I've been waiting for this to be solved by BitDefender, and so I gave it a month for them to address the issue, as I don't think it would require a lot of time to address it, only will.
That said, if you're using BitDefender TrafficLight, you should be aware that whenever you perform a search or access a website, it will check with BitDefender's cloud to see if the URL is malicious/fraudulent. So far so good. The real issue is that, it does it so over HTTP and not HTTPS.
I just thought I should alert you about it, in case you didn't know it already.
BitDefender actually agreed with me that sending the info over HTTP breaks our privacy, and that they were already considering implementing the communication over HTTPS, instead of HTTP. Right.
Not only is the info sent over HTTP, but the actual search query is also sent to BitDefender. This was also one of my concerns, and I asked them to strip the information, and only send the URL, but not the search query.
So, I suppose this is the same old question: Security at what cost? Breaking our (=users in general) privacy?
