Webroot hiring NSA Spooks?

@DoctorPC I coulnd't agree with you more! This is an extremely serious topic. The tinfoil hat comment does indeed degrade us as a people. The US establishment has branded conspiracy theorists as whacko's for a very long time. It has been a brand that once made trivializes the importance of a critical issue. Now years later Snowden happens and the conspiracy theorists are proven correct. In defense of the conspiracy theorists of the world I quote a much-cited 1995 Supreme Court ruling in McIntyre v. Ohio Elections Commission:

"Protections for anonymous speech are vital to democratic discourse. Allowing dissenters to shield their identities frees them to express critical minority views . . . Anonymity is a shield from the tyranny of the majority. . . It thus exemplifies the purpose behind the Bill of Rights and of the First Amendment in particular: to protect unpopular individuals from retaliation . . . at the hand of an intolerant society."

In this case the unpopular individual is the conspiracy theorist. So when Triple Helix states "I gave the Official Release and if you read it and if people can't take a joke then you shouldn't posting here geees." I am forced to include his comments into the ranks of the "tyranny of the majority".

@Triple Helix you have entered into an area that many American citizens are passionate about. I have a strong suggestion. Don't attempt to trivialize a bad hiring decision when American companies are starting to go belly up due to even a remote connection with the NSA. Billions are going to be lost due to Snowden's patriotism. Cloud services are going to be the strongest hit. Anti-Virus/Malware companies are by no means exempt. I think what is happening in this thread is we are witnessing the end of privacy and your comments trivialize those concerns. It is not a good business model in the frenzied atmosphere post Snowden. Sorry, I cannot afford as an American citizen to take your brand of humor as a joke.

 

Quite honestly the paranoia and conspiracy theory side of this make me, as a non American, frankly ROFL... sorry but that is just the way it is... for me at least.

 

It might behoove TH to simply and sincerely apologize for his tinfoil remark, and allow the focus of the thread to return to what the OP had in mind.

 

Bad decision? Are you saying that he doesn't do he's job in the Marketing Department good enough and someone else could do it better?

 

I generally like to be called a 'realist'.

7 or so years ago a client I was working with to secure their systems, and home.. We found their web cameras, from the manufacturer were sending snapshots from the webcam to an IP address everytime the screensaver fired off.

Everyone I brought this up to claimed it was impossible. Yet I had evidence to prove it.. Then a few years later 'rampant' remote activation of cameras was revealed in the mass media. New PC's shipped from some retailers were revealed to have remote camera snapping software installed. Then Snowden files revealed the NSA 'intercepts' PC deliveries, and installs hardware/software to commandeer systems. (along with remotely activating cameras) Incidentally, my client was a politician that insisted someone was electronically stalking him, trying to keep him out of a well known political race.. I wish I had a dime for everytime someone mentioned tin foil hat to me, and later I proved correct.

So moving on.. Webroot replied to this, however an 'official' statement might be nice, and perhaps a followup with a strong privacy policy. Then we can move on to something else.

 

This might be good for you to read: https://www.wilderssecurity.com/showpost.php?p=72229

And my apologies for my comment to who ever took offence.

Thanks,

TH

 

Ah, nothing like a little sage advice sprinkled on top...

 

I am saying his connection with the American National Security Agency is enough for me and the rest of my client base to boycott Webroot products.

 

I will leave that up to Joe and if he wants to but you can ask Questions at the Webroot Community Forums where it's more appropriate. https://community.webroot.com/

TH

 

Although there is a specific person with known past ties to the NSA involved here, the underlying problem is generic and universal. Anyone from the UK would/should know this Similar discussions could be had about other (AV) software (particularly if it phones home info), involving the same or different countries and government agencies.

 

I personally find this entire conspiracy theory to be quite ludicrous. If a software maker WAS in some secret conspiracy with the NSA, I would think that the software to look for would be the software that either comes pre-installed on all new computers OR software that is so ubiquitously needed that just about every computer needs to have it. There is simply no logic in anti-malware software being this tunnel to the NSA unless EVERY anti-malware vendor was equally in cahoots.

Sorry, I just don't see it and I find it laughable at this point in time.

 

Closing a thread because it goes against your personal opinion is incredibly wrong, unprofessional an narcissistic. So please don't do that.

 

Here you're assuming that the NSA would be smart and pursue opportunities which give them the broadest coverage. I would assume this too.

Here you assuming that the NSA would be stupid and be willing to *ignore* some lucrative opportunity (the tens to hundreds of millions of users, and possibly even above average coverage of users the NSA is most interested in, of product X) simply because they couldn't take advantage of *all* (other) such opportunities within this "class" of opportunity. I wouldn't assume this.

 

Kit doesn't work there anymore, but sent the following:

Kit:
"I was going to say stuff about what I knew was collected and/or sent, how it was stored, what was done with it, etc, but that honestly doesn't mean much now a year later, as it could have changed. Then I was going to point out that the NSA isn't stupid and wouldn't let Webroot mention anything about them or create any suspicion if they did have their hooks in. But that's just a double-fake, reverse psychology thing.

So I'll simply point out the following things:
No official statement would matter. The NSA forces companies to lie.
Privacy statements wouldn't matter. The NSA forces companies to lie.

Thus it comes down to two possibilities: Either Webroot is in cahoots with the NSA, or they aren't.

If they aren't, it's a moot point.

If they are... well, it's a moot point anyway still. If it isn't Webroot, then any one of hundreds of other things are already pointed at everybody, so getting rid of one of them because of concern simply draws attention to you and means that the NSA will focus on you more strongly. And until you make your own hardware and software completely from scratch, they will get in if they want to, no matter what you buy or use or don't use.

So then the only thing one can do is know that the NSA will watch you if they want to, no matter what, and whether you use Webroot or not. So it comes down to how secure you want to be outside the NSA watching.
If Webroot is watching also, then at the very least it's the best for making sure the NSA are the ONLY ones watching, because pretty much everything else trying to watch gets whacked.
If Webroot is not watching for the NSA, then chances are excellent that they'll whack other things the NSA tries to monitor you with anyway.

It was pointed out before that one of the APTs that made major headlines was detected by Prevx years before and the one that made headlines was the exact same code that Prevx detected before. The difference was that Prevx/WSA detected it and other AVs didn't. So that's a good indicator too.

Anyway, either do it right and trust no one, or deal with the fact that you still have to stay secure against other junk despite the mess the NSA caused and use Webroot to keep other stuff out while realizing that the NSA issue needs to be attacked from a different angle. The NSA doesn't want to drain your bank account, but the stuff Webroot blocks comes from people who do."

 

The press release about David Duncan joining Webroot was issued in February 21, 2013 [http://www.webroot.com/us/en/compan...ppoints-david-duncan-chief-marketing-officer]. Edward Snowden began revealing NSA's Internet surveillance programs on June 5, 2013 [http://en.wikipedia.org/wiki/Edward_Snowden].

NSA could and would get any information they wanted and needed from corporations and companies easily. Didn't need any of its members to join a company and secretly get data. It would either make companies give them the data anyways or could tap onto their data centers on a huge scale.

And do the security companies and firms not employ specialized techies in illegal technological activity, in other words hackers to protect against or counterattack other hackers who perform hack?

Some points I wanted to make if they make any sense at all. Just my two cents. If you don't want the cents then leave them.

 

After reading what Kit says 2 posts up, I've deleted my posts in this thread for being naive and not adding anything to the discussion.

 

Webroot didn't exactly keep the appointment a secret & seemed quite proud of getting the guy & then announcing his appointment along with his full CV - 'Dunc' also did not behave in a spy like manner by announcing his presence on a public forum.

Most un-James Bond like!

 

Well, this is the typical discussion that has no way out. Certain people think that the "where" is more important than the "what". Others will have the opposite opinion and no one will understand each other reasons.

So, just a waste of time... and IMO offtopic for the purpose of this forum section. You all are aware of both lines of thinking and you can decide by yourself. If you do not trust a company simply do NOT use their products. No one is obliging you to do so.

If people keep insisting on discussing it ("we need to know", "we need to understand" and the like) then there is likely an hidden agenda (e.g. competitors, trolls, paranoids, or simply nothing better to do ??).

 

Just wonder which other vendors are going to come under the microscope in this discussion.

Interesting link provided.
https://en.wikipedia.org/wiki/Paranoia

 

Completely agreed +1

 

A bit surprised by the number of forum members who continue to make excuses for Webroot.

 

Understandable, Thankful...when you consider how many forum members continue to have a pop at Webroot.

But as long as the debate is factual and good natured/informative then that is in many respects what the Forum is here for, eh?

 

Other security vendors, such as Kaspersky, have made Company Official statements that they do not white-list NSA malware. I think that's a more important question than questioning Webroot's hiring for a marketing position a man who has spent the last ten years as a marketing executive.

Prevx and Webroot have spent years of hard work and dedication to make the an outstanding anti-malware program. I think it's foolish to think they would risk all of that on hiring an active NSA spook.

 

Good point, hawki...and certainly another way to look at the whole topic.

 

That's what I figured.