Recently an open letter from Bits of Freedom, a group comprised of 24 digital rights organizations and academics, including the Electronic Frontier Foundation (EFF) in the US and Netzpolitik.org in Germany, was sent to security software vendors. AVAST did not receive the letter “officially,” although our company was listed among the vendors.
The purpose of the open letter was to request a clarification of our policy on the use of software for the purpose of government-sanctioned surveillance of its citizens. In other words, do we look the other way when governments or law enforcement agencies install malware on private citizens’ personal computers to collect data?
It has become very clear that governments will do anything to gain access to as much information as possible,” says Bits of Freedom’s Ton Siedsma. “Requests like these, coming from law enforcement agencies or secret services, lower the general level of protection of all users of antivirus software. The software isn’t just used by suspects, but by all of us. This is something to be very concerned about, so we have asked the antivirus software vendors for transparency on this matter.
AVAST’s Chief Technology Officer, Ondřej Vlček, responded to their questions:
1. Have you ever detected the use of software by any government (or state actor) for the purpose of surveillance?
Yes, we have had incidences where it became apparent that software our programs detected was in fact surveillance software. Although it’s not always 100% clear who is behind this, in some cases we had reasons to believe that it was distributed by government institutions.
2. Have you ever been approached with a request by a government, requesting that the presence of specific software is not detected, or if detected, not notified to the user of your software? And if so, could you provide information on the legal basis of this request, the specific kind of software you were supposed to allow and the period of time which you were supposed to allow this use?
No. We have never been approached by any government agency, but we also don’t think that this realistically would ever happen. It would be very risky for a government agency to ask antivirus companies to ignore and not detect their malware. They can’t expect that security companies would keep this information to themselves; this would therefore risk the news about their malware getting leaked to the media faster than they can think.
3. Have you ever granted such a request? If so, could you provide the same information as in the point mentioned above and the considerations which led to the decision to comply with the request from the government?
No, we have never granted such a request.
4. Could you clarify how you would respond to such a request in the future?
The security and privacy of our users has been the core of our business for 25 years. Whenever we detect malware, regardless of its origin or type, we always protect our users. This includes malware from governments and official institutions – if we detect the malware, no matter the origin of the creator, we create a solution to protect our users.
PRIVACY. It’s the word of the year from dictionary.com. With reports of the NSA turning the internet into a vast surveillance platform, FBI agents and hackers monitoring citizens through home appliances, web-browser tracking cookies multiplying like rabbits, and information you post to social networking sites yourself, the loss of individual’s online privacy and the extensive access of personal data became a mainstream topic in 2013.
In an interview about security issues with SC Magazine, Vincent Steckler, AVAST’s CEO said that the next aspect of security that needs consideration is privacy. Both consumers and corporates are going to need social media protection capabilities, including checking of links for malware, better control of privacy settings, and control over apps. That goes for tracking in browsers as well.
Abandon all privacy, ye who enter here
Ondřej Vlček, AVAST’s Chief Technology Officer, agrees. “’Do not track in browsers’ doesn’t really work,” he says. “It’s up to the servers whether to adhere to [the HTTP Do Not Tracker header] or not. Most commercial services don’t adhere to it.”
Raise your hand if you use your smartphone to surf the web, compare prices, or buy movie tickets? (That looks like most of us.) Lots of people don’t realize that mobile brands, apps and websites ‘track’ their online movements. Vlček said there are plug-ins that remove things like tracking from ad networks, analytics services or Facebook’s Like buttons without breaking the service. He suggests this approach is an important piece of the puzzle for privacy protection.
On September 30th, Facebook introduced changes on the New Graph Search. Currently available only on desktops, it will be rolled out in phases. Since its release in January 2013, Graph Search has gone through a great transformation. Users are now allowed to search for status history, images, check-ins, comments - basically anything. The goal is to provide users with enhanced search options, so they can find interesting information without leaving the social network.
How does Facebook Graph Search work?
The top search bar works similarly to a browser search engine. The exception is that it searches within Facebook itself and requires specific search commands to make your search successful. For example, imagine you are a passionate bowler. You would like to set up a bowling team, however you don’t know any fellow bowlers in your hometown. Now you can log in on Facebook and search using the following search terms:
People who checked in at Bowling Alleys in Los Angeles, California
You will see all your friends who may have gone bowling without your knowledge, as well as other people, you may or may not know, who checked in. You can interact with them and, for example, establish a Facebook Interest group, to finally create your dream bowling team.
Another example: You love to travel and you would like to investigate places you are planning to visit ahead. Search for:
Images taken in Rio de Janeiro, Brazil
to preview all public pictures of the place you want to visit. Moreover you can see the comments, recommendations, and tips from others. A final example:
TV shows my friends who live in Dallas, Texas like Read more…
Don’t talk to strangers.
Look both ways before crossing the road.
These little warnings given to children by moms everywhere are meant to make them aware of their surroundings. Even when we’re grown, we still follow these suggestions. In anticipation of National Cyber Security Awareness Month and the European Cyber Security Month, we asked AVAST users for cyber awareness tips and gave prizes for those we found most valuable and those that others voted for.
During round 3 of our #SecurityTip contest, we asked about safety on social media,
Congratulations to Ajla H. of Bosnia and Herzegovina who wrote the winning tip:
I would recommend my friends to learn how to use privacy and security settings on social networks, because then they can control who sees their posts and control who can contact them. I would also recommend them not to post pictures they wouldn’t want their parents or future employers to see. And my last tip is to keep their personal information to themselves so no one can steal their identity.
Ajla receives a Nexus 7 tablet and a 1-year license for avast! Internet Security. A 1-year license for avast! Internet Security went to five participants also asked their friends to vote for their tip. Congratulations to:
- Guylaine H. from Canada
- Syed A. from Pakistan
- Jeff A. from Costa Rica
- Tanveer A. from Pakistan
- Kelvin I. from Philippines
Thanks to all our Facebook fans who added their security tips each week. These are valuable suggestions for cyber awareness that we will continue to share with others.
During this month, we’ll talk more about cybersecurity with AVAST experts and share tips that you can adopt and share. For all the latest news, fun and contest information, please visit our blog often and follow us on Facebook, Twitter and Google+.
Recently, we have seen many Facebook posts with links leading to applications called Give Hearts, Drink It Up and Daily Horoscope. The applications are very popular – they have over 5 million monthly users – and are managed by the same provider called App Discovery Engine. The posts attracted my attention because they seem to be posted automatically. The entire post consists of the URL which contains quite long text separated with ‘+’. (Later we will see that the text is a horoscope that you see on the page of the application).
To begin investigating these apps I follow the link leading to the Give Hearts application. It redirects me directly to the application. But before I can use it I am asked to grant Give Hearts access to information on my Facebook account like my email or friend lists.
Millions of users access social networks every day in order to share, engage, and look for information as well as entertainment. The transparency of social networks come with a risk and we very often expose ourselves to hackers and scammers that can take advantage of information we share. Social platforms constantly improve security and privacy settings, to deliver a safe experience to the users, but who has time to follow all this news? Well, you can relax and rely on us. AVAST specialists are here to deliver this information in an accessible way.
Last month we prepared a security and privacy update following the most important changes on Facebook, Twitter, and Pinterest. Check what has changed since than to enjoy a secure social media experience!
At the end of August, Facebook chief privacy officer Erin Egan published an official blog post, as a response to rumors and extensive discussion on the company’s Data Use Policy. One of the biggest concerns were related to how Facebook displays our data to its clients advertising on the social network. Currently pages can target us even by our name.
Advertisers may also be able to reach you on Facebook using the information they already have about you (such as email addresses or whether you have visited their websites previously).
#AVASTtip: There is not much space for us users to really influence it, but Facebook is open to user feedback. If you would like to comment or express your opinion, you can do it here .
It’s easy and fast to download apps to your smartphone. They do everything from identify a song you just heard to turning your phone into a flashlight. But there are secrets lurking beneath the fun apps. See how knowledgeable you are about the risks associated with free and paid apps for your smartphone. Answer the question, then read on to check if you were right.
1. Which is riskier?
- Free mobile phone apps
- Paid mobile phone apps
If you chose free mobile phone apps, then you are correct. Overall, 83% of the 100 most popular apps are associated with security risks and privacy issues, according to a new analysis by Appthority. The interesting point this study make is that these aren’t just any old apps, these are the games, productivity, and communication tools created by major publishers like Disney, Entertainment Arts, and Rovio. Analysts also found that paid apps aren’t as safe as you think. While 95% of free apps exhibited at least one risky behavior, so did 78% of the top paid apps.
TIP: avast! Free Mobile Security identifies potential privacy risks, by scanning and displaying access rights and the intent of your apps, so you know how much info you are really providing to each app. Read what Consumer Reports says about avast! Free Mobile Security.
2. Which is safer?
- Apple’s mobile ecosystem
- Android’s “open” platform
Millions of users access Social Networks every day in order to share, engage, and look for information as well as entertainment. The transparency of social networks come with a risk and we are very often expose ourselves to hackers and scammers that can take advantage of information we share. Social platforms constantly improve security and privacy settings, to deliver a safe experience to the users, but who has time to follow all this news? Well, you can relax and rely on us. AVAST specialists are here to deliver this information in an accessible way.
Last month we warned you against the four sneakiest Facebook scams. Now we have a summary of the latest security and privacy related news. Check it out and enjoy a secure social media experience!
At the end of July, Facebook announced that it will migrate all users to the https connection. HTTPS - Hypertext Transfer Protocol Secure is a communication protocol primarily used to ensure a safe internet connection. For Facebook users, this means a safer experience, when communicating between a browser and Facebook servers.
Facebook first offered it to users in 2011, as an optional setting. However from now on it will be a default one, so the good news is that you don’t have to change any settings.
Now this is what you will see in your browser, when accessing Facebook.
New anti-bullying features on Facebook
During the last week of July, Facebook announced that,
Child psychologist Marc Brackett, director of the Yale Center for Emotional Intelligence, is working with Facebook to develop what he says is the first emotionally-intelligent bullying prevention system on a social network.
Whether on business travel or vacation, you don’t want to worry about the security of your devices when you connect to the internet. Using a WiFi network in a café, airport, or hotel is a serious security risk that requires additional protection to secure your data and computer.
avast! SecureLine VPN is now completely integrated into all of AVAST’s free and premium products. Here’s the top 6 reasons why you should use avast! SecureLine VPN:
1. Hides your data from thieves – avast! SecureLine VPN encrypts your public WiFi communications. That means that someone snooping on you will see a bunch of gibberish instead of your email, files, passwords, etc.
2. Keeps eavesdroppers from listening to your VOIP calls – avast! SecureLine VPN makes your voice or video conversations through the internet using Skype or Viber, for example, safe and secure by encrypting your conversation. This allows you to talk to people without fear of being eavesdropped on by cybercrooks, your ISP, and even the government! Read more…
In the coming weeks, secure.me will be fully integrated into AVAST and even get a new name, but you will still enjoy the safe and carefree online experience that you have grown to appreciate. If anything, it will be enhanced through the joint powers of AVAST and secure.me.
We invite you to continue your relationship with secure.me here on AVAST. Become an AVAST fan, follower, and blog reader to stay informed about the latest in security and privacy. As you make the transition with us, we ask that you take a look around, and give our famous avast! Free Antivirus or one of our premium paid products, avast! Pro Antivirus, avast! Internet Security, or avast! Premier a try. You can compare products here, and look for deals at the avast! Store.
Thank you and welcome to AVAST!