The rise and fall of Kaspersky?

Discussion in 'Security and Anti-Virus Software' started by Papusan, Sep 9, 2017.

?

Will this be the fall for Kaspersky?

  1. YES

    8 vote(s)
    66.7%
  2. NO

    4 vote(s)
    33.3%
  1. Georgel

    Georgel Notebook Virtuoso

    Reputations:
    642
    Messages:
    2,030
    Likes Received:
    2,084
    Trophy Points:
    181
    Simplest solution, CTRL+W closes any tab in Chrome, you can close anything you like. I have it set on a mouse button...

    Your solution is even better, but then, why do you need an AV? Sounds like you're quite well protected already?

    About readint those terms, some of them do state some things, the advantage is that if they do something against what you read, you can sue them for money, otherwise you're at their mercy.
     
    Vasudev likes this.
  2. t456

    t456 1977-09-05, 12:56:00 UTC Moderator

    Reputations:
    1,040
    Messages:
    2,084
    Likes Received:
    1,273
    Trophy Points:
    181
    Also use the hosts method, plus browser-specific custom blocking for ads hosted by the site itself ('hosts' would block the entire site *). Don't like flashy sites or being bothered with 'social' media stuff and with a site-specific css's you can strip them from all the fluff and in-site ad sections at the same time. Can't stomach a no-script solution though; too much hassle to white-list everything. Https will not help prevent such script infections; as long as the certificate is valid the website will remain 'secure', no matter the content hosted on it. Only after reporting the fraudulent or compromised site can the certificate be pulled and a future user safeguarded.

    Running KAV on several systems and it found a website-embedded trojan yesterday. Visited no strange/suspicious sites (https everywhere active), so wherever it came from it was likely a site with compromised security without its admin being aware of that. Prefer Kaspersky mainly for two reasons; consistently good intercept score year-on-year and close to zero false positives (security should as non-intrusive as possible). The only other contender I'd consider would be Bitdefender. This gets similar top marks, showing there's a good, dedicated team behind the product and thus a minimum of lag between new threats and their remedy.

    That there's NSA tools on K's servers is to be expected; you design a medicine based on the disease, which is impossible without having access to that disease. Acquiring those tools wouldn't be too hard; just find any NSA-targeted system and make an image of its drives (or write your own, based on the leaked sources). On the other hand, their servers being hacked is obviously not a good sign. A diluted version of that happened to Bitdefender, unfortunately.

    Imo, it's silly to focus on country-of-origin; it's good because it is from country A and bad because it is from country B? Heck, the top-5 contenders in AV are Russian, Romanian, Japanese, Spanish and German. Wouldn't like to be a US civil servant system admin and have my choices limited to either Windows Defender or Windows Defender.

    The #1 choice; backups.

    *) Considering to relegate the filter job to the router; every device will benefit and we'll have a bit less traffic. Not sure everyone using the network will like that, but could give it a try for a month or so and see if anyone starts crying. Will forgo the automated solutions; these pull a list from the net and redirect to 0.0.0.0. If that site is compromised or it has a disgruntled employee then the list can happily redirect your bank's site to a dummy, with all the trouble that implies.
     
    hmscott, Papusan, Vasudev and 2 others like this.
  3. StormJumper

    StormJumper Notebook Virtuoso

    Reputations:
    491
    Messages:
    2,975
    Likes Received:
    326
    Trophy Points:
    101
    My hosts edits so far hasn't blocked the sites I always go to that aren't scam sites and those that say you need to allow tracking or cookies or popups I take my business other places.

    Those test have known bias.

    It's far better then getting your A/V protection from the FSB A/V program right.

    For most they don't do that-that's a fact. Some are starting to learn the hard way to have another storage medium to save your data/files to without saving to the main drive should it get infected or ransomware.

    Scams and redirects happen on a regular basis and those that get hacked will not tell so unless they get outted. A good update Router and good firewall and A/V is the first line to stopping but should the user use the "Admin/Owner" account to access the internet then your asking for trouble as anything that runs and install will do so because you permitted it to do so already. So user should first make a "Limited" account and use that for their everyday usage and only use the Admin/Owner to install update or do Windows Update-doing this will insure any infections easier to clean and stop but most if a majority of users don't do this and this is where problems starts. Also this is what keeps the job for computer repair shops.
     
    Vasudev likes this.
  4. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    3,469
    Messages:
    13,058
    Likes Received:
    15,129
    Trophy Points:
    931
    I haven't run AV only, ever, that I can recall.

    You get the whole Security Suite of tools, and some add-on's for other features.

    Please stop trying to villify AV as if it's for suckers. At least they are thinking in the right direction. Thinking that you can build on and help educate them to add other tools, some you mentioned, some others have mentioned.

    Going naked out into the internet isn't wise, and it isn't brave, and if you think you can figure out every damaging site before clicking on it, you're fooling yourself.

    Adblock is getting long in the tooth, that's why most of us have moved to uBlock Origin, and it's got as much or more control and lists to keep you safer, as long as you keep the lists up to date.

    Again, it's not cool to tell people to go without AV when you know at least some protection is afforded, and using that mind set to protect yourself gives way to adding other tools.

    If you tell them they don't need AV, and someone else tells them they don't need https - I can't get into some sites with https - or someone else tells them that Adblock and uBlock Origin has been hacked with bad downloads - and someone else says never trust "ccleaner" because they got hacked, then all of a sudden they won't run anything.

    It used to take 20 minutes after connecting a machine to the internet for Windows 2000 to get pwned.

    How long does it take Windows 7, 8.1, 10 to get compromised without any protections while browsing the internet and downloading "cool stuff"?

    Not long at all :)
     
    t456, Vasudev and Georgel like this.
  5. Mr. Fox

    Mr. Fox Undefiled BGA-Hating Elitist

    Reputations:
    18,875
    Messages:
    29,445
    Likes Received:
    35,584
    Trophy Points:
    931
    I stopped using security software several years ago... and stopped allowing Windows Updates 4 or 5 years ago. I have tested a few security products that @Phoenix and @j95 gave me, but after a week or two I am done and remove it. I cannot remember how long it has been (but a good while) since I had a problem with malware. When I had issues with malware I was running reputable security software, LOL.

    I do use TamperMonkey, uBlock Origin and uBlock Origin Extra plug-ins with Chrome. Mainly because I don't want to see ads, or listen to stupid auto-play videos blaring that I am not interested in watching, and to keep me logged out of Micro$lop's retarded Skype crap if I sign into my Live webmail account in a browser. I also use host file edits. There are plenty of known bad web sites that can be blocked that way, including some under the Micro$haft umbrella.

    I do not visit naughty and nasty web sites known for malware. Any sensitive files are stored on removable media, and I can diskpart my OS drive and restore a Macrium image if a problem arises.
     
    Phoenix, Papusan, t456 and 2 others like this.
  6. Georgel

    Georgel Notebook Virtuoso

    Reputations:
    642
    Messages:
    2,030
    Likes Received:
    2,084
    Trophy Points:
    181
    No, No, No. You are absolutely correct.

    One should use every one of those programs.

    I sometimes forget that I am a really odd one. I aplogize and take back my words. One should really have both AV and all the measures possible to protect himself!

    Well, seems that @Mr. Fox has a very healthy solution as well. I didn't know that Microsoft had any sites that could be problematic though
     
    hmscott and Vasudev like this.
  7. Mr. Fox

    Mr. Fox Undefiled BGA-Hating Elitist

    Reputations:
    18,875
    Messages:
    29,445
    Likes Received:
    35,584
    Trophy Points:
    931
    Micro$loth updates (catalog) and telemetry need to be blocked if you want to maintain control of a healthy and stable system and deny them the privilege of collecting information, or making changes to your system without your consent.
     
    hmscott, Papusan and Georgel like this.
  8. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    3,469
    Messages:
    13,058
    Likes Received:
    15,129
    Trophy Points:
    931
    Why it's hard to trust the U.S. on Russia's alleged Kaspersky espionage
    https://finance.yahoo.com/news/hard-trust-u-s-russias-alleged-kaspersky-espionage-134308101.html

    "The Russian government used antivirus software from the private Russian company Kaspersky to steal classified U.S. data, according to several recent reports.

    The revelations, following months of vague warnings from U.S. officials, suggest that the U.S. has “direct evidence that there are ways to remote into Kaspersky and pull data back without the user’s intention,” David Kennedy, a prominent security consultant and former U.S. Marines hacker, told Yahoo Finance. “And that is very, very scary. That means that anybody in the world that has Kaspersky installed may have the potential to have their data accessed by Kaspersky.”

    But many in the cybersecurity community, such as American cyberwarfare expert Jeffrey Carr, argue that the U.S. government’s allegations shouldn’t be trusted and that “Kaspersky Lab has suffered more slander from more supposedly reputable news outlets than any company in recent memory.”"

    Report: German security group unaware of spies leveraging Kaspersky software
    http://thehill.com/policy/cybersecu...naware-of-spies-leveraging-kaspersky-software

    "A top German federal cybersecurity agency is unaware of Kaspersky Lab software being used in espionage, Reuters reported Wednesday.

    “There are no plans to warn against the use of Kaspersky products since [our agency] has no evidence for misconduct by the company or weaknesses in its software,” the BSI, whose name translates to the Federal Office of Information Security, told Reuters via email.

    Recent news stories have described Russian intelligence agencies using the Moscow-based Kaspersky Lab's antivirus software to search for classified information.
    The Hill reported earlier Wednesday that the House Science, Space and Technology Committee plans to hold a series of hearings on the software, whose use by federal agencies is the subject of a Department of Homeland Security ban."

    Office Depot, Best Buy Pull Kaspersky Products From Shelves
    https://www.bleepingcomputer.com/ne...est-buy-pull-kaspersky-products-from-shelves/

    "Both Office Depot and Best Buy have removed Kaspersky Lab products from shelves. The ban has been in effect since mid-September, and the two chains are offering existing Kaspersky customers replacement security software."
     
    Papusan likes this.
  9. t456

    t456 1977-09-05, 12:56:00 UTC Moderator

    Reputations:
    1,040
    Messages:
    2,084
    Likes Received:
    1,273
    Trophy Points:
    181
    Happened again, so extracted the data from the vault; it's a mining script from T|I. Apparently they're using this as an alternative to ads.

    Well ... why not. Blocked the bit that informed the user of the change, so never saw that message. Mighty tempting to add 'Coinhive' to the hosts list though: it can be embedded in any tool, so not catching or blocking this sort of thing elevates background cpu use, increases temperatures, diminishes battery time and lowers benchmarks.

    [​IMG]
     
  10. Georgel

    Georgel Notebook Virtuoso

    Reputations:
    642
    Messages:
    2,030
    Likes Received:
    2,084
    Trophy Points:
    181
    Now that we are here, and having this conversation, what is the absolutely best free AV program you know?
     
Loading...

Share This Page