying for you to make additional money by installing software that you get paid to install or having ads pop up to buy your other products (this is what malware does). Sorry if money is tight, but that is the wrong way to increase income.

Rocky67
Pencil Neck Geek
Premium Member
join:2005-01-13
Orange, CA

Rocky67 to HA Nut

Premium Member

to HA Nut
...it's important to note that they recently disabled the spying & shopping feature in their browser extension. So if you are running the latest Chrome with extensions updated, you are fine.

It appears that Avast has recently disabled the shopping "feature" rather than added it, so, at this point, there's no reason to get upset unless they decide to re-enable it in the future.

I agree that Avast is getting bloated, but I'm sticking with it for now.

Robotics
See You On The Dark Side
Premium Member
join:2003-10-23
Louisa, VA

Robotics to HA Nut

Premium Member

to HA Nut
I don't have any of this on my browsers.

I'm not 100% sure but I think there was an option to not install it at all when it first was implemented.

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

2 recommendations

camper to lordpuffer

Premium Member

to lordpuffer
said by lordpuffer:

There was so much bloat in it

 
Just because there is bloat, does not mean you have to install it.

When I install Avast, I install what I've installed from the beginning, the file system shield. Nothing more. I use Avast only for the anti-virus protection, so I do not install any more than that.

Sportsfan
join:2012-03-26

Sportsfan to HA Nut

Member

to HA Nut
I used Avast until version 7 but after they started adding bloat with v8, I ditched it for MSE.
Sentinel
Premium Member
join:2001-02-07
Florida

1 edit

2 recommendations

Sentinel to camper

Premium Member

to camper
said by camper:

When I install Avast, I install what I've installed from the beginning, the file system shield. Nothing more. I use Avast only for the anti-virus protection, so I do not install any more than that.

+1
This is exactly what I do and have always done with every anti-virus I ever used. I only have the 1 thing installed on Avast and it runs great, I feel safe (enough). I think the additional modules are duplication.

Boricua
Premium Member
join:2002-01-26
Sacramuerto

Boricua

Premium Member

said by Sentinel:

said by camper:

When I install Avast, I install what I've installed from the beginning, the file system shield. Nothing more. I use Avast only for the anti-virus protection, so I do not install any more than that.

+1
This is exactly what I do and have always done with every anti-virus I ever used. I only have the 1 thing installed on Avast and it runs great, I feel safe (enough). I think the additional modules are duplication.

Hmm...I think I am going to do that. Since it updated itself forcefully (I did not want it), I have noticed a slow down on my desktop. Will give this a shot and see how much better my desktop is. Might even do the same with my laptop.
19579823 (banned)
An Awesome Dude
join:2003-08-04

19579823 (banned) to Kilroy

Member

to Kilroy

Why bother updating it??

IF YOU CAN GET ALL THE SIGNATURES ON AN OLDER UNBLOATED VERSION,WHY CHANGE IT??
PrntRhd
Premium Member
join:2004-11-03
Fairfield, CA

PrntRhd

Premium Member

said by 19579823:

IF YOU CAN GET ALL THE SIGNATURES ON AN OLDER UNBLOATED VERSION,WHY CHANGE IT??

Because the newer versions are more secure in today's environment than the old version.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran to HA Nut

Premium Member

to HA Nut

Re: Disturbing information on Avast

What extension?
PrntRhd
Premium Member
join:2004-11-03
Fairfield, CA

PrntRhd

Premium Member

said by sivran:

What extension?

Apparently if you were using Chrome.
Sentinel
Premium Member
join:2001-02-07
Florida

Sentinel to Boricua

Premium Member

to Boricua
Yes, my feeling is that if the file shield is scanning everything in the background already then isn't it scanning webpages and emails already too? Why have a separate email or webpage scanner running? Isn't that redundant? Then once a week I do a full system scan that scans every file. Works for me.

xirtam
@90.204.151.x

xirtam to HA Nut

Anon

to HA Nut
It is not only Avast doing this per say.

A lot of the big AV companies are monetizing data by providing a "secure component" whether a toolbar extension(s) , secure search etc.

Not contented with making money from subscriptions they want to make more money buts that not a shocker as they are companies in business to make money.

What is misleading is when it is marketed as as security feature when in fact it both is that but more critically it is a way of monetizing their users surfing habits and data first and foremost.

It could be argued in the case of free version software this is a fair exchange just like vendors pushing sponsorship programs (Ask toolbar, Chrome browser) with their core installers but fundamentally they should no longer be classified as "free" versions since your data/habits have value(even if you don't realize this).

Trackware or even spyware for your surfing habits/history if we really want to call it out for what it is.

Delivery of targeted advertisement being a good thing right ?

Heck no >> For years the antics of teh adware man have been deplorable for end users quality of computer experience. It is even a harder bitter pill when the so called good guys(EG security companies you pay to protect your data) move into that field in persuit of profit
Sentinel
Premium Member
join:2001-02-07
Florida

Sentinel

Premium Member

Well you can all it "profit" I call it income or, more commonly, a paycheck. I don't begrudge anyone a paycheck. I'm sure where ever you work you get a paycheck which could be called profit by others. So lets avoid loaded words designed to elicit a certain type of emotional response.

The problem is not the people who put out a product. The problem is the people that buy it. Sellers put out products that people want. If you can make an anti-virus program that is better for less money then people will buy it. They would be stupid not to. The problem is that most people don't care.

Most people want "more stuff" so program makers make programs that do more stuff. The more "stuff" programs do the more people download them. When a guy comes along an writes a program that is small and clean and works well a few people download it. He adds more "stuff" and more and more people download it. The more stuff he adds the more people download it. So of course what lesson does he learn? The more crap I add the more people download it so I'll just keep adding crap. If there was money to be made (translation: if there enough people that wanted...) by making software that did less, then someone would write it. But unfortunately we are on a wave of people asking for the piling on of crap and the software makers are just giving people what they are asking for.
We, who disable all the extra "features" are sadly in the minority so why should a vendor of anything care about the fewest of his customer base?

Same with cell phones, cars, etc ... Hard to even find a frying pan anymore that just fries crap.

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

1 recommendation

camper to Sentinel

Premium Member

to Sentinel
said by Sentinel:

This is exactly what I do and have always done with every anti-virus I ever used.

 
I always use the custom install option whenever I install any software. I never use the "typical options" install, as that installs what the vendor wants to have running on my system, not what I want to have running on my system.

The only functionality I want from Avast is file system anti-virus protection. Using the custom install, the only part of Avast that I've ever installed was the file system shield.

I don't notice any bloat in Avast, and my systems still run as speedy as they ever have.

For me, using the custom install is a security precaution in addition to an anti-bloat precaution.

Kilroy
MVM
join:2002-11-21
Saint Paul, MN

Kilroy

MVM

For those that do the custom installs, I do also, are you not seeing the speed up your system pop-up from the task bar wanting you to purchase the additional software? This was my issue, a paid anti-virus solution behaving like malware.

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

camper

Premium Member

I saw those pop-ups until I disabled the pop-ups that notified me that Avast had updated its signatures.

Once I disabled that notification, the advertising pop-ups disappeared.

On the other hand, I use the free version of Avast, so when the pop-ups did occur, I did not find them offensive. If I were using the paid-for version, I would have been annoyed with the advertising in a paid-for product, as you rightly were.

hayc59
Your a Daisy
Premium Member
join:2001-02-26

3 recommendations

hayc59 to HA Nut

Premium Member

to HA Nut
VLK official statement
»forum.avast.com/?topic=1 ··· g1140066
quote:
A couple of days ago, howtogeek.com published an article about Avast and accused us of spying on our users. Given that the article contains a number of inaccuracies I feel it is necessary to react. As these are some pretty serious allegations, I also hope that we will be given some room on their site to defend ourselves. We requested the opportunity to discuss the author’s findings, but he declined to do so.

The article basically says that Avast used the SafePrice browser extension to spy on its users. That the SafePrice extension (which they first call “adware”) collects all URLs that the user visits, and then sends them to the cloud, together with a user ID. To demonstrate the problem, they used Fiddler (a free browser monitoring tool) to dissect the requests being generated by SafePrice and found the user ID in some of the requests, concluding that the product is “spying”. Finally, they say that all of this was true up until last week when we made SafePrice a standalone extension (removed it from the main Avast Online Security extension).

Let me start by saying that Avast’s browser extensions, together with some other modules inside Avast, rely heavily on cloud functionality. That is, in the particular case of URL scanning, we do transfer the URL the user is visiting, together with additional metadata to the Avast cloud, which then does the necessary processing and synchronously returns the answer. By scanning URLs in the cloud, Avast is able to detect malicious activity, from viruses and malware, phishing and hacking. You may not realize but collecting URL information for this very purpose is extremely common in the security industry, as this information is essential to providing this kind of service.

Now, regarding Avast SafePrice. SafePrice searches the web and offers its users the best price possible when shopping online from sites we trust, safeguarding users from possible online scams. While formerly the user had to do research and visit price comparison portals, SafePrice now offers automated help to find the best and trustworthy offerings. Avast SafePrice sends data to our server regarding the products our users are looking for and the URLs they are visiting. All personally identifiable information is stripped in real time, so the shopping data is completely anonymous. Again, I don’t think this can come as a surprise to anyone – I mean, did you expect SafePrice to have all the product IDs and all the offers stored locally? That just doesn’t make sense at all.

Originally, SafePrice was indeed part of the main Avast browser extension (as the article suggests). However, as most of the people in this forum know, in July 2014 we changed the strategy and moved it to a separate extension. The installation of this extension is now completely voluntary (on an opt-in basis) and its presence doesn’t influence Avast’s efficiency to block malicious sites. Since we have made this change, SafePrice accumulated almost 3 million installs just from the Chrome Web Store alone and became the most popular shopping extension for Chrome.

By the way, the other allegation was that Avast pushes SafePrice while recommending that users remove other similar browser extensions via Avast Browser Cleanup (BCU). I have explicitly checked our BCU database of community ratings and found that all the major shopping extensions, including PriceBlink, InvisibleHand, Shoptimate, and Groupon have good ratings and are not recommended for removal by BCU. Only those that our community of users have assessed as poor are so recommended.

One of the other issues raised by the article was whether the user ID is PII (personally identifiable information) or not, and why it is being transferred. The Avast user ID is a random, machine-generated ID that is created during the installation of the product. So by itself, it is certainly not a piece of PII. And the reason we include it in the request is because context is very important. The efficacy of a security product is severely limited if requests are done without a context, i.e., if it is not possible to tie them together into a “stream”. And in the case of SafePrice, we use the user ID just to be able to count our active users. In general, we really don’t see anything bad in doing this, in fact, if we were, we would have probably tried to hide what we’re doing in some way – while, as the author of the article uncovered quite easily using Fiddler, the user ID is there just as a regular json field. Which makes me even more frustrated, as it is very likely that if we actually made the field less noticeable, the article probably wouldn’t have been written. We’re not trying to hide anything.

Now, the key is not only what information is collected, but also what is done with the collected information and how the user is informed about the collection process. Avast is committed to protecting its customers on all fronts, which is why we inform our users, even beyond our EULA and Privacy policy, that their browsing information will be collected but stripped of personally identifiable information and used to improve services, such as online web security. We actually tried to make this very, very explicit, and that’s why we have the screen (attached) in the Avast installer.

As you can see, the title of the screen says “Please Don’t Skip This – Read it Carefully”. Honestly, I don’t know how to make it more explicit than this.

If you have any additional questions, I’d be happy to answer them.

Thanks,
Vlk

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran to Kilroy

Premium Member

to Kilroy
said by Kilroy:

For those that do the custom installs, I do also, are you not seeing the speed up your system pop-up from the task bar wanting you to purchase the additional software? This was my issue, a paid anti-virus solution behaving like malware.

Nope. Avast never pops up anything except stuff it is supposed to on my system.

I have Web and File shields active. Email, P2P, etc not installed.
PrntRhd
Premium Member
join:2004-11-03
Fairfield, CA

PrntRhd to HA Nut

Premium Member

to HA Nut
Not having any issues here with Firefox/NoScript.