Is it possible that your antivirus software is spying on you?
Most people don’t consider this question because we innately trust antivirus vendors to protect our interests, but is that always the case?
Today, I decided to conduct a little experiment to see if one the world’s most renown antivirus vendors was worthy of being trusted; here’s what I discovered…
I don’t know about you but I like being in-the-know.
When car traffic unceremoniously slows to a crawl I want to know what’s going on?
- Is there a wreck?
- A pretty blond flirting with a cop? (I kid you not, this was actually the cause of a major interstate slow-down a few weeks ago)
My insatiable desire to know and understand the world around me compels me to understand software as well. When I’m installing an application on my PC, I want to know what’s going on behind the scenes.
I’m usually wondering:
- What files are being copied?
- What settings are being altered?
- What extensions are being added to my browser?
I decided today was a good day to take Avira for a test drive to see if it was worthy of my respect. I wanted to make sure it was still a credible option for Antivirus protection by making sure it wasn’t smuggling unwanted software into the installation process.
The entire installation was effortless although part of it was a little different than what I’m used to. Even though there’s a standalone installer that must be downloaded to the local computer, the entire setup process is actually facilitated through your web browser.
During the setup phase I was asked to install Avira SafeSearch. This is Avira’s browser extension designed to block access to malicious web sites.
I declined the offer and then checked my extensions and… yup confirmed it wasn’t there.
So far so good.
So I went back through the installer a second time but then noticed that it automatically added the Avira Browser Safety extension to Chrome anyway!
This was a little disconcerting because even though the plugin is probably a good thing to have, Avira should still prompt me before forcing it into the browser. Furthermore, the fact that the plugin has the ability to “Read and change all your data on the websites you visit” is worrisome.
Is it just me or does that seem a little intrusive?
Next, I wanted to make sure Avira wasn’t tracking my web activity and discreetly monitoring it without my consent.
There’s a program called Fiddler that will let you pry behind the web requests and see exactly the kind of data being sent to and from your PC.
With the Avira Browser Safety extension enabled, I typed in a few urls to see what would happen from a web requests perspective…
Popurls.com is shown in the screeneshot below. I was watching for suspicious HTTP requests to Avira’s servers; thankfully I didn’t find any.
The Bottom Line
My research was far from exhaustive and at best was only a cursory examination of Avira’s commitment to data privacy. Ultimately, I can’t find any cogent reasons to believe that Avira is secretly tracking my browsing activities. Fiddler showed no evidence of Avira doing this. The only fault I can cast against Avira is that it automatically installed the Browser Safety extension. Maybe this is just my fastidious need to know what’s going on at all times so perhaps I can’t even fault Avira for this.
To Avira’s credit, it didn’t enable the extension, it just installed it but I think it still would have been prudent to alert me before adding that extension to my browser.
Can you think of any unsavory antivirus programs out there that actually infect users with spyware? To the best of my knowledge Avira, is in the clear.
Let me know what you think in the comments.