Sometimes support asks customers to run GetSystemInfo even for easy questions (like why does AVP.exe connect to site xy). I noticed that this is done via an unencrypted zip over an unencrypted e-mail exchange. Is there no encrypted channel to upload this sensitive data?
Among other things the zip includes the name of my computer, Firefox computer name, all IPv6 addresses of my computer (ipconfig) and KIS settings (what is enabled/disabled). It also includes information about what bank offered me how much money over what periods of time. This is because these are encrypted PDF files that include this information as names that are listed in KIS log files as not being scanned due to encryption.
So given how easily and often AV developers ask for these personalized information I really do wonder if there is no encrypted channel prepared to upload these files instead of using insecure means?
Best answer by Flood and Flood's wifeView original