What Data Is Sent to Trend Micro For Each Of These Features?

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

xendi

Occasional Visitor
Hello wonderful people. Upon setting up a new router, I was confronted with the following message:

"By using AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS/Game boost, Web history, you agree to the Trend Micro End User License Agreement.

Please note that your information will be collected by Trend Micro through AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS and web history."

I see that there was a lengthy privacy debate about this over here. It's not my intention to rekindle that debate. However, what I would like to know is, what information is being collected for each service? Some of these features are potentially inherently extremely obtrusive. Under AI Protection we have:

Network Protection

  • Router Security Assessment
  • Malicious Sites Blocking
  • Vulnerability Protection
  • Infected Device Prevention and Blocking
Under Adaptive QOS we have "Web History" and of course there are Parental Controls along with a Traffic Monitor.

It's neither my intent to definitively say that Trend Micro is going to abuse my data; rather, I believe that a company who doesn't clearly tell you exactly what data each feature is going to be sending to them has already started on a road to abusing trust. Otherwise, I wouldn't have to post here. It doesn't matter what they intend to do with my data. What's important is what could happen to my data, regardless of their intent.

Features like QOS are standard and though I'm hesitant to not use it, I'm even more hesitant to blindly agree to send an ambiguous legalese definition of "Personal data" to Trend Micro. So that I might not be so blind in my trust, does anyone know what they're collecting for each feature? If I accept the agreement, does that mean they start collecting everything they can, regardless of which feature(s) I enable? Are any steps taken to anonymize my data? Companies like Mozilla and Google (At least in their open-source products) tend to use hashes and other anonymizing representations of data so as to sever the link between the user and the data. Is that being done here? Will my public IP address or device's MAC address be included with this data in their original forms?

To be clear, I have no interest in discussing what Trend Micro is or isn't allowed to do with my data. I care more about entities that might compel them to hand it over and unintentional leaks. I just want to know exactly what data they're getting for each feature, what form it takes, and so on. I'm also curious what role the VPN client might play in this (In terms of improving the situation), if any.
 
Last edited:

dave14305

Part of the Furniture
I don’t think anyone on this forum can answer your question since it’s a Trend Micro closed-source component licensed by Asus. Asus probably doesn’t even know exactly.
 

xendi

Occasional Visitor
I don’t think anyone on this forum can answer your question since it’s a Trend Micro closed-source component licensed by Asus. Asus probably doesn’t even know exactly.
If Asus were my company, I would care to know beforehand. If it turns out that nobody knows, maybe I can intercept the traffic and find out for myself. It's been a while since I've done something like that but I think I could.
 

Butterfly Bones

Very Senior Member
If Asus were my company, I would care to know beforehand. If it turns out that nobody knows, maybe I can intercept the traffic and find out for myself. It's been a while since I've done something like that but I think I could.
Wireshark
 

ATLga

Regular Contributor
Hello wonderful people. Upon setting up a new router, I was confronted with the following message:

"By using AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS/Game boost, Web history, you agree to the Trend Micro End User License Agreement.

Please note that your information will be collected by Trend Micro through AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS and web history."

I see that there was a lengthy privacy debate about this over here. It's not my intention to rekindle that debate. However, what I would like to know is, what information is being collected for each service? Some of these features are potentially inherently extremely obtrusive. Under AI Protection we have:

Network Protection

  • Router Security Assessment
  • Malicious Sites Blocking
  • Vulnerability Protection
  • Infected Device Prevention and Blocking
Under Adaptive QOS we have "Web History" and of course there are Parental Controls along with a Traffic Monitor.

It's neither my intent to definitively say that Trend Micro is going to abuse my data; rather, I believe that a company who doesn't clearly tell you exactly what data each feature is going to be sending to them has already started on a road to abusing trust. Otherwise, I wouldn't have to post here. It doesn't matter what they intend to do with my data. What's important is what could happen to my data, regardless of their intent.

Features like QOS are standard and though I'm hesitant to not use it, I'm even more hesitant to blindly agree to send an ambiguous legalese definition of "Personal data" to Trend Micro. So that I might not be so blind in my trust, does anyone know what they're collecting for each feature? If I accept the agreement, does that mean they start collecting everything they can, regardless of which feature(s) I enable? Are any steps taken to anonymize my data? Companies like Mozilla and Google (At least in their open-source products) tend to use hashes and other anonymizing representations of data so as to sever the link between the user and the data. Is that being done here? Will my public IP address or device's MAC address be included with this data in their original forms?

To be clear, I have no interest in discussing what Trend Micro is or isn't allowed to do with my data. I care more about entities that might compel them to hand it over and unintentional leaks. I just want to know exactly what data they're getting for each feature, what form it takes, and so on. I'm also curious what role the VPN client might play in this (In terms of improving the situation), if any.

Well to be fair, it does say in the Asus/Trend Micro EULA statement "Your Information Will Be COLLECTED":

"By using AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS/Game boost, Web history, you agree to the Trend Micro End User License Agreement.

Please note that your information will be collected by Trend Micro through AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS and web history."

I believe it is necessary to make certain features work. Malicious websites for example would need to have a collective data base kept of those for the AI to work for all users.

What is sent? I would assume all network traffic that doesn't match the whitelist on the router.
Regarding your vpn question; I think vpn traffic is protected by definition and Asus/Trend Micro can't see that data.
 
Last edited:

xendi

Occasional Visitor
Well to be fair, it does say in the Asus/Trend Micro EULA statement "Your Information Will Be COLLECTED":

"By using AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS/Game boost, Web history, you agree to the Trend Micro End User License Agreement.

Please note that your information will be collected by Trend Micro through AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS and web history."

I believe it is necessary to make certain features work. Malicious websites for example would need to have a collective data base kept of those for the AI to work for all users.

What is sent? I would assume all network traffic that doesn't match the whitelist on the router.
Regarding your vpn question; I think vpn traffic is protected by definition and Asus/Trend Micro can't see that data.
I've decided to ahead with wireshark in some of my off hours. I just have to figure out what the current practice is for doing an SSL MITM with Wireshark. If I can get that working, I just have to run it for a day, dump the packets to some files, and then sift through it all. It should be really interesting, regardless of the outcome. I really hope I like what I find. I'll keep the thread updated with results from the dumps.

Any suggestions for where to post it in article style? I'd rather do that than have it all in a thread. Maybe Medium or some other site.
 

Butterfly Bones

Very Senior Member
Wireshark is in Entware, install it on the router and run it there.
 
Similar threads
Thread starter Title Forum Replies Date
cooloutac ai trend micro protection vs vpn ASUS Wireless 22
Adreno Trend Micro features privacy concern. ASUS Wireless 9

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top