topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • February 22, 2020, 02:25 PM
  • Proudly celebrating 14 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Avast sells user data: 'Every search. Every click. Every buy. On every site.'  (Read 692 times)

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,820
    • View Profile
    • Donate to Member
Leaked Documents Expose the Secretive Market for Your Web Browsing Data

"Although the data does not include personal information such as users' names, it still contains a wealth of specific browsing data, and experts say it could be possible to deanonymize certain users."

"Until recently, Avast was collecting the browsing data of its customers who had installed the company's browser plugin, which is designed to warn users of suspicious websites. Security researcher and AdBlock Plus creator Wladimir Palant published a blog post in October showing that Avast harvest user data with that plugin. Shortly after, browser makers Mozilla, Opera, and Google removed Avast's and subsidiary AVG's extensions from their respective browser extension stores. Avast had previously explained this data collection and sharing in a blog and forum post in 2015. Avast has since stopped sending browsing data collected by these extensions to Jumpshot, Avast said in a statement to Motherboard and PCMag.

However, the data collection is ongoing, the source and documents indicate. Instead of harvesting information through software attached to the browser, Avast is doing it through the anti-virus software itself. Last week, months after it was spotted using its browser extensions to send data to Jumpshot, Avast began asking its existing free antivirus consumers to opt-in to data collection, according to an internal document."

"De-anonymization becomes a greater concern when considering how the eventual end-users of Jumpshot's data could combine it with their own data.

"Most of the threats posed by de-anonymization—where you are identifying people—comes from the ability to merge the information with other data," Acar said. A set of Jumpshot data obtained by Motherboard and PCMag shows how each visited URL comes with a precise timestamp down to the millisecond, which could allow a company with its own bank of customer data to see one user visiting their own site, and then follow them across other sites in the Jumpshot data.

"It's almost impossible to de-identify data," Eric Goldman, a professor at the Santa Clara University School of Law, said. "When they promise to de-identify the data, I don't believe it."


app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,820
    • View Profile
    • Donate to Member
Thanks to Avast, retailers can know exactly what kind of porn some of their individual customers are into, as well as other sensitive personal info, by matching time stamps on purchases made on their site to the timestamps on data they get from Jumpshot. Once they have matched those, they can then apply a name, street address, phone number, etc, to the Jumpshot data, and fill in the blanks about each customer by their browsing habits.

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,820
    • View Profile
    • Donate to Member
Oh, by the way, for Windows 10 users that have Typing Insights turned on, Microsoft is collecting a LOT of data through that, more specifically, everything you type, including user names and passwords, your inner most thoughts you type into your private offline journal, trade secrets from emails you send to people within your company, etc.

Privacy is an illusion. It only exists in your mind, and only for as long as you can keep your thoughts in there and not let any bit of them escape.

dantheman

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 697
  • Be good if you can!
    • View Profile
    • Donate to Member
"Typing Insights"? - O&O has you covered:
https://www.oo-softw...tup10/latest-version

Then again, if you keep things in your Google account, your Outlook account or surf the web... they will surely find things out about you (even if you don't have a Facebook account).

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,820
    • View Profile
    • Donate to Member
"Typing Insights"? - O&O has you covered:
https://www.oo-softw...tup10/latest-version

Typing Insights is an opt-in feature that some people actually like, that corrects mistakes and auto-completes frequently typed words for you, based on a personal profile of your typing habits. But to make it work it has to collect data about your typing. While other similar 3rd party apps can manage to save this data locally and not phone home to hand it over to the developers to do with as they please, Microsoft needs to have this data in their control, on their servers, so that it will work with a single profile in the cloud, they say, that will be shared across all computers you log into with your Microsoft account. The profile is also shared with one of their Android speed typing apps.

You can easily turn the feature off, but they make it difficult to clear the typing data from your cloud stored profile, so if you log into another computer with your Microsoft account, it will go right back to suggesting stuff from your existing, cloud stored typing profile. If you want to clear that profile, you'll probably end up wasting more time than you'd care to, googling for how to do it and digging around in Windows for all the hidden settings. (I recently had to help someone do that, when the feature kept suggesting an old, compromised Yahoo account, whenever they were tying to log into their email, on any computer they used, at both work and home.)

But of course, once you do figure out how to clear it, that doesn't mean that Microsoft is going to be a sweetheart and completely delete all the data from their servers, and not keep and use a copy for their own purposes.

People that actually do like the feature aren't going to think about what may be happening behind the scenes, with their data, or possibly not care. And they certainly aren't going to want some 3rd party app like O&O to disable their much loved Windows feature. (my friend that had to clear their profile was upset that they lost their entire typing history and couldn't edit it to remove just the one thing they wanted removed)

Of course it's easy to avoid Typing Insights altogether (and a lot of other "features") by never logging into any computer, not even once, with a Microsoft account and not installing their app on your phone.

Then again, if you keep things in your Google account, your Outlook account or surf the web... they will surely find things out about you (even if you don't have a Facebook account).

As I said before:

Privacy is an illusion. It only exists in your mind, and only for as long as you can keep your thoughts in there and not let any bit of them escape.

It's still safe to sit motionless, calm and expressionless, and just think...for now. But once you do anything else, you are letting your thoughts escape your mind, into a world where you don't have much control over how they will be used by others.