Archive for Trend Micro

Trend Micro Claims It Didn’t Steal User Data…. Then Back Pedals On That Claim

Posted in Commentary with tags on September 11, 2018 by itnerd

Well, Trend Micro has finally decided to respond to the firestorm that erupted on Sunday when it was discovered that some of their macOS apps were stealing the browser histories of users. And then the apps in question were promptly banned by Apple. Via a blog post, Trend Micro denied this…. Sort of:

Reports that Trend Micro is “stealing user data” and sending them to an unidentified server in China are absolutely false.

Trend Micro has completed an initial investigation of a privacy concern related to some of its MacOS consumer products. The results confirm that Dr Cleaner, Dr Cleaner Pro, Dr. Antivirus, Dr. Unarchiver, Dr. Battery, and Duplicate Finder collected and uploaded a small snapshot of the browser history on a one-time basis, covering the 24 hours prior to installation. This was a one-time data collection, done for security purposes (to analyze whether a user had recently encountered adware or other threats, and thus to improve the product & service). The potential collection and use of browser history data was explicitly disclosed in the applicable EULAs and data collection disclosures accepted by users for each product at installation (see, for example, the Dr Cleaner data collection disclosure here:  https://esupport.trendmicro.com/en-us/home/pages/technical-support/1119854.aspx). The browser history data was uploaded to a U.S.-based server hosted by AWS and managed/controlled by Trend Micro.

Well, that’s a crappy response which I am sure didn’t exactly win hearts and minds. Because sometime later they updated the blog post with this:

We apologize to our community for concern they might have felt and can reassure all that their data is safe and at no point was compromised.

We have taken action and have 3 updates to share with all of you.

First, we have completed the removal of browser collection features across our consumer products in question. Second, we have permanently dumped all legacy logs, which were stored on US-based AWS servers. This includes the one-time 24 hour log of browser history held for 3 months and permitted by users upon install. Third, we believe we identified a core issue which is humbly the result of the use of common code libraries. We have learned that browser collection functionality was designed in common across a few of our applications and then deployed the same way for both security-oriented as well as the non-security oriented apps such as the ones in discussion. This has been corrected.

So I guess that the accusations weren’t completely false if Trend Micro backpedaled like this. I guess the optics just didn’t look too good. But they didn’t really answer the questions that need answering. Such as how pervasive was this practise? Were they doing this on their corporate line of products? How can we trust Trend Micro given all that is gone on? If Trend Micro really wants to address this, they need to be a transparent as possible. Otherwise, people will simply take their money elsewere.

Advertisements

Cisco To Bundle Trend Micro Security Into Consumer Routers

Posted in Commentary with tags , on February 18, 2009 by itnerd

Cisco via its Linksys brand wants to protect you from the bad guys that are lurking on the Internet. To that end, they’ve signed a deal with Trend Micro to stuff their technology into Linksys routers:

This multi-layered security offering helps provide network protection for family PCs and other home-network devices, such as online game consoles, Wi-Fi enabled phones, and personal media players. This collaboration has led to the introduction of Home Network Defender, an Internet security service from Trend Micro that features Safe Web Surfing capabilities, parental controls, and user-activity reporting embedded on select Linksys by Cisco wireless-N home routers. Home Network Defender helps to detect and eradicate Web threats such as online fraud, scams, phishing schemes, predators and viruses before they enter the home network.

I have to admit that this is a great idea. I find that most users don’t do enough to protect themselves from online threats until something bad happens. So having protection like this at the edge of your home network and making it easy to implement pretty much guarntees that nothing bad will happen.

Watch for products with this technology to start appearing on store shelves shortly.