
Avast profits through sales of users’ web browsing habits - labase19
https://www.forbes.com/sites/thomasbrewster/2019/12/09/are-you-one-of-avasts-400-million-users-this-is-why-it-collects-and-sells-your-web-habits/
======
jp3141
See also
[https://news.ycombinator.com/item?id=21700117](https://news.ycombinator.com/item?id=21700117)

------
excalibur
> But recently appointed chief executive Ondrej Vlcek tells Forbes there’s no
> privacy scandal here. All that user information that it sells cannot be
> traced back to individual users, he asserts.

Not that anyone here needs this pointed out, but there's zero chance of this
being accurate.

~~~
bilekas
Yeah mapping the individual user has turned out to be rather trivial. There
have been numerous articles documenting this.. But apperantly, we privacy
conscious folk are just tinfoil hat folk

------
davidhyde
No such thing as a free lunch. You are the product with companies like Avast.
However, when I was poking around with websockets in my browser a few years
back I noticed that Kaspersky was opening websocket connections to their
servers and uploading full urls of whatever site I visited. They claim that it
was to check for malicious sites, such rubbish. THAT pissed me off because I
paid for my Kaspersky license.

I spoke to a colleague about it and he asked my why I didn't just use windows
defender. I said that it was not good enough and he asked why. These were the
days before most people started using it. His argument was that Windows
Defender was not advertised at all, nobody paid an army of bloggers to defend
it an big it up but that did not make it an inferior product. Why would
Microsoft make an anti-virus any less effective than a paid anti virus? I
really had no decent argument against it. I guess we just feel better about
something if we pay for it. Been using Defender ever since and never had a
problem. At least my antivirus doesn't automatically turn off when my credit
card expires and they can't bill me.

~~~
Agenttin
Microsoft bought Windows Defender. It used to be a paid antivirus.

> Windows Defender was initially based on GIANT AntiSpyware, formerly
> developed by GIANT Company Software, Inc. The company's acquisition was
> announced by Microsoft on December 16, 2004.

[https://en.wikipedia.org/wiki/Windows_Defender#History](https://en.wikipedia.org/wiki/Windows_Defender#History)

I've been using it exclusively for a decade.

~~~
davidhyde
Wow, I didn't know that. Thanks!

------
BickNowstrom
> But before it lands on Avast servers, the data is stripped of anything that
> might expose an individual’s identity, such as a name in the URL, as when a
> Facebook user is logged in.

How would this technically work? I can see this only if you manually created
rules for a website like Facebook. How could it know, besides some crude
heuristics, that the url:

    
    
        example.com/user-profiles/bick-nowstrom?u_idx=556677
    

contained my name and user id?

~~~
palant
It's complete bullshit, provably so. This is suggesting that the data is being
stripped of anything related to your identify locally, before being sent to
the server. But that's not the case, nothing is being removed, and anybody can
use Developer Tools to see it.

And as to anonymization on the server side, I haven't seen any evidence that
it exists and so far statements by insiders seem to confirm that there is
none. The privacy policy merely promises pseudonymization meaning that Avast
can keep the data as it is. Technically speaking, user's name isn't sent and
their user identifier is a pseudonym, so it already satisfies the
requirements.

------
PenguinCoder
Calling Avast a cyber security company is laughable.

------
netfl0
You get what you pay for. Another case of if it’s free, you’re probably the
product.

~~~
JadeNB
Having this kind of cynicism is probably a good guide to how to regard free
products, but I don't think it's a good reaction here: it gives the idea that
_predictable_ behaviour (a company selling your browsing history) is
_acceptable_ behaviour. We should still be outraged, _even if_ the behaviour
is predictable.

~~~
netfl0
Acceptable is relative. If you think it should be illegal, that is a different
discussion. I do not see how my prediction of behavior in anyway normalizes
the behavior or makes any value judgement of it for that matter.

If you think expressing outrage is the most productive thing to do here, we
may disagree.

~~~
JadeNB
> I do not see how my prediction of behavior in anyway normalizes the behavior
> or makes any value judgement of it for that matter.

I think that there's a difference between _prediction_ and _reaction_. I agree
that, before the fact, saying "it's not free; you're the product" may be
productive. However, _after_ the fact, saying "what did you expect? It was
free and you're the product" only implicitly normalises the behaviour,
compared to "that was predictable, but nonetheless is not OK."

(You didn't quite say either of these, but I read your response as being more
of the "what did you expect?" form. Of course, I might have been wrong!)

------
bilekas
Couldn't have expected it from a nicer company.

------
lousken
i wonder when they'll be classified as spyware/unwanted by others

