Jump to content

AV-Comparatives - Data transmission in Internet security products

SweX

By SweX
in General Discussion

 Share

Recommended Posts

  • Administrators
Marcos

Marcos 4,935

Posted
  • Administrators
Posted

Btw, re. what is submitted, in ESET's products documents and other files potentially carrying sensitive or personal information are excluded from submission by default. One can opt out of submitting statistics and (or) suspicious files completely while leaving LiveGrid still enabled to receive as best protection against new malware as possible. Of course, we don't recommend disabling submission of suspicious files as security companies need to create as best protection against malware as possible and having more malware variants of the same kind helps create better generic signatures. The more users choose to submit files, the better protection we can create. However, in ESET's products there's an option to exclude user-defined files from submission instead of disabling submission of suspicious files completely.

Link to comment
Share on other sites
sky7

sky7 19

Posted
Posted (edited)

Btw, re. what is submitted, in ESET's products documents and other files potentially carrying sensitive or personal information are excluded from submission by default. One can opt out of submitting statistics and (or) suspicious files completely while leaving LiveGrid still enabled to receive as best protection against new malware as possible. Of course, we don't recommend disabling submission of suspicious files as security companies need to create as best protection against malware as possible and having more malware variants of the same kind helps create better generic signatures. The more users choose to submit files, the better protection we can create. However, in ESET's products there's an option to exclude user-defined files from submission instead of disabling submission of suspicious files completely.

 

I check default exclude defined file and now I add text file(*.txt) to exclusion filter for ESET LiveGrid.

I think that text file should be excluded from submission by default.

 

Edited by sky7
Link to comment
Share on other sites
SweX

SweX 871

Posted
  • Author
Posted (edited)

Official response by ESET Staff "mrtwolman" posted on Wilders. FWIW Thanks.

 

In response to the recent report “Data Transmission by Internet Security Products” published by AV-Comparatives we would like to clarify our approach to user privacy and data collected.  

 

First of all, we want to set the record straight: we did not answer any question in the AV-Comparatives questionnaire. Obviously we receive some of these questions quite regularly and have responded to queries from many of our customers and partners to clarify any worries they might have. We received the AV-Comparatives questionnaire, however the naïveté with which parts of the bulky document asked for information, part of which is subject to our Non-Disclosure Agreement policy, led us to take a decision not to respond at all rather than cherry-picking which questions to answer. Thus AV-Comparatives did not receive any answers from ESET.  

 

The AV-Comparatives report based its conclusions mostly on their own interpretation of our EULA and limited analysis of encrypted network traffic. Not surprisingly, this can provide hardly any reasonable data, as the report rightfully confirms, and AV-Comparatives specifies that it takes no responsibility over correctness of the information provided.  

 

ESET has nothing to hide when it comes to user privacy. We are a vendor with our own proprietary technology and are in full control of the data we collect. We are based out of Slovakia, subject only to Slovak and EU legislation and we are not under pressure from any particular government.  

 

We operate under strict EU privacy laws. However, we sell worldwide to more than 180 countries, and are obliged to respect the privacy of all of our customers, many of whom are concerned about the collecting of personally identifiable information.  

 

Pioneering the cloud internet security technology, we started utilizing statistical data and collecting suspicious samples back in 2005, launching ESET ThreatSense.NET® - now called ESET LiveGrid®. The user decides during installation of our products if he/she wants to participate in ESET LiveGrid®. The reason we introduced this feedback system was to get an early warning of fresh heuristically detected threats and new strains of malware, and at the same time to enable us to response quickly in case of problematic detection which causes false positives. Telemetry collected from our users helps us prioritize and focus in a timely fashion on the most important and significant security issues. The technical data that we collect is anonymized and does not contain any personally identifiable information.

Edited by SweX
Link to comment
Share on other sites
SweX

SweX 871

Posted
  • Author
Posted

Btw, re. what is submitted, in ESET's products documents and other files potentially carrying sensitive or personal information are excluded from submission by default. One can opt out of submitting statistics and (or) suspicious files completely while leaving LiveGrid still enabled to receive as best protection against new malware as possible. Of course, we don't recommend disabling submission of suspicious files as security companies need to create as best protection against malware as possible and having more malware variants of the same kind helps create better generic signatures. The more users choose to submit files, the better protection we can create. However, in ESET's products there's an option to exclude user-defined files from submission instead of disabling submission of suspicious files completely.

Yes sure, but now when we got an official response the "not disclosed" answers in the report makes sense now when we know that AV-C did not receive any answers from ESET.

 

I don't care much about it personally since there's no reason why I shouldn't trust ESET the company. ;) But there is for sure people and ESET users out there wich were wondering about the "not disclosed" answers. And hopefully for them the official response explaining it all will be good enough. And "we" have something to refer to if someone wonders about it, wich is good.

Link to comment
Share on other sites
sky7

sky7 19

Posted
Posted

1. Is the local IP address transmitted?

2. Is the windows username transmitted?

3. Is the country / region of the settings of the operating system transmitted?

4. Are special updates delivered to users with specific IDs?


Questions are very clear.
Those things I expect answers "NO" from ESET
I want to hear official answer from ESET.

* If "suspicious" files are transmitted: Are non-executable files (e.g. documents) transmitted?

User can opt out. When I take a look default exclude defined file doc, ppt, xls, rtf are excluded from submission by default
but I'm surprised txt is not excluded by default.


 

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 4,935

Posted
  • Administrators
Posted

The official ESET's statement on the subject is as follows:

 

In response to the recent report “Data Transmission by Internet Security Products” published by AV-Comparatives we would like to clarify our approach to user privacy and data collected.

 

First of all, we want to set the record straight: we did not answer any question in the AV-Comparatives questionnaire. Obviously we receive some of these questions quite regularly and have responded to queries from many of our customers and partners to clarify any worries they might have. We received the AV-Comparatives questionnaire, however the naïveté with which parts of the bulky document asked for information, part of which is subject to our Non-Disclosure Agreement policy, led us to take a decision not to respond at all rather than cherry-picking which questions to answer. Thus AV-Comparatives did not receive any answers from ESET.

 

The AV-Comparatives report based its conclusions mostly on their own interpretation of our EULA and limited analysis of encrypted network traffic. Not surprisingly, this can provide hardly any reasonable data, as the report rightfully confirms, and AV-Comparatives specifies that it takes no responsibility over correctness of the information provided.

 

ESET has nothing to hide when it comes to user privacy. We are a vendor with our own proprietary technology and are in full control of the data we collect. We are based out of Slovakia, subject only to Slovak and EU legislation and we are not under pressure from any particular government.

We operate under strict EU privacy laws. However, we sell worldwide to more than 180 countries, and are obliged to respect the privacy of all of our customers, many of whom are concerned about the collecting of personally identifiable information.

 Pioneering the cloud internet security technology, we started utilizing statistical data and collecting suspicious samples back in 2005, launching ESET ThreatSense.NET® - now called ESET LiveGrid®. The user decides during installation of our products if he/she wants to participate in ESET LiveGrid®. The reason we introduced this feedback system was to get an early warning of fresh heuristically detected threats and new strains of malware, and at the same time to enable us to response quickly in case of problematic detection which causes false positives. Telemetry collected from our users helps us prioritize and focus in a timely fashion on the most important and significant security issues. The technical data that we collect is anonymized and does not contain any personally identifiable information.

Link to comment
Share on other sites
sky7

sky7 19

Posted
Posted (edited)

The official ESET's statement on the subject is as follows:

 

In response to the recent report “Data Transmission by Internet Security Products” published by AV-Comparatives we would like to clarify our approach to user privacy and data collected.

 

First of all, we want to set the record straight: we did not answer any question in the AV-Comparatives questionnaire. Obviously we receive some of these questions quite regularly and have responded to queries from many of our customers and partners to clarify any worries they might have. We received the AV-Comparatives questionnaire, however the naïveté with which parts of the bulky document asked for information, part of which is subject to our Non-Disclosure Agreement policy, led us to take a decision not to respond at all rather than cherry-picking which questions to answer. Thus AV-Comparatives did not receive any answers from ESET.

 

The AV-Comparatives report based its conclusions mostly on their own interpretation of our EULA and limited analysis of encrypted network traffic. Not surprisingly, this can provide hardly any reasonable data, as the report rightfully confirms, and AV-Comparatives specifies that it takes no responsibility over correctness of the information provided.

 

ESET has nothing to hide when it comes to user privacy. We are a vendor with our own proprietary technology and are in full control of the data we collect. We are based out of Slovakia, subject only to Slovak and EU legislation and we are not under pressure from any particular government.

We operate under strict EU privacy laws. However, we sell worldwide to more than 180 countries, and are obliged to respect the privacy of all of our customers, many of whom are concerned about the collecting of personally identifiable information.

 Pioneering the cloud internet security technology, we started utilizing statistical data and collecting suspicious samples back in 2005, launching ESET ThreatSense.NET® - now called ESET LiveGrid®. The user decides during installation of our products if he/she wants to participate in ESET LiveGrid®. The reason we introduced this feedback system was to get an early warning of fresh heuristically detected threats and new strains of malware, and at the same time to enable us to response quickly in case of problematic detection which causes false positives. Telemetry collected from our users helps us prioritize and focus in a timely fashion on the most important and significant security issues. The technical data that we collect is anonymized and does not contain any personally identifiable information.

 

Marcos,

That is exactly same statement by ESET Staff "mrtwolman" posted on Wilders I already read.

I understand you don't have to respond to AV-Comparatives but I'm a customer (I have ESS 7 paid license) and

I like to hear clear answer about these 4 questions.

Does ESET store customer's IP-address ? (local IP address transmitted anyway)

Windows username?

country / region of the settings of the operating system?

Are special updates delivered to users with specific IDs?

You can simply answer those questions YES or No.

I hope to hear soon.

 

* I hope that vendors provide the whitepaper like F-Secure: whitepaper

 

Edited by sky7
Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted

From a Developers standpoint,

 

Most of the info you are rambling about will actually be used in variables.

 

IP address , username, and county etc are always going to be dynamic, thus the world of variables comes into play for programmers. (SMH)

Link to comment
Share on other sites
sky7

sky7 19

Posted
Posted

Developer standpoint, Business standpoint and customer standpoints are all different.

 

"The technical data that we collect is anonymized and does not contain any personally identifiable information."

That's why this is unclear to me. Do they collect all data (Customer's IP-address , Windows username, and county etc) but it's anonymized? or ESET does not collect such data(Customer's IP-address , Windows username, and county etc)?
Is it difficult to answer these 4 questions Yes or No? I don't think so.
 

Link to comment
Share on other sites
sky7

sky7 19

Posted
Posted (edited)

"ESET has nothing to hide when it comes to user privacy."

 

I asked questions on May 1st. Still no clear answers about questions.
I cannot understand. If you don't hide anything why you don't answer the question?

4 questions too much? Please answer this one first.

Is the Customer's local IP address transmitted?

 

If YES

If I opt out of submitting statistics and suspicious files but ESET LiveGrid still enabled
Is the Customer's local IP address still transmitted? or Do I have to disable ESET LiveGrid?
or there is NO option to stop Customer's local IP address info is transmitted to ESET?



 

Edited by sky7
Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted

What does it even matter if the private local ip address is tossed around ?

The router address or external ip is the only thing that matters when it comes to home or client workstations.

Your probably not getting a lot of answers because of your silly questions.

Why dont you just call by phone to get your answers. The response time will be instant. Questions answered right away.

This is also the general section of the forums which receives the least attention.

Link to comment
Share on other sites
sky7

sky7 19

Posted
Posted

What does it even matter if the private local ip address is tossed around ?

The router address or external ip is the only thing that matters when it comes to home or client workstations.

Your probably not getting a lot of answers because of your silly questions.

Why dont you just call by phone to get your answers. The response time will be instant. Questions answered right away.

This is also the general section of the forums which receives the least attention.

 

 

Arakasi,

1. I don't ask you these questions. I asked ESET.

2. I want to know facts.  

3. Silly questions? That's why I cannot get answers?

    How dare you simply judge someone's questions are silly questions?

    I hope that you think about your attitude and arrogance.

    

 

Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted (edited)

Hello,

 

Maybe if you didn't approach your questions with such rudeness and a demeanor that is pushy and accusing towards ESET.

 

Call me passionate about the products i use and the vendors i support.

 

I hope that you think about your attitude and arrogance.

This is what i thought about of your statements when i submitted my reply's.

 

I can almost promise you, Swex did not create this thread for you to come bash ESET and demand answers to your questions.

 

If you want your answers in a more hasten fashion, create a new topic in a category under the product in question, and not in General, and in someone else's thread, when you are making this whole topic about you and your questions.

Get more personal, email ESET, phone into the support line, or create a new thread by "you" with your questions you wish to be answered. ;)

 

Enjoy :)

Edited by Arakasi
Link to comment
Share on other sites
sky7

sky7 19

Posted
Posted (edited)

Hello,

 

Maybe if you didn't approach your questions with such rudeness and a demeanor that is pushy and accusing towards ESET.

 

Call me passionate about the products i use and the vendors i support.

 

I hope that you think about your attitude and arrogance.

This is what i thought about of your statements when i submitted my reply's.

 

I can almost promise you, Swex did not create this thread for you to come bash ESET and demand answers to your questions.

 

If you want your answers in a more hasten fashion, create a new topic in a category under the product in question, and not in General, and in someone else's thread, when you are making this whole topic about you and your questions.

Get more personal, email ESET, phone into the support line, or create a new thread by "you" with your questions you wish to be answered. ;)

 

Enjoy :)

 

Arakasi,

1. You are not ESET staff but you are acting like manager of this forum

and representative of ESET "Do this, Do that, Silly questions.." Who gave you authority?

and now you are using Swex. You are not Swex aren't you?

2. Did I mentions Swex created this thread for me? No.

Swex created this thread for forum memebers and I'm one of them.

3. You are trying to making a turning point. You messed up this thread.

You are forcing your standpoint and judging other memeber's question carelessly.

Moreover you are distorting my questions and attacking me personally to defend ESET. Is this what ESET really want? I don't think so.

4. Bashing ESET? Clearly it's very simple request and question to confirm regrading facts from ESET.

PS. If ESET Moderator asks me to create a new topic for this, I will do it. Don't worry.

 

Edited by sky7
Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted (edited)

1. Swex and i are friends, we talk a lot outside these threads.

2. Its a public forum. I can act as i please, and any behavior not following with forum rules will be moderated by Staff. I'm not ordering anyone to do anything i am suggesting and guiding, since i have been looking upon these forums for more then a year, know how they operate etc.

3. I never once claimed i was staff, or representing ESET. I come here on my own free will, with no compensation to me, to accomplish one goal. *Help the people here on the forum.

I am not attacking you personally, but you have started down a path that makes this thread nothing but me and you.

 

I have suggested to you multiple times to create a new thread regarding your concerns because it would receive more attention. This is not a demand from me, it is me helping you.

Your first question about information i answered only to help you. Information like that is stored in variables and not usually static or used whole when developing a program. This is a fact. Like we drive on the right side of the road in US.

 

Your second question about IP, i answered as well. the Private IP subnets used by the entire world are in classful networks, 192.168.0.0/16 class C, 172.16.0.0/12 class B and 10.0.0.0/8 class A.
Any of these IP's usually fall behind local communications within a private network as specified by RFC 1918.

These IP's are not going to indicate "PERSON, LOCATION, ADDRESS " Etc. These IP's will only be used behind your router for communication from computer to computer inside your network privately.

Transmission of this address really doesn't matter. We all use the same internal IP's.

I was trying to help you with your second question.

 

However none of this really matters as your opinion has already been voiced and i don't count here.

I hope you standby for an official staff response. :)

Edited by Arakasi
Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted

In conclusion, Marcos has stated already in post #10 at the very end.

 

The technical data that we collect is anonymized and does not contain any personally identifiable information.

Link to comment
Share on other sites
SweX

SweX 871

Posted
  • Author
Posted (edited)

I don't know, but it might be worth a shot looking at the "strict EU privacy laws" that ESET needs to follow. But don't ask me if or where you can find them though. And also read the EULA.

 

Other than that I pretty much agree with what Arakasi said about the IP's.

 

But it's also about trust, do you trust ESET, the product, and that ESET don't collect more data than they really need to. And that the data ESET do collect is "anonymized and does not contain any personally identifiable information." If you don't, then it might be better to go back to the "80's mode" i.e using an on-demand scanner that is totally signature based wich will detect infections that has already taken place(not good). And you don't have to worry about outgoing connections to the vendors servers for file reputation look-ups and what not, aside from when the product downloads new signatures. Reactive protection at its best.

Edited by SweX
Link to comment
Share on other sites
sky7

sky7 19

Posted
Posted

Arakasi,

"Swex and i are friends  we talk a lot outside these threads."

So what? If you want to say something. Speak up your own voice.
You don't need to use your friend Swex. If Swex wants to say something to me
you should wait. "I can almost promise you, Swex did not... " What is this?

"I am not attacking you personally, but you have started down a path that makes this thread nothing but me and you."

You did. you are distorting my questions and you said my question is silly question.
I believe there is no unnecessary question and there is no silly question in this world.
If you believe there is unnecessary question and there is silly question
What can I do? No problem It's your viewpoint and it's your value of thought.
but you don't have to force this other people.

Even if you did joke to someone If he or she feels uncomfortable. it's not joke anymore.  
You simply judge my question is silly but you are not attacking me personally?
It's just self-centered interpretation.

Arakasi, I don't want to waste my time to talk with you anymore. I'm going to stop here.
This will be last response to you. I hope that you help other people who need your help.
It's pointless because you are not ESET staff and you cannot confirm anything.
 

Link to comment
Share on other sites
sky7

sky7 19

Posted
Posted

You are just jumping another issue.
ESET doesn't confirm they collect Customer's local IP address or not.
We are not sure.
It's pointless to discuss collecting data is really necessary or not, safe or not at this point.

Point is transparency.  

Is the Customer's local IP address transmitted?

They say they don't hide anything. Why don't they confirm my simple question?
They can answer Yes or No
I don't ask safety of data and how they manage collecting data.


PS. I'm going to PM Marcos and wait his answer.
 

Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted

Why didnt you just PM in the beginning instead of making all this mess personal and public.

 

Your question is silly, i didn't say you were.

You need to calm down. Take a chill pill.

 

Go attack ESET in PM's not on this forum. Quit attacking me too.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...