What's new

What Data Is Sent to Trend Micro For Each Of These Features?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

xendi

Occasional Visitor
Hello wonderful people. Upon setting up a new router, I was confronted with the following message:

"By using AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS/Game boost, Web history, you agree to the Trend Micro End User License Agreement.

Please note that your information will be collected by Trend Micro through AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS and web history."

I see that there was a lengthy privacy debate about this over here. It's not my intention to rekindle that debate. However, what I would like to know is, what information is being collected for each service? Some of these features are potentially inherently extremely obtrusive. Under AI Protection we have:

Network Protection

  • Router Security Assessment
  • Malicious Sites Blocking
  • Vulnerability Protection
  • Infected Device Prevention and Blocking
Under Adaptive QOS we have "Web History" and of course there are Parental Controls along with a Traffic Monitor.

It's neither my intent to definitively say that Trend Micro is going to abuse my data; rather, I believe that a company who doesn't clearly tell you exactly what data each feature is going to be sending to them has already started on a road to abusing trust. Otherwise, I wouldn't have to post here. It doesn't matter what they intend to do with my data. What's important is what could happen to my data, regardless of their intent.

Features like QOS are standard and though I'm hesitant to not use it, I'm even more hesitant to blindly agree to send an ambiguous legalese definition of "Personal data" to Trend Micro. So that I might not be so blind in my trust, does anyone know what they're collecting for each feature? If I accept the agreement, does that mean they start collecting everything they can, regardless of which feature(s) I enable? Are any steps taken to anonymize my data? Companies like Mozilla and Google (At least in their open-source products) tend to use hashes and other anonymizing representations of data so as to sever the link between the user and the data. Is that being done here? Will my public IP address or device's MAC address be included with this data in their original forms?

To be clear, I have no interest in discussing what Trend Micro is or isn't allowed to do with my data. I care more about entities that might compel them to hand it over and unintentional leaks. I just want to know exactly what data they're getting for each feature, what form it takes, and so on. I'm also curious what role the VPN client might play in this (In terms of improving the situation), if any.
 
Last edited:
I don’t think anyone on this forum can answer your question since it’s a Trend Micro closed-source component licensed by Asus. Asus probably doesn’t even know exactly.
 
I don’t think anyone on this forum can answer your question since it’s a Trend Micro closed-source component licensed by Asus. Asus probably doesn’t even know exactly.

If Asus were my company, I would care to know beforehand. If it turns out that nobody knows, maybe I can intercept the traffic and find out for myself. It's been a while since I've done something like that but I think I could.
 
If Asus were my company, I would care to know beforehand. If it turns out that nobody knows, maybe I can intercept the traffic and find out for myself. It's been a while since I've done something like that but I think I could.
Wireshark
 
Hello wonderful people. Upon setting up a new router, I was confronted with the following message:

"By using AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS/Game boost, Web history, you agree to the Trend Micro End User License Agreement.

Please note that your information will be collected by Trend Micro through AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS and web history."

I see that there was a lengthy privacy debate about this over here. It's not my intention to rekindle that debate. However, what I would like to know is, what information is being collected for each service? Some of these features are potentially inherently extremely obtrusive. Under AI Protection we have:

Network Protection

  • Router Security Assessment
  • Malicious Sites Blocking
  • Vulnerability Protection
  • Infected Device Prevention and Blocking
Under Adaptive QOS we have "Web History" and of course there are Parental Controls along with a Traffic Monitor.

It's neither my intent to definitively say that Trend Micro is going to abuse my data; rather, I believe that a company who doesn't clearly tell you exactly what data each feature is going to be sending to them has already started on a road to abusing trust. Otherwise, I wouldn't have to post here. It doesn't matter what they intend to do with my data. What's important is what could happen to my data, regardless of their intent.

Features like QOS are standard and though I'm hesitant to not use it, I'm even more hesitant to blindly agree to send an ambiguous legalese definition of "Personal data" to Trend Micro. So that I might not be so blind in my trust, does anyone know what they're collecting for each feature? If I accept the agreement, does that mean they start collecting everything they can, regardless of which feature(s) I enable? Are any steps taken to anonymize my data? Companies like Mozilla and Google (At least in their open-source products) tend to use hashes and other anonymizing representations of data so as to sever the link between the user and the data. Is that being done here? Will my public IP address or device's MAC address be included with this data in their original forms?

To be clear, I have no interest in discussing what Trend Micro is or isn't allowed to do with my data. I care more about entities that might compel them to hand it over and unintentional leaks. I just want to know exactly what data they're getting for each feature, what form it takes, and so on. I'm also curious what role the VPN client might play in this (In terms of improving the situation), if any.


Well to be fair, it does say in the Asus/Trend Micro EULA statement "Your Information Will Be COLLECTED":

"By using AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS/Game boost, Web history, you agree to the Trend Micro End User License Agreement.

Please note that your information will be collected by Trend Micro through AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS and web history."

I believe it is necessary to make certain features work. Malicious websites for example would need to have a collective data base kept of those for the AI to work for all users.

What is sent? I would assume all network traffic that doesn't match the whitelist on the router.
Regarding your vpn question; I think vpn traffic is protected by definition and Asus/Trend Micro can't see that data.
 
Last edited:
Well to be fair, it does say in the Asus/Trend Micro EULA statement "Your Information Will Be COLLECTED":

"By using AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS/Game boost, Web history, you agree to the Trend Micro End User License Agreement.

Please note that your information will be collected by Trend Micro through AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS and web history."

I believe it is necessary to make certain features work. Malicious websites for example would need to have a collective data base kept of those for the AI to work for all users.

What is sent? I would assume all network traffic that doesn't match the whitelist on the router.
Regarding your vpn question; I think vpn traffic is protected by definition and Asus/Trend Micro can't see that data.

I've decided to ahead with wireshark in some of my off hours. I just have to figure out what the current practice is for doing an SSL MITM with Wireshark. If I can get that working, I just have to run it for a day, dump the packets to some files, and then sift through it all. It should be really interesting, regardless of the outcome. I really hope I like what I find. I'll keep the thread updated with results from the dumps.

Any suggestions for where to post it in article style? I'd rather do that than have it all in a thread. Maybe Medium or some other site.
 
Wireshark is in Entware, install it on the router and run it there.
 
@xendi
Do you get finally the answer to your question ? I have the same doubt before buying a new Asus router.
(Sorry for my poor english, I am French).
Thanks for your help.
Stéphane
 
The old security vs privacy debate. I think you're pretty safe using Trend, end of the day google, ms , facebook are all at it. If you want privacy dont use the internet.
 
You are right, but I think that it is important to know the type of data which are collected by trend .... In a ideal world, I prefer that Trend says "ok, we collect these data and we modify them to be ananymous : we need these for theses reasons ...".
In general, if the things are crystal clear and correctly explain, there is no problem, but when it is not the case, this is différent.

I do not use ms, facebook and google for theses reasons ... there are a lots of alternative.
 
You are right, but I think that it is important to know the type of data which are collected by trend ....
Trying to packet sniff the data and reverse engineer it's meaning is pointless IMHO. Even if you recognise some of the data what's to say that Trend Micro won't change it next week, next month or next year? Only Trend Micro can give you the answer. You either trust them (just like any other anti-virus company) or you don't.
 
You are right, but I think that it is important to know the type of data which are collected by trend .... In a ideal world, I prefer that Trend says "ok, we collect these data and we modify them to be ananymous : we need these for theses reasons ...".
In general, if the things are crystal clear and correctly explain, there is no problem, but when it is not the case, this is différent.

I do not use ms, facebook and google for theses reasons ... there are a lots of alternative.
Even if you don't use Windows, or the main facebook and google sites, their plugins and cookies are everywhere, and I mean everywhere, mobile phones etc.

For me I have Trend Fully on, Skynet Firewall, Adguard Blocker over the network, Firefox fully updated with Ublock Origina and Quad9 dns. I believe that's pretty safe.

Trend's EULA is pretty standard stuff just to cover their butt. I do believe you and the op are being a little over cautious, I mean of the billions of people online I am sure neither of you are that interesting (not meant offensively)

To be fair I was the same when I first agreed to the EULA, but then I read Merlins thread above ^ and relaxed. I am glad I am using Trend as it has blocked several phishing sites, and detected malware on peoples phones that I have since removed.
 
For Network Protection I understand why TrendMicro needs data collection. I don't understand why Web History needs data collection agreement.
 
Similar threads
Thread starter Title Forum Replies Date
F Flex qos without trend micro ASUS Wireless 9

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top