Nonsense.
(fuller refutation in earlier post)
Jo, you may be right. When I first posted about PC Audit I had no doubts
about it. However, the post by Tony Brezovski referring to Symantac's
findings made me doubtful. [...]
Jo, you may be right, but the opinions of others would be appreciated, and
if and when they back you up accept my apologies.
It doesn't matter if PC Audit is Spyware or not. I wouldn't touch this
program with a long pole, even if I had done a in-depth disassembly and
debug-trace of this program. (Which I neither have nor be willing to
do, because this program isn't worth the tiniest bit of effort.)
Security is a *very* sensitive area. If security-software bases its
analysis on (partially) sensitive data sent to a server with unknown
(to-be-trusted) security status over an insecure (not encrypted) line,
than the programmers of such software are either malevalent, careless,
or feckless. (Or all of these at the same time...)
The only acceptable approaches for such a scenario (I can currently think
of) would be:
a) An open source client and an open source server are provided to do
the whole test (after looking through the source) between two *trusted*
computers. - Preferably between computers of a separate network (not
connected to the internet). Using *non-sensitive* data *and* using a
high encryption during the transfer, if the transmission of low-level
sensitive data can't be totally omitted. (For which I *can't* think
of any acceptable cause, by the way...)
b) The software collects all needed data offline and shows a detailed
list of (possible) vulnerabilities. After that it writes all data
to a file (maybe a *.zip-archive if a couple of files and directories
needs to be addressed), and creates a Hash of this data using a
*well documented* algorithm, which *does not allow* any conclusion
about the original data. After that it requests the user to connect
to the internet and *only* sends this Hash, to prove the capability
to sent data. It is even questionable, whether it is necessary to
send a Hash at all. Even a simple text string would do... If (for
what reason ever) the data to be sent has to be a *file*, which
maybe even has to currently be inside a system folder, than a well
recognizable file provided (installed) by this security-program
will do.
Installation and deinstallation must be straight-forward. So it
*must not* be questionable, whether all components are removed. If
a program follows these rules it could be easily monitored on
(de)installation, execution, and (with a packet filter) on access
of the net.
To all readers/contributors of this group:
*Please*, don't let the standards of our security-awareness be lowered
by such software calling itself 'security'-tools! Even the 'tests',
some have posted here, show nothing then a *severe* lack of this
state of mind. Sorry, if this sounds rude. But this topic is too
sensitive to deal with it the smooth way... :-(
BeAr
