1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

"Trend Micro, Inc." Apps caught stealing and uploading browser history

Discussion in 'ASUSWRT - Official' started by XIII, Sep 9, 2018.

  1. XIII

    XIII Very Senior Member

    Joined:
    Feb 27, 2014
    Messages:
    560
    umarmung likes this.
  2. Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!
  3. HowIFix

    HowIFix Guest

    Joined:
    Jul 17, 2018
    Messages:
    261
    v384.6 Now sharing data to Trend Micro?

    This happens when you accept the terms:
    https://www.snbforums.com/goto/post?id=418913#post-418913

    Information and personal data for using and interacting with Trend Micro’s products and services

    You provide the following types of information and personal data when you use and interact with our products and services, including customer support. The specific information and personal data that you provide will depend on the particular product or services used. Providing these types of information and personal data enables you to participate, share and leverage Trend Micro’s global database of threat related intelligence to rapidly identify and defend against potential threats within your unique network environment, as described in more detail below as well as enabling us to provide support that you request.
    • Product information, such as MAC address, device ID,
    • Public IP address of the user’s gateway to the Internet
    • Mobile/PC environment
    • Metadata from suspicious executable files
    • URLs, Domains and IP addresses of websites visited
    • Metadata of client/device managed by gateway product
    • Application behaviors
    • Customer behavior [See Hedwig]
    • Information from suspicious e-mail, including sender and receiver email address, and attachments
    • Detected malicious file information
    • Detected malicious network connection information
    • Debug Logs
    • Network Architecture/Topology
    • Screen capture of errors
    If you do not want to provide personal data to Trend Micro, please refer to your product documentation for further details on how to disable those features that collect and send feedback to Trend Micro, if applicable.


    How does Trend Micro use the data that you provide to us?


    We may use information that you provide to us for other business purposes, including:
    • Internal record keeping
    • Compliance with the law and requests from government bodies
    • Product and service development
    • Keeping you informed about our products, services and promotions
    • Provide customer support, manage subscriptions, and respond to requests, questions, and comments
    • All the personal data stated above are necessary to enter into the contract with Trend Micro and to use Trend Micro’s products and services so that you are obliged to provide such personal data, otherwise, we can neither perform our contract with you nor provide our products and services to you.

    Trend Micro Source:
     
    Last edited: Sep 9, 2018
  4. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    13,303
    Location:
    San Diego, CA
    this pops up from time to time... the Mac/iPhone community is a bit concerned at the moment, as there was an app that cloned another app for ad-blocking, and did share data to a server in China - but this has nothing to do with Trend-Micro.

    Trend-Micro - I've personally had multiple business dealings with them at both an OEM and Telco Operator level - they are as reliable a partner as ProofPoint and CloudMark

    I've always found them to be above-board and ethical - yes, they collect information for development of their product, but it's silo'ed within their business, they don't export things for monetization.

    It's an opt-in for Asus device owners in any event - if you don't trust them, don't opt-in - simple enough...
     
  5. Zonkd

    Zonkd Regular Contributor

    Joined:
    Oct 19, 2014
    Messages:
    58
    Yes it is. Trend Micro built spyware into the unarchiving utility app they sold on the Mac App Store. The customer had to allow it access to their home directory so it could serve it's only purpose of extracting files. It abused the access priviledges to surreptitiously extract their browser data for... why?

    General talking points:
    1. Do we have more or less trust in Trend Micro after evidence they built spyware into a Mac utility app?
    2. Can Trend Micro claim they got proper informed consent from the user?
    3. Why was Trend Micro ballsy enough to sell it inside Apples walled garden Mac App Store?
    4. Will Apple punish them by refusing to let them sell on Mac App Store?
    5. Why has Apple failed to keep all this spyware out of the Mac App Store?

    And for our community, we may ask how comfortable we are accepting TM terms. Maybe some of us decide that we don't trust them enough to enable AiProtect features anymore.

    The app was Adware Doctor, an adware removal app. It was top-selling app in Mac App Store. The chinese creator deactivated it's web domains and stopped pilfering data soon after they got discovered, but Apple left it on their App store for a month. They pulled it down only now that it's shamed in the news.

    "The researchers found that Adware Doctor collects data about its users, particularly browsing history and a list of other software and processes running on a machine, stores that data in a locked file, and periodically sends it out to a server that appears to be located in China. (For what it's worth, they say it's also not a very good adware scanner.) All of these actions seem to violate the App Store's developer guidelines, but while Privacy 1st notified Apple about the concerns weeks ago, the app remains."

    https://www.zdnet.com/article/top-m...apple-app-store-steals-your-browsing-history/

    Do you feel more or less confident in making those assertions now? Regardless we can surely all agree that the Chinese spyware app is 100% relevant in any discussion we may choose to have about Trend Micro's behavior with spyware in their apps.
     
    Grisu likes this.
  6. Grisu

    Grisu Very Senior Member

    Joined:
    Aug 28, 2014
    Messages:
    1,079
    Here they dont even need any browser history, you agreed with them to send all those online for all devices.
    But whats the difference to google?
    They are good because sitting in US and the others are bad located in china?
     
  7. XIII

    XIII Very Senior Member

    Joined:
    Feb 27, 2014
    Messages:
    560
    The 9To5Mac article I quoted mentioned that there are other Mac Apps that also share data (without user consent) and that these are from Trend Micro.

    In fact, they posted an update today that confirmed that:
    However, a Malwarebytes blog post confuses me, as it seems to suggest that there might be a single person impersonating Trend Micro?
    I'd like to trust Trend Micro, but if it's indeed them collecting personal data without user consent I'm not sure I should...
     
  8. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    27,772
    Location:
    Canada
    And this is an EV certificate, which means it went through extended validation, confirming the identity of the owner of the domain. Unlike, say, a domain-validated certificate, where you can be anyone you claim to be. Unless the certificate authority is one of those shady ones (remember StartSSL?)
     
  9. dave14305

    dave14305 Occasional Visitor

    Joined:
    May 19, 2018
    Messages:
    18
    I've withdrawn consent until the FUD settles, relying on the "Trust No One" (TNO) mantra.
     
    Zonkd likes this.
  10. kvic

    kvic Part of the Furniture

    Joined:
    Aug 11, 2014
    Messages:
    2,258
    Location:
    22.4399N 114.2222E
    I hope you trust nobody in corporate world or simply treat it like anyone else. Looks to me Dr. X series are sub-brands of Trend Micro originated from its China operation and mostly marketing in Chinese markets such as China and Taiwan. Then it's no surprise drcleaner.com is registered in China by a person from China.

    I would make a wild guess it's a management oversight. Perhaps TrendMicro HQ isn't aware of it. I can't stop thinking CIA, NSA, GKB and the China counterparts. Hopefully it's not an operation from one of these. Anyhow, it's going to be an interesting story!
     
  11. XIII

    XIII Very Senior Member

    Joined:
    Feb 27, 2014
    Messages:
    560
  12. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    27,772
    Location:
    Canada
    Considering Trend Micro's field of expertise, I would say it would be critical for them to come forward with a public explanation. Third party developer gone rogue? Or bad corporate decision from a specific regional office (their Chinese ones)? For their reputation, I'd say it's critical for them to be transparent there.
     
    umarmung, Zonkd, Treadler and 3 others like this.
  13. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    13,303
    Location:
    San Diego, CA
    I would agree - full disclosure would be best - what's interesting to note is the ISP's can play a role in stopping things like this, as their network monitoring systems would flag traffic from many clients to a server outside of their network.

    I stand by what I said earlier - Trend Micro was an ethical company when I was dealing with them - times change, and maybe the current team has gone down a different path. I certainly hope not...
     
  14. XIII

    XIII Very Senior Member

    Joined:
    Feb 27, 2014
    Messages:
    560
  15. OzarkEdge

    OzarkEdge Very Senior Member

    Joined:
    Feb 14, 2018
    Messages:
    622
    Location:
    USA
    "This was a one-time data collection, done for security purposes (to analyze whether a user had recently encountered adware or other threats, and thus to improve the product & service).
    ...
    Trend Micro is taking customer concerns seriously and has decided to remove this browser history collection capability from the products. Trend Micro’s Windows products and enterprise products do not have this feature."

    Now that's funny... they're concern about Mac malware but not Windows malware! :D

    OE
     
    Zonkd likes this.
  16. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    27,772
    Location:
    Canada
    Grisu, Zonkd, Treadler and 3 others like this.
  17. dave14305

    dave14305 Occasional Visitor

    Joined:
    May 19, 2018
    Messages:
    18
    The Doctor will see you now...
     
  18. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    13,303
    Location:
    San Diego, CA
    Keep in mind - if you feel that second hand, it's not a finger :D
     
    Treadler, indark and dave14305 like this.
  19. somms

    somms Regular Contributor

    Joined:
    May 28, 2008
    Messages:
    175
    As one who has never enabled AiProtection, Traffic Monitor, ect on my AC86U (never agreed too pop-up prompts) I take it I should be 'safe' from any Trend Micro data mining?


    Suppose it would be impossible to remove this specific code to create a 'Trend Micro free build' due to the way Asus delivers the source to Merlin?
     
  20. coxhaus

    coxhaus Part of the Furniture

    Joined:
    Oct 7, 2010
    Messages:
    2,244
    Location:
    texas
    Trend Micro has saved my butt several times over the years. I trust them. Back in the old days we bought thousands of copies for a site license for many years. I think they are a good company. They also have excellent phone support.
     
  21. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    6,377
    Location:
    UK
    I do wonder (given that these are Mac-only products) whether Trend Micro just bought these apps from some other company and re-branded them as their own. Not that that's an excuse, but might explain why there wasn't much thought given to how they worked.
     
Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!