Jump to content

Question regarding privacy and EMSISoft


Recommended Posts

Hello EMSISOFT,

 

since AV-Software have full rights to our computers and we have a permanent network connection nowadays, AV software is also a potential security and privacy hole. I think about EMSISOFT in a positive way due to many reports (like the AV-C privacy report), but I want to know what's really happening under the hood privacy wise. Being a open source advocacy (who have to use a windows pc for some tasks) I'm very conscious when it comes to data privacy as I see it as a important part from a democratic society. Since I can't really check what's going on I have to rely on trust and I have the feeling that EMSISOFT could be my choice in this regard. Actually I see in these cloud protection parts from modern AV software as much as a potential security feature as I see it as a possibility to see what's on users computers due to transmitted hash files, which could be compared in a big data fashion .

 

 

1. Does the surf protection or any other part from EAM submit URLs to EMSISOFT when it is active ("checking URL in real time via network to a cloud")? Or is it just a list with malicious IP addresses locally on my PC that is checked?

 

2. Does any hashes from files or a file self is submitted to EMSISOFT without an visible user action in the background (for example: click on submit file)? That also means checking hash codes via cloud connection?

 

3. Are there any other possibilities that EAM could build profiles from users or leak/send user data to EMSISOFT?

 

4. Is the user account / software license connected to any other user data beside the license process self?

 

5. Is there any time span a PC have to go online to to validate the licence? I don't like systems like Adobes licence check, where you have to be online every 30 days or so to use your program. That said, it's clear to me that updates are important.

 

6. I guess any connection from the user PC to EMSISOFT via EAM is encrypted?

 

 

Kind regards

Link to post
Share on other sites

1. Does the surf protection or any other part from EAM submit URLs to EMSISOFT when it is active ("checking URL in real time via network to a cloud")? Or is it just a list with malicious IP addresses locally on my PC that is checked?

We don't perform cloud checking of URLs we visit. All block lists used by the surf protection are stored locally on your system.

 

2. Does any hashes from files or a file self is submitted to EMSISOFT without an visible user action in the background (for example: click on submit file)? That also means checking hash codes via cloud connection?

We never submit files without you clicking "Submit". File hashes may be shared with the cloud if you have agreed to participate in the "Emsisoft Anti-Malware Network" or if you have the community based alert reduction enabled in the behavior blocker. The first will essentially share rules you create with the cloud. The later will cause hashes of programs that caused a behavior blocker prompt to be shared with the cloud.

 

3. Are there any other possibilities that EAM could build profiles from users or leak/send user data to EMSISOFT?

That depends on your definition of user profile. The behavior blocker essentially has a picture of everything that is going on on your system. You could easily build a profile from that including all the websites you accessed for example. None of that information is shared with us though.

 

4. Is the user account / software license connected to any other user data beside the license process self?

It isn't.

 

5. Is there any time span a PC have to go online to to validate the licence? I don't like systems like Adobes licence check, where you have to be online every 30 days or so to use your program. That said, it's clear to me that updates are important.

It isn't. Your license is validated on every online update though.

 

6. I guess any connection from the user PC to EMSISOFT via EAM is encrypted?

No, it is not. We did encrypt the traffic in the past, but people complained that they can't look into what we are sending. So we stopped doing it a few years ago. We are considering adding optional SSL encryption. So people who want to see what our client software is exchanging with the server can continue to do so while people who prefer all exchanges to be encrypted can do that as well.
Link to post
Share on other sites

Thank you very much for your detailed answer. It was exactly that kind of answer what I was hoping for.

 

So If I check out of the "Emsisoft Anti-Malware Network" and "community based alert reduction" no user information is transferred over the net to EMSISOFT, beside the licence check with updates, right?

 

 

 
No, it is not. We did encrypt the traffic in the past, but people complained that they can't look into what we are sending. So we stopped doing it a few years ago. We are considering adding optional SSL encryption. So people who want to see what our client software is exchanging with the server can continue to do so while people who prefer all exchanges to be encrypted can do that as well.

 

I see and it's great that one could check the traffic. But when one would send malicious files or hashes to EMSISOFT this is a potential problem imho. Also MITM could be possible without any encryption or other mechanism. But I guess that's also a thing you have thought of?

 

ps: Kudos for the fast  answer. Love it to see that there are committed developers at work.

 

kind regards

Link to post
Share on other sites

I see and it's great that one could check the traffic. But when one would send malicious files or hashes to EMSISOFT this is a potential problem imho. Also MITM could be possible without any encryption or other mechanism. But I guess that's also a thing you have thought of?

Yes. Update listings etc. are digitally signed. So if the reply isn't from any of our servers, the client will just discard it.
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...