Forum Thread: Secunia PSI - How to delete information?

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as resolved.
irsdl Secunia PSI - How to delete information?
Member 3rd Aug, 2010 12:07
Ranking: 12
Posts: 10
User Since: 16th Jul, 2010
System Score: N/A
Location: UK
Last edited on 3rd Aug, 2010 12:07

Hello, I have a question. Many people are concern about their privacy like me. I just want to know how to delete my computer information from your server.
I just install Secunia PSI without entering any user account in it. Now, I want to delete my information.
I've clicked on "Cancel Registration and Delete Secunia Profile" and uninstalled the application, however, after several days I tried to open this url:
https://psi.secunia.com/psi/1502/index.php?request...|0.059082001106871 174&uid=[My Generated ID]
And my information are still there.
Could you please tell us how to delete our information then?

Cheers

--
------
Soroush Dalili
soroush.secproject.com/blog/

Post "RE: Secunia PSI - How to delete information?" has been selected as an answer.
This user no longer exists RE: Secunia PSI - How to delete information?
Member 3rd Aug, 2010 12:09
Last edited on 3rd Aug, 2010 12:10 Hi,

Please review our privacy policy. You can find the document containing it here:
http://secunia.com/vulnerability_scanning/personal...

In full:
Privacy Statement

Communication

All communication between your system (The Secunia PSI) and the Secunia servers (psi.secunia.com) is conducted via an encrypted connection (SSL). Effectively protecting against eavesdropping of the data and the results being exchanged with Secunia.

Data

All data sent to Secunia is treated as confidential.

The Personal Software Inspector collects unique text strings and data about executable files and installed applications on your system, including hostname and langroup, and Microsoft KB numbers. This data is analysed by the Secunia File Signature engine (psi.secunia.com) to determine the exact applications installed on your system. No other data is collected from your system.

This can in turn be used to provide you with a detailed report about the specific missing security related updates on your system. The data sent to Secunia is non-personal data only. The data is generic, standardised, and originates from installed programs on your computer.

All data will be deleted automatically no later than 12 months after you terminate using the program or immediately after you cancel your registration.

Secunia will not share or sell specific data about individuals with any third parties. Only aggregate statistical which can't be related directly to any individuals will be published and shared with third parties.
Was this reply relevant?
+0
-0
irsdl RE: Secunia PSI - How to delete information?
Member 3rd Aug, 2010 12:32
Score: 12
Posts: 10
User Since: 16th Jul 2010
System Score: N/A
Location: UK
Last edited on 3rd Aug, 2010 12:33
I just want to describe this more, and then you can realise why I want to delete my information immediately.
I've monitored the connection of Secunia PSI with its server by using "Fiddler". As you said, the information that this application sends to its secure server include:

1- My domain name or workgroup name (langgourp)
2- My computer name (hostname)
3- My username (as there are special files on my "Application Data" directory such as Mozilla Firefox "extensions" directory)
4- List of directories of my hard disk which contain some special extensions such as "exe", "dll", "ocx", and so on. Many directories include these extensions so it will send a lot of information to the server.

I think Secunia PSI is a good security tool but it is against privacy.
Why does PSI sends directories paths to its server when it can only send the Application Name + Its Signature + A Specific unique ID (which maps an application to its directory on the client side - not server side) (so server does not know about the location of the applications)

Now, my question is, how can I delete these information immediately? Is there any way?

--
------
Soroush Dalili
soroush.secproject.com/blog/
Was this reply relevant?
+0
-0
This user no longer exists RE: Secunia PSI - How to delete information?
Member 3rd Aug, 2010 12:41
Last edited on 3rd Aug, 2010 12:42 Hi,

Yes, the PSI collects all this data. However, apart from being treated confidentially, it is never passed on with personally identifiable information (such as the usernames in path names).

If you want to see the kind of information we would release, try looking through our half-year report (found on the main page), starting at around page 10. This gives some general examples of what we do with the data.
From the privacy policy:
"Secunia will not share or sell specific data about individuals with any third parties. Only aggregate statistical which can't be related directly to any individuals will be published and shared with third parties."

Since Secunia isn't AOL, this means the information we publish can't be traced back to you. If you still want to remove all your information, however, you simply need to email us your UID at support@secunia.com, and I will take care of it.

hope this helps.
Was this reply relevant?
+0
-0

This thread has been marked as locked.