Is your ANTIVIRUS spying you ?

1.    Now as the Cyber Crime grows exponentially,so has the world of antivirus companies....the list is pretty endless....now how do all these antivirus companies work.Do they all research separately and develop separate signatures for each virus/malware found or do they have such common platform or standard wherein they share each others views and technologies.As I see on Wiki about the list of antivirus companies,they originate in different countries.Details of the page showing a compare of all such antivirus companies can be seen here.Well....what I am going to discuss here is importance of the country origin.

2.  Lets say I have antivirus company by the name of ABC that has its origin and complete team of researchers and developers from India.Now there is a user in some XYZ Country that uses this antivirus.Now while installing the antivirus,while he accepts the terms and conditions(who reads it anyway?),who stops the ABC antivirus from issuing some malware/spyware for that user PC.In the scan it can not be detected since it is being scanned by the installed antivirus.Now with some vested interest, the ABC Company can actually play havoc with confidential info of the user without giving a cue to the user.Who knows what all signatures released by the company contain? Even while submitting a sample virus,it is done mostly in a encrypted or a bundled form!!!!

3. Although institutes like EICAR (European Institute for Computer Antivirus Research) are there,but they also do not have any control over such issues!!!!If any one  has some idea on the subject ...please let me know vide email or comment here.....

Blocking with a Hosts File : Another hardening step....

1.    How many of you know about the hosts file function in windows?It's a text file without a file extension that is intended to map IP addresses before accessing a domain name server to speed up the access. Now with the growing cyber concerns in the recent years,this mapping function is being additionally used to take a more preventative role in ad blocking and stopping spyware.This is located inside the >system32>drivers>etc folder.

2.   To explain it more simply When a address like http://www.bbc.co.uk/ is placed into your browser, the Hosts file is consulted to see if you have the IP address for this site. If you do, then you get directed to the site IP,but since most of the times it is not there,computer asks for the IP address from your ISP to find sites.

3.   It is here,that this function has recently been started to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. In many cases using a well designed HOSTS file can speed the loading of web pages by not having to wait for these ads, annoying banners, hit counters, etc. to load. This also helps to protect your Privacy and Security by blocking sites that may track your viewing habits, also known as  "click-thru tracking" or Data Miners. Simply using a HOSTS file is not a cure-all against all the dangers on the Internet, but it does provide another very effective "Layer of Protection".

4.   http://winhelp2002.mvps.org/ is one site that I found worth as the purpose of this site is to provide the user with a high quality HOSTS file.This includes a ready to download hosts file that can replace your existing hosts file likely to be empty.The hosts file is kept updated on a regular basis.As on date the last update was available for 28th Feb 2012.So this site has a list of known ad and malware site IP addresses that are redirected at 127.0.0.1.The site advertises saying " THERE IS NO PLACE LIKE 127.0.0.1.

5.   Do visit http://winhelp2002.mvps.org/ and http://winhelp2002.mvps.org/hosts.txt to download the subject file.