Surveying Practices of 17 AV Firms
Questions ISMG posed to the AV companies:
Quote:
1) What steps do you take to secure suspicious file samples when they are transmitted from a user's PC to your researchers? For example, are all such communications encrypted?
2) Could outside attackers eavesdrop on those communications, and if so, how? What defenses are in place to prevent this?
3) Do you ever share copies of these files with VirusTotal, law enforcement agencies, or intelligence agencies domestic or foreign?
4) For a user, is sharing suspicious files with your researchers optional? If so, do users "opt in" - or must they "opt out"?
5) Do you anonymize the source of suspicious files, and if so, how (and at which point[s] in the submission chain)?
6) Has your firm engaged in any marketing that suggests that Kaspersky Lab products are not reliable, and does it have any hard evidence - aside from U.S. media reports - that cite anonymous sources) to back up these assertions?
See here for the answers.
Interestingly, all of the UK and US AV firms declined to comment their practices.