Where is Your Antivirus Made?
Recently, I ran across a new free antivirus program that scored well on Virus Bulletin’s detection tests. I was about to download it for a thorough review when I discovered it’s made in China. That got me thinking: does it really matter where antivirus software is made? Are the good guys who defend us against bad guys all completely good? Can we trust them implicitly just because they make antivirus software and get it tested by independent labs? Well, it seems we do. But should we? Read on...
Is Your AntiVirus Made in China?
The new anti-virus software that I came across is called Tencent PC Manager, even though it doesn’t cost a dime. But I hesitated when I saw that it was made in China. So I did a little digging, to find out where the other popular internet security tools come from. The results of my trip around the world may surprise you...
Bloomberg News recently published an article suggesting that Moscow-based antivirus developer Kaspersky Lab is a tool of Russia’s FSB, the equivalent of the USA’s National Security Agency. As rather weak “evidence,” Bloomberg claims that founder/CEO Eugene Kaspersky shares a public sauna with Russian spies; replaced a top executive with someone who was drafted into the Russian border patrol years ago; and ordered the company’s Japanese distribution partner to destroy retail packaging that used the untruthful slogan, “A Specialist in Cryptography from KGB.” The implication is that you can’t trust Kaspersky security products; they might very well be spying for the Russian government.
Eugene Kaspersky destroyed Bloomberg’s article on his blog, pointing out numerous errors that could have been avoided easily. His implication, serious or not, is that Bloomberg is the NSA’s tool, attacking Kaspersky Lab for its part in exposing NSA-sponsored cyberespionage campaigns.
Other antivirus software is made in countries that are not exactly staunch allies of the USA. Tencent is China’s biggest Internet services and software provider. But when it comes to spying, no country is off-limits to any other country. BitDefender is Romanian. Avast comes from the Czech Republic. Avira and GDATA are made in Germany. AVG is Dutch. Trend Micro is based in Tokyo. Bullguard and Comodo are British. Checkpoint comes from Israel. ESET is Slovakian. Their governments are as likely to spy on friends and foes alike as Russia or China.
If you insist on an American-made antivirus program, there's PC Matic, which proudly advertises that fact in television commercials. McAfee, Norton, Fortinet, Webroot and Vipre are also based in the USA. Oh, and of course, you have Microsoft Security Essentials and Windows Defender (included in Windows 8). If you want both FREE and made-in-America, Fortinet's FortiClient and the two Microsoft products mentioned above are the only freebies I know of that meet those criteria.
Who Can You Trust?
According to Edward Snowden, the busiest busybody on Earth is the good old USA. And truth be told, unless the source code is available for scrutiny, we have no assurances that even "Made in America" antivirus products aren't keeping tabs on what we do online. I don't have reason to believe that any of them are, but that's just the nature of proprietary software.
So “country of origin” is not necessarily a useful litmus test of antivirus software’s trustworthiness. My hesitancy over Tencent’s Chinese heritage was an kneejerk association of “Chinese” with “hackers.” China is the number-one source of hacker attacks upon U. S. computers, but it’s unclear how many of those hackers work for the Chinese government, let alone Tencent.
As Eugene Kaspersky explains in his blog post, trust is dependent upon transparency. “We’ve nothing to hide,” he wrote, “we’re in the security business and to be successful in it you have to be open to scrutiny.” Kaspersky software’s source code is made available to large customers; if there were any backdoors or spyware in it, they would have been exposed long ago.
As for the likelihood that your antivirus software is "phoning home" any of your personal or private data to the corporate mothership, you could install a firewall that monitors for or blocks outbound data flows. But that requires a few geek badges.
The average consumer hasn’t the time or expertise to thoroughly examine source code, or analyze outbound data packets. But it’s pretty easy to learn if an antivirus developer has submitted its products to independent testing labs such as AV Comparatives, AV Test, or Virus Bulletin. If not, I would steer clear of it.
For the present, I'll continue to use my free Avast antivirus software. The company has offices in the Czech Republic, Germany, China, South Korea, Taiwan, and (whew) the United States of America. What's your opinion? Is the geographic origin of your antivirus software important to you? Post your comment or question below...
This article was posted by Bob Rankin on 21 Apr 2015
|For Fun: Buy Bob a Snickers.|
The Shocking Truth About ESD
The Top Twenty
Geekly Update - 21 April 2015
There's more reader feedback... See all 60 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Where is Your Antivirus Made? (Posted: 21 Apr 2015)
Copyright © 2005 - Bob Rankin - All Rights Reserved