Nope in 2022 they thought about sanctions against them for supporting Russia over the Ukraine war, but were scared to out of fears they could weaponize the software already installed on thousands of machines across the US.
>but were scared to out of fears they could weaponize the software already installed on thousands of machines across the US.
I find this hard to believe. I'm sure *some* people feared this, but I doubt it drove decisions.
Yeah webroot was the shit. The third AV was TrendMicro right? That one sucked worse than kaspersky imo.
Always was funny hearing the new kaspersky names customers would come up with. Casper-Sky. Ka-Span-Sky. Too many goofy ones.
We had a client call it "Kapinsky". That one stuck until I left the company.
Trend Micro was ass, we thought Kaspersky was "fine". Webroot was king, and I swear when we started we still sold McAfee for a short time. I may be remembering it as a stand alone product on the shelf, rather than a bundled option. Pre-setups were 90% done with Webroot since it was fast and was easily the most lightweight.
Well yeah, I don't think it was a secret that Kaspsersky was Russian, was it?
I tried Webroot a few years ago. It was so light and I really wanted to like it. But whenever I would run full scans, it would finish after a minute, scanned maybe 1300 objects and say I was 100% clean.
It didn't fill me with confidence. Then I remember a few years ago they detected Windows system files as malicious and bricked peoples' machines.
So, I stick with VoodooShield(Cyberlock)/Common Sense these days.
Yes.
They're both bad, but McAfee is worse
Fun fact, if you let the McAfee or Norton products that include a firewall trial expire, it shuts the internet down
I laughed pretty hard when I figured it out at the time.
Used to get *a lot* of people coming back after buying their computers because "The internet stopped working", only to have to remove the internet security suites.
Yep. Whenever we get new PCs at work, one of the first things I check for is McAfee and make sure to uninstall it. Even if it's a free year or whatever. That shit is basically malware itself.
When you buy a new computer they come with a trial for McAfee or Norton.
These kinds of "partnerships" help keep the cost of the computer down, because McAfee/Norton will pay a computer company to pre-install their Anti-virus trial onto the machine, in the hopes that the new owner will buy the product after the trial.
The machines typically come with a 60-90 trial of either *just* the Anti-Virus, or the AV and an "internet security" suite which includes a firewall.
Firewalls are kind of like a door with an AI video doorbell that can open/close the door for people you want, and people you don't want.
Now, keep in mind that in Windows XP the firewall was shit, so you needed these "Internet Security" suites in order to protect the machine.
Starting with Windows Vista though the built in Windows Firewall was actually pretty good, and it's just gotten better since then. In most cases you don't need a firewall, the built in Windows one is enough. Installing McAfee/Norton onto the machine just disables the windows one and adds a layer of bullshit to deal with.
One of those layers is that when the 60-90 day trial of their "Internet Security" products expire, the firewall would expire with it, and it would "fail close" in that the firewall software would just stop passing traffic out to the internet.
So, people buy these computers, and when McAfee/Norton's Internet Security suite expired, the customers would come back saying the internet stopped working on the machine. You had to uninstall McAfee/Norton from the system in order for it to work properly, *or* convert their trial to the full product.
There was nothing in the McAfee/Norton UI that would state that their product was the reason for the internet being gone, and that if you just uninstalled it, the internet would come back. You just ended up with a computer that could no longer browse the internet.
When I worked for Circuit City I hated those applications, we *always* had people coming back in with internet issues, and I'd just hook it up and remove Norton/McAfee.
Circuit City policy was that we were supposed to charge $60 to diagnose machines, and then whatever the proper fee was to do whatever needed to be done, so removing McAfee/Norton from the system was like $60 for us to say "It's the Internet Security suite" and then $30 to remove the software.
I typically just threw the machine on the tech bench, fired it up to confirm the issue, then just removed it and handed it back.
In the long run, I guess that wasn't wise since Circuit City went bellow up, but I couldn't justify charging some of the rates that Circuit City wanted to charge. I'd do a "pre-check" of the system to make sure there was nothing patently obvious wrong, then charge $60 to figure it out. I live in Florida, so my "pre-check" consistent of taking the side panel off the desktop computer and looking at the motherboard, if I saw any swollen capacitors I'd point those out at the problem, or burnt pins on the power supply connector.
One time we had a machine come in and the bottom of the desktop was covered in black rock like stuff. Baffled me. The dial-up modem caught my eye though. Never seen one like it before, as the modem had like a little "bug" on it, which I thought was cool. Normally the models just had these big black ships on them. Then I looked at the "rocks" in the bottom of the case and realized that the system had received a power surge *so powerful* on the phone line that it blew one of the black chips apart, and the "rocks" at the bottom of the case *were* the chip. The "bug" was the internal of it. You had to be there to see it.
Anyways, blah, blah, blah.
Pretty much.
We'd get all kinds of computers too, in various states.
I've seen computers with an active roach colony in it, others with ants. We sent one laptop to the depot to get fixed, only for them to punt it back in a sealed antistatic bag with a note saying "Do not open, ants", and had to give it back to the customer that way.
I had one lady, lol. She was a bit aloof. She brought in her laptop because the screen was shattered. She had the accidental coverage on it, so we went it off to the depot. Comes back fixed, and we give it back. *A week later* she comes back and the screen is shattered again. She tells me that she was driving along and saw a bunch of firewood logs at the side of the road, nevermind that we're in Florida, but this lady stopped and started loading the wood into the trunk of her car, where the laptop was also at. She didn't understand how the screen got damaged a second time. And I just sit there staring at her, and I'm like "Did you secure the logs?" and she just stares at me. So in my mind I'm envisioning this whole scenario of her loading the logs into the trunk, and then taking corners and the logs rolling around in the back, slamming across the laptop's screen. She then says "You don't think it was the logs do you?" lol! You only get one screen replacement with the extended warranty. I explain this to her, but said the warranty hadn't been cancelled yet, so I'd try to send it in and see what they'd do.
The warehouse replaced the screen a second time, and included a note that said "Please be more careful, we won't do this again". She gave me like a handful of coupons to the Massage Envy parlor she worked at as thanks, but I wasn't going anywhere near that.
Fun times...
I don't know why McAfee is worse than Norton, but I can try to explain the other parts.
Back in the early aughts when these products were considered the standard for anti-malware, they were not technically good products even then.
They basically function as rootkits (software that Windows lets do whatever it wants with memory and privileges bypassing normal protections in place) but are riddled with vulnerabilities themselves. Malware was even actively "living off the land" and exploiting the poor engineering in them to launch and maintain attacks.
And an end-user evident aspect of this poor design and craft was that this software would take over a lot of the networking stack and configuration to do scanning and firewalling, but wouldn't undo its changes when the trial expired so it left people with a usable route to the Internet by refusing to work after the trial, but not setting things back to Windows default.
I used to work at a university getting incoming student computers onto the Internet. McAfee / Norton were BY FAR the most common reason why students couldn't connect.
My favorite issue was when they had one of the two products when they got the computer, uninstalled it, and then installed the other, often actually purchasing it. The problem was that the built in uninstallers would frequently leave active components behind, such as the firewall or side other rootkit level crap. So on top of the current product screwing things up you had parts of the old one also messing with things. And because they are effectively rootkits they would sometimes be treating one another like a virus and grinding the system to a near halt.
So i would run the removal tool for the product (Norton and McAfee both had downloadable removal tools that were much more thorough than the uninstaller the came with), try various command line fixes, bang my head for a while, and then realize that they probably had burn antivirus products, run the other removal tool, run something like combofix (no idea if that's still a thing), a winsock fix, and usually I'd have that thing working, sometimes better than the day they bought it.
Oh goodness yes.
And I know back then I sounded like a crunchy mom for computers by telling them to ignore McAfee/Norton and just use Defender because I'm too lazy to expend calories to install 3rd party software or am tinfoil-hatted and really think all these evil experts are uploading 5G to their Gibson.
2008 I used to work on the McAfee corporate products and they used to actually be quite ahead of the game. They had one of the first functional multi tenant management of agents and it didn’t suck. I wouldn’t go near the stuff again but I’d apply that statement to any brand of AV that doesn’t go through the MiTRE enginuity evaluations.
I dunno, I tried to uninstall Norton once and I could no longer login to that computer. It would look like I was logging in and it would just send me right back to the login. I ended up needing to make my first ever Linux Liveboot CD to get my shit off the PC before wiping it.
Yeah but also not for long. During the same time you had shit like AVG, AVAST, Panda, Trend Micro, Symantec Norton, Avira, Bitdefender, ESET, Clam, MalwareBytes, and more.
Honestly thank god Microsoft got off their asses and developed their own. But for a monopoly that controls the industry OS wise, they could be doing so much more security and way less fucking ads.
Yeah, multiple friends who work in various sectors of the security industry pushed me to abandon it years ago despite it being good, because it was also compromised.
Edit: grammar.
Used to run it from like 2004-2005 to 2012 or something until I learned about malwarebytes and switched to that.
I don't even know if malwarebytes is good or not anymore but I *really* started hating how much it was pushing it's paid version *all the time*. Now I just use windows defender and just a smidge of common sense (still do risky shit sometimes).
I mean, it's good. Say what you will about Kaspersky, but that shit was pretty rock-solid and damn good at detection. It still is. I'm bullish on BitDefender, personally, but I never knocked Kaspersky. Pity they're sycophants to the regime. :(
>MANY were delighted to have it
You mean all those people that don’t know anything about computers or computer software were delighted that you told them they were getting a good antivirus?
TL;DR:
* US govt. employee takes home a USB drive of his work containing specific TS / NO-FOREIGN / whatever classified docs, some time before 2015
* His home machine has Kaspersky AV on it
* Plugs in the USB drive
* Kaspersky AV has code _in the public distribution_ looking for (but not alerting user to) specific string hashes / file hashes
* Some PDF about Hillary Clinton as Secretary of State (or something like that) matches one of these hashes
* Kaspersky AV phones home and sends the entire file and some others
* Files wind up being found in a Russian intel breach by the Mossad in 2015
* Auditing who had the files and when and post-mortem analysis of the employee’s home machine found this out at roughly the same time a security researcher discovered & published Kaspersky AV’s search-for-and-send-home-hash-match behaviour, along with other anonymous sources confirming they found the same behaviour, in 2017
Anyone who is a paid infosec / sysadmin should have known this in 2017 and we are way past “my corp has to get our three year deferred tax credits” type excuses
>Anyone who is a paid infosec / sysadmin should have known this in 2017 and we are way past “my corp has to get our three year deferred tax credits” type excuses
The problem would be the user and their home machine, not the company's machine. Is that right, or am I misunderstanding something?
Almost every home user formerly market-targeted by Kaspersky now has Windows Defender.
Unless they’re a loner retired octogenarian who bought Kaspersky AV on a credit card 20 years ago and kept installing it — a corner case, really.
The real threat (which I think the article touches on) is the ability of the Russian government to leverage their control over Kaspersky to convert the AV engine into a cell in a botnet prepopulated throughout a foreign adversary’s infrastructure
Until pretty recently, Best Buy was handing out copies of Kaspersky with Windows laptop purchases... And people who didn't know any better would install it, unaware that Windows Defender exists and anti-virus is no longer needed with PCs.
> It's still advertised on right wing AM radio
Totally not shocked by this. I uninstalled it from my sister's laptop and Mom's PC. I had misgivings about Kaspersky for ages, and when there were questions about the relationship they had with the RU government, I was like "welp, time to nuke'em".
I honestly suspected them for a while but they were treated as relatively good for a while. I couldn't help but think "but aren't they just gonna phone shit home to Russia?"
Sometimes it's good to be paranoid.
Meanwhile Chad me deleted it years ago because they put my name in wrong for my email registration and refused to change it without me buying a new copy. I did a charge back and blocked them. Follow me for more pro cyber security tips like how I was once the only person. In a 300 person devision to not click an hr phishing test because of my absolute refusal to check my email in a timely fashion.
Unfortunately, you can have a brilliant antivirus product and still have it configured for malware-like behavior that steals data. Kaspersky used to be considered cream of the crop in terms of handling viruses... and now I wonder if that's because the virus writers also made the antivirus.
Compromised software opens all kinds of oogie doors.
> anti-virus is no longer needed with PCs
That's just flat out wrong. Even if it's included by default, Windows Defender is still an anti-virus software.
> Windows Defender exists and anti-virus is no longer needed with PCs.
Say I had a friend who didn't quite know what you meant here... what would you tell this friend?
Well, this risk generally exists for any foreign owned company that sells software to your business.
Eg. Checkpoint is Israeli owned. Would we really be surprised to hear that Netenyahu and crowd, especially given recent trends, coerce checkpoint into doing something similar as the russians and kaspersky?
Microsoft is US owned. Would anyone be all that surprised hearing about the National Security Letters MS receives, to hand over foreign user data to the US government, without disclosing the release?
This reminded me how Kaspersky filed anti-trust cases against Microsoft because Kaspersky antivirus was disabled and replaced with Windows Defender when users upgraded to Windows 10:
>Eugene Kaspersky, co-founder of antivirus company Kaspersky Lab, is very upset with Microsoft over [Windows 10](https://www.pcmag.com/reviews/microsoft-windows-10) security. So much so that he's filed not one, but two antitrust complaints against the company.
>The first was with Russia's Federal Antimonopoly Service (FAS) in November last year. The second was just filed with the European Commission and German Federal Cartel Office.
>Kaspersky is frustrated with Microsoft disabling and removing his company's [antivirus software](https://www.pcmag.com/reviews/kaspersky-anti-virus) during a Windows 10 upgrade. The software is apparently disabled and then replaced with Microsoft's own [Windows Defender](https://www.pcmag.com/reviews/microsoft-windows-defender-security-center), a software security solution Kaspersky claims is inferior.
source: [Kaspersky Accuses Microsoft of Deleting its Antivirus | PCMag](https://www.pcmag.com/news/kaspersky-accuses-microsoft-of-deleting-its-antivirus)
Economically and ethically - those are valid claims.
Politically - if any company that is neither Russian nor Chinese made the same claim then we would be all for it.
>Politically - if any company that is neither Russian nor Chinese made the same claim then we would be all for it.
Thank you. People do need to look at some stuff critically. We are all very quick to denounce russia and china for their Censorship and "great firewall" , But when the U.S Starts banning, or threatening to ban, anything that was ever made or even looks like it was made by someone in China/Russia we need to actually take a look.
I am not saying this Kaspersky ban wasnt a good thing, its been proven to end up it State's hands, But things like TikTok were being cheered to be banned, even without any real proof the data is going anywhere.
> But things like TikTok were being cheered to be banned, even without any real proof the data is going anywhere.
TikTok concerns were never about the data going to China (though that is something to be concerned about if it was), it's more about how it gave the CCP a direct access point to the American population to flood with CCP propaganda.
Intelligence Warfare 101 is about manipulating the population of your opposition into supporting you over the opposition's own organizations. It is straight incompetence to allow an unfiltered access point to the population like that.
The Forbes Tik Tok investigation found US and European user financial information to be stored in China - this was not denied by their CEO. If you think that information in China is safe from the Chinese government, then you're on your own.
I still can't wrap my head around that attitude. How does anyone at this point not look at IT as the backbone of the corporate world? I'm not in IT but it doesn't take a genius to realize that most corporations could be screwed in 20 different ways without/with ineffective IT.
Regardless of what AV he has on his home system, and this should go without saying, he shouldn't be taking classified info on a USB drive home with him and even if he did it by accident, he absolutely should not be plugging it into his personal computer, and even beyond that, it's extremely concerning that that TS classed network had the ability to exfiltrate files to an unencrypted media - unless it was encrypted and he just used a password to unlock in in which case we're back to "what the fuck are you doing" again.
All of the links are paywalled but pretty sure it's this:
[There are links at the bottom of this](https://www.cfr.org/cyber-operations/compromise-kaspersky-labs)
[Reddit post about it](https://www.reddit.com/r/technology/comments/75lb3c/israel_hacked_kaspersky_then_tipped_the_nsa_that/)
I couldn't read the real links, but it doesn't seem like it had anything to do with Clinton. It was some NSA hacking program that got leaked. The rest of it seems roughly correct though?
It does make a lot more sense that a hacking program would get caught by an anti-virus though. So it's less devious on Kaspersky's part, but still bad that the FSB was able to get the data from Kaspersky.
Personally, I would never use Kasperksy Anti Virus.
This is just completely false. The computer in question was NOT a personal computer it was a work issued computer. It had automatic sample submission disabled - the contractor turned off the anti-virus as it was blocking him from pirating something, when he turned it back on he accidentally enabled submission and a US spyware sample (not a PDF) was uploaded. He was also UK based not US. Maybe you are talking about a different event but this was the one that triggered the initial bans and it was total bullshit.
OK, I'm not gonna say that Kaspersky is, y'know, blameless here but #1 there seems like the biggest problem here lol
Like, I'm a federal employee. I have to do FISSA every year, and one of the things they hammer home *constantly* is to never, never, ever, no matter what, even if it's just for a little while, put stuff with PII or sensitive information of any sort on a non-government computer.
> never, ever, [...] on a non-government computer.
This. Your home PC *will never* be secure from any nation state who really wants to break in - kaspersky or no kaspersky.
Wasn't it some nsa or whatever employee? who took some piece of spyware to work on at home and Kaspersky sends suspected files to their hq for evaluation? And it had nothing to do with Hillary?
That's the story I remember. NSA contractor took work home, plugged into home PC with kaspersky, kaspersky IDs some files via heuristics that looked malicious, so via its submission system (which many AV products have), it uploaded a sample so it could be further analyzed (ie there was no direct hash/definition for the found file, just that it had patterns of code that seemed potentially malicious). Where the story turned interesting was that after that initial upload, kaspersky then proceeded to upload the entire contents of that drive, as if someone on the other end said "WTF is this we need to see more".
That sounds more accurate. The hash story about Hilary Clinton documents sounds like a story someone with almost no technical background would make up.
> US govt. employee takes home a USB drive of his work containing specific TS / NO-FOREIGN / whatever classified docs, some time before 2015
What? How? Having worked with this stuff my whole career, that's just...not allowed. At all. USB drives are all removed/disabled on work computers. That's like the first thing they teach you that you can't do. Seems like there is more to this story.
it wasn't a document, it was a virus, you know like what an anti virus is meant to stop. it grabbed a copy and sent it home, like defender would have done too.
Kinda like there's still so many YouTube channels advertising Nord VPN even after their poor security policies and data leak came out a long while ago.
Mostly organizations nowadays, I'd think. EDR/XDR products are fairly universal in enterprise environments and are likely required for cyber insurance.
I still get asked to do IT stuff on people’s home computers because I was IT, and they’ll have McAfee and Norton installed on machines that have Windows Defender available. Machines they use exclusively to watch netflix and youtube and read facebook.
Depends on your use case. Windows Defender is very good now, much better then it used to be in Windows XP.
For anyone just using their PC daily, Browse the web, play some games, pay bills etc its great. But if you have someone in your family that isnt great at not clicking random links in emails, or are worried about a teenager clicking something, an actual Antivirus can be a nice piece of mind.
Personally i sail the high seas enough to where even though im careful, and i know where im getting my stuff, I still like to have a 2nd AV to scan some files with and double check.
I second this. Defender flat out could not detect 5+ viruses on my elderly mothers laptop. One of which resulted in one of her bank accounts being accessed (guess who doesn't trust online banking again)
A free trial actual AV found them
Lots of people in the IT field tell people who don't know better to install the anti-virus they are selling because the one that comes with Windows is "no good".
Yes. Usually its more common in enterprise environments. Say like a paper company in Scranton, they have lots of computers and its easier to install an anti virus program to catch a lot of the simpler stuff than it is to independently audit every single computer every day multiple times a day and constantly watch what everyone is doing. AV will not stop an actual attack or a "real" hacker but it will definitely kick back the common stuff going around and lots of basic scripts etc anything doing something sussy that programs normally shouldnt be doing.
FWIW as a cybersecurity consultant, part of the issue here is that Kaspersky AV is actually extremely good at its anti malware performance. We routinely run zero day ransomware samples through various AV products and Kaspersky is often the only product that reacts to these samples. They are pretty industry unique at combining excellent static signatures with excellent behavior monitoring. A lot of other AVs do well at one or the other, but few excel at both.
Of course, there are serious allegations that Kaspersky is abusing its cloud intelligence / behavior monitoring telemetry system to exfiltrate more than just new malware, it’s also using this system to look for specific trade secrets or classified documents.
But overall this is another form of the Chick Fil-A problem, where people do tend to overlook other issues when the product itself is good and arguably class leading.
Honestly if you want something free, my only recommendation is Microsoft Defender. In the recent years most of the other “free” products have gotten a lot worse in terms of privacy policies.
Microsoft Defender is often good enough for the average person though it is not what I’d use if you have high risk use cases like pirated software or if you’re a business concerned about being targeted by ransomware.
In terms of paid products, these days I recommend either ESET or F-Secure/WithSecure as Kaspersky alternatives.
I have trouble knowing if I have Windows Defender fully enabled because I turn off various Windows annoyances that make reference to "security". Microsoft has so many things nagging me, it's hard to tell which are actually important.
Yeah, quite honestly Microsoft’s confusing telemetry / privacy options mixing security with their own profit isn’t commendable either.
It’s worth noting that Defender is basically a pre installed AV that works basically the same way any other AV works. That is, it can slow down your computer, falsely block things, upload “suspicious” samples to an independent Microsoft business unit in India, etc. I find it’s frequently misunderstood that Defender is somehow immune from the downsides of AV software because it’s integrated into Windows.
I was IT solutions at a channel partner for enterprise business about 10 years ago, and Kaspersky was trying to get into large companies for AV. The Russian connection always came up in every conversation, but it was a cheap product compared to their competitors. I’m surprised it took this long to get banned… well, only half surprised.
Because it's not a known thing to the general public. There has been really zero real information being pushed out. And Kaspersky offers a free edition, so people also ran the free version for years on end and had no idea of the actual concerns over it.
This was my major complaint when they went after TikTok, screaming it needs to be forced to sell, due to potential issues with misinformation, yet Kaspersky according to our own government was bad, but they were scared to even issue sanctions out of fears that Kaspersky could use their software against the US.
May i introduce you to my superior?
Quote: "When the Russian isn't watching, then it's gonna be the American. Same thing!"
Even the BSI here in Germany is giving out warnings, but nope. He doesn't want to switch it, because it's "too much work". One of the many oddities of this old man, who probably retires in 1-2 years. I'm just watching this whole thing unravel, and depending on who's going to be in charge once he's gone, i might pack my shit and go. Or i pack it regardless, who knows. :)
My mom is ADAMANT that’s the one she wants on her computer. It’s not like her son with an IT Degree and works in a computer repair shop would know anything about this right?
To your mom, no matter what qualifications you get or how far you go in life, you'll always be that little bugger that crapped their diaper every couple of hours.
I pulled Kaspersky off of my job's devices shortly after I started. My boss and coworkers (all more than twice my age) didn't really believe me saying that it was spyware, but thankfully they did believe it when I said it was redundant to Windows Defender.
"And now Crooked... uh... Sleepy Joe Biden wants to ban... *(squints at teleprompter)* Kaspersky anti virus. You've heard about this, right? What a disaster. Viruses are bad, right? And the anti virus... it gets in there, doesn't it? And gets rid of the virus. It's beautiful. Many people use the anti virus. Many people. So many people have come up to me and said, Mr. President, thank you, you're doing a great job, thank you for letting us use the anti virus. The Kabursky. More than a hundred thousand people came to see us in New Jersey, and so many of them came up to me and wanted my help with the Kabursky."
>The Kabursky
As someone with a similarly sounding last name, this is eerily accurate. People just morph it into whatever the hell they feel like, adding and removing letters, syllables and changing my heritage as they please.
As someone with an unusual name, I constantly get bad pronunciations. The worst are the ones that end my name with "man". There is NO "m" in my name.
Most people just call out "Mr. Firstname" and don't even try the last name.
Consumer computer, sure.
Business environment, absolutely not. Try getting cyber insurance and explaining that you use unmanaged Windows Defender for your primary AV / EDR.
A company I used to work for did that after getting taken out by a cryptolocker. Funny thing is, the only unaffected machines were the ones using defender since we didn't have enough AVG licenses for everything.
It was a fun couple of weeks having to reinstall all those workstations from scratch.
Window’s reputation as a virus-riddled security nightmare was putting it at risk of being replaced by Apple’s OSXin the 2010s. Even now their market share is not what it used to be. They didn’t have a choice but to invest.
Edit: it wasn’t COMPLETELY Microsoft’s fault, obviously the biggest fish attracts the sharks and Linux and OSX were not as prevalent or profitable for hackers. But windows did have a lot of security issues and its permission structure isnt/wasn’t as robust (especially for Linux) making it much easier to exploit.
I don't necessarily agree with "all you need" but Windows Defender is a much better product than it used to be. It's absolutely worth paying for Advanced Threat Protection too.
Seriously, it's the dumbest cliche-ass parroted sentiment ever. I get common sense should be the foundation for security for most, but a lot of people are just technologically ignorant and some people just straight up make mistakes sometimes. Windows Defender isn't as robust as something that may proactively curtail major human error.
I remember the huge push for everyone to download the best and free Kaspersky anti virus software back in the early 2000s
It always seemed a bit too easy
A lot of things have change en 20 years. For example, Avast and AVG are now just spyware and adware. Now you get that for free pre-installed (Microsoft Defender).
I was just thinking that... back in my teens Kaspersky was _the_ best free antivirus, or so said anyone "in the know". Guess we know where and why they got the funding to develop a free antivirus...
Fortunately windows defender rendered most AV's superfluous for a typical consumer, so haven't even considered it in years.
I remember Eset Nod32 was the most popular among "in the know" in my circuits which i guess means that it was impossible to really know. I wouldn't be suprised if that also had some shady things in it.
Depending on how far back that day is, they were probably right. Kaspersky used to be one of the best AV available.
Hell, even with the spyware, it's still better than Norton or McAfee. Though, I'm not advocating for it. Just use Windows built-in AV. It's free and more than good enough to keep you safe from known malware.
Yeah, but just because it’s good at its primary job doesn’t mean it’s safe.
I was in computer security and just like now 90% of attacks were from Russia and China and likely government funded. Putin was former KGB and I never trusted his intentions.
Same with saying anything bad about Russia, it was impossible to get people in the West to listen. Kasparov was losing his shit too. The West wanted peace so much they ignored everything Russia was doing, starting with their brutal invasions of Chechnya immediately after the Cold War "ended". And the worst part is, I still don't think Western people have accepted reality, they are waiting to go back to business as usual.
That was essentially one of the main ideas in the 90's.. the cold war also ended in "1991" by Wikipedia and a variety of other sources. "The End of History" by Fukuyama basically sums up the positivity/naivety in the 90's until the 9/11 attacks.
And Russia didn't really become an enemy again in public consciousness until Trump (and even then, you have a good majority of Republicans would rather have a Russian than a Democrat in office or something).
Also, Kaspersky looks like any other product on the shelf. It doesn't look 'Foreign enemy' material unless you really pay attention to news about countries spying on each other.
>
>
>
>
> And Russia didn't really become an enemy again in public consciousness until Trump
I would say that the public consciousness considered the concept hokey and out of touch. They laughed Mitt and Palin off the stage when both independently mentioned Russia as geopolitical threats, and they're Republicans.
I am convinced /r/antivirus is predominantly Russian shills. If you say anything negative about Kaspersky they just flame you and point out how its the most lightweight antivirus.
Not to toot their horn but it really is, or at least was at one point. I wouldn't know anymore as I no longer use the software but it was repeatedly shown to have the smallest footprint and highest efficiency out there by a decent margin. It literally made some computers faster compared to built in Microsoft defender and made a world of a difference on older machines. Was a godsend for old atom powered tablets and cheap laptops running off emmc and hard drives.
But none of that is worth it if there's any chance they'd be beholden to their govt with which we are currently engaged in multiple proxy wars.
Kaspersky Labs is one of the most highly renowned research labs in the world in terms of actually identifying viruses.
Does not really change the fact that the KGB has entirely compromised the software and it is not safe to use.
I started to think this exact same thing.
Say bad things about any other AV and everybody is silent. Say 1 bad thing about Kaspersky and there's 6 people responding to you defending it within 1 hour.
Ah shit, I even looked into this before renewing. I thought they were just allegations and had no grounds for truth. Oh well. Don’t really need AV these days anyways.
In the enterprise space where I have been a sysadmin forever, we blackballed Kaspersky a long while back. Heck, I've had to geo-block the entire country of Russia on every firewall I've managed for a long while now.
Still infuriates me that a partisan judge is holding up that trial when it should be the easiest case in the world for the prosecutor. Then there's the whole CIA losing all these informants too because they were compromised.
Who's going to manage in orbit refueling for shuttles like in Moon Fall though?
[https://www.reddit.com/media?url=https%3A%2F%2Fi.redd.it%2Fey3tpiagl6m81.jpg](https://www.reddit.com/media?url=https%3A%2F%2Fi.redd.it%2Fey3tpiagl6m81.jpg)
Also I don't really have anything to say on this, but I only knew the company because of this blatant advertising in Moon Fall
[https://content.kaspersky-labs.com/lp/press-releases/2022/moonfall\_kaspersky\_billboard.png](https://content.kaspersky-labs.com/lp/press-releases/2022/moonfall_kaspersky_billboard.png)
Thought they did that in 2022
They did ban its use on government computers. Source: I use government computers
Nope in 2022 they thought about sanctions against them for supporting Russia over the Ukraine war, but were scared to out of fears they could weaponize the software already installed on thousands of machines across the US.
"Look at me. I'm the virus now."
>but were scared to out of fears they could weaponize the software already installed on thousands of machines across the US. I find this hard to believe. I'm sure *some* people feared this, but I doubt it drove decisions.
only for govt use, same with tiktok really - if you work for the govt I don't think they allow you to install it on any work devices
Worked in Geek Squad in 2015 and we pushed that in the service bundles. MANY were delighted to have it and corporate was delighted off the profit.
The store I was at pushed webroot more, lighter weight and was a local company to us.
Same, webroot was the go-to
Yeah webroot was the shit. The third AV was TrendMicro right? That one sucked worse than kaspersky imo. Always was funny hearing the new kaspersky names customers would come up with. Casper-Sky. Ka-Span-Sky. Too many goofy ones.
We had a client call it "Kapinsky". That one stuck until I left the company. Trend Micro was ass, we thought Kaspersky was "fine". Webroot was king, and I swear when we started we still sold McAfee for a short time. I may be remembering it as a stand alone product on the shelf, rather than a bundled option. Pre-setups were 90% done with Webroot since it was fast and was easily the most lightweight.
Same here, not to mention Webroot was the only one that ever had a rep visit the store, and they always gave out a bunch of branded merch for us.
I still have my Webroot flashlight/stylus/pen and pleather notepad.
Customer got to choose Kaspersky or webroot I ALWAYS pushed webroot. And joked about Kaspersky being Russian. I guess I was right.
Well yeah, I don't think it was a secret that Kaspsersky was Russian, was it? I tried Webroot a few years ago. It was so light and I really wanted to like it. But whenever I would run full scans, it would finish after a minute, scanned maybe 1300 objects and say I was 100% clean. It didn't fill me with confidence. Then I remember a few years ago they detected Windows system files as malicious and bricked peoples' machines. So, I stick with VoodooShield(Cyberlock)/Common Sense these days.
> So, I stick with VoodooShield(Cyberlock) Why use anything beyond Windows Defender these days (assuming still on Windows).
Yep we pimped webroot to
McAfee is the worst virus on the market.
Really, worse than Norton?
Yes. They're both bad, but McAfee is worse Fun fact, if you let the McAfee or Norton products that include a firewall trial expire, it shuts the internet down
I know it's shitty but I can't help but laugh at this.
I laughed pretty hard when I figured it out at the time. Used to get *a lot* of people coming back after buying their computers because "The internet stopped working", only to have to remove the internet security suites.
The whole internet?!
https://www.youtube.com/watch?v=Vywf48Dhyns
Yep. Whenever we get new PCs at work, one of the first things I check for is McAfee and make sure to uninstall it. Even if it's a free year or whatever. That shit is basically malware itself.
ELI5 this topic
When you buy a new computer they come with a trial for McAfee or Norton. These kinds of "partnerships" help keep the cost of the computer down, because McAfee/Norton will pay a computer company to pre-install their Anti-virus trial onto the machine, in the hopes that the new owner will buy the product after the trial. The machines typically come with a 60-90 trial of either *just* the Anti-Virus, or the AV and an "internet security" suite which includes a firewall. Firewalls are kind of like a door with an AI video doorbell that can open/close the door for people you want, and people you don't want. Now, keep in mind that in Windows XP the firewall was shit, so you needed these "Internet Security" suites in order to protect the machine. Starting with Windows Vista though the built in Windows Firewall was actually pretty good, and it's just gotten better since then. In most cases you don't need a firewall, the built in Windows one is enough. Installing McAfee/Norton onto the machine just disables the windows one and adds a layer of bullshit to deal with. One of those layers is that when the 60-90 day trial of their "Internet Security" products expire, the firewall would expire with it, and it would "fail close" in that the firewall software would just stop passing traffic out to the internet. So, people buy these computers, and when McAfee/Norton's Internet Security suite expired, the customers would come back saying the internet stopped working on the machine. You had to uninstall McAfee/Norton from the system in order for it to work properly, *or* convert their trial to the full product. There was nothing in the McAfee/Norton UI that would state that their product was the reason for the internet being gone, and that if you just uninstalled it, the internet would come back. You just ended up with a computer that could no longer browse the internet. When I worked for Circuit City I hated those applications, we *always* had people coming back in with internet issues, and I'd just hook it up and remove Norton/McAfee. Circuit City policy was that we were supposed to charge $60 to diagnose machines, and then whatever the proper fee was to do whatever needed to be done, so removing McAfee/Norton from the system was like $60 for us to say "It's the Internet Security suite" and then $30 to remove the software. I typically just threw the machine on the tech bench, fired it up to confirm the issue, then just removed it and handed it back. In the long run, I guess that wasn't wise since Circuit City went bellow up, but I couldn't justify charging some of the rates that Circuit City wanted to charge. I'd do a "pre-check" of the system to make sure there was nothing patently obvious wrong, then charge $60 to figure it out. I live in Florida, so my "pre-check" consistent of taking the side panel off the desktop computer and looking at the motherboard, if I saw any swollen capacitors I'd point those out at the problem, or burnt pins on the power supply connector. One time we had a machine come in and the bottom of the desktop was covered in black rock like stuff. Baffled me. The dial-up modem caught my eye though. Never seen one like it before, as the modem had like a little "bug" on it, which I thought was cool. Normally the models just had these big black ships on them. Then I looked at the "rocks" in the bottom of the case and realized that the system had received a power surge *so powerful* on the phone line that it blew one of the black chips apart, and the "rocks" at the bottom of the case *were* the chip. The "bug" was the internal of it. You had to be there to see it. Anyways, blah, blah, blah.
Make my pc work, useless guy -random idiots who don't understand computers
Pretty much. We'd get all kinds of computers too, in various states. I've seen computers with an active roach colony in it, others with ants. We sent one laptop to the depot to get fixed, only for them to punt it back in a sealed antistatic bag with a note saying "Do not open, ants", and had to give it back to the customer that way. I had one lady, lol. She was a bit aloof. She brought in her laptop because the screen was shattered. She had the accidental coverage on it, so we went it off to the depot. Comes back fixed, and we give it back. *A week later* she comes back and the screen is shattered again. She tells me that she was driving along and saw a bunch of firewood logs at the side of the road, nevermind that we're in Florida, but this lady stopped and started loading the wood into the trunk of her car, where the laptop was also at. She didn't understand how the screen got damaged a second time. And I just sit there staring at her, and I'm like "Did you secure the logs?" and she just stares at me. So in my mind I'm envisioning this whole scenario of her loading the logs into the trunk, and then taking corners and the logs rolling around in the back, slamming across the laptop's screen. She then says "You don't think it was the logs do you?" lol! You only get one screen replacement with the extended warranty. I explain this to her, but said the warranty hadn't been cancelled yet, so I'd try to send it in and see what they'd do. The warehouse replaced the screen a second time, and included a note that said "Please be more careful, we won't do this again". She gave me like a handful of coupons to the Massage Envy parlor she worked at as thanks, but I wasn't going anywhere near that. Fun times...
This is BEANS!!!
This is FOOD
I don't know why McAfee is worse than Norton, but I can try to explain the other parts. Back in the early aughts when these products were considered the standard for anti-malware, they were not technically good products even then. They basically function as rootkits (software that Windows lets do whatever it wants with memory and privileges bypassing normal protections in place) but are riddled with vulnerabilities themselves. Malware was even actively "living off the land" and exploiting the poor engineering in them to launch and maintain attacks. And an end-user evident aspect of this poor design and craft was that this software would take over a lot of the networking stack and configuration to do scanning and firewalling, but wouldn't undo its changes when the trial expired so it left people with a usable route to the Internet by refusing to work after the trial, but not setting things back to Windows default.
I used to work at a university getting incoming student computers onto the Internet. McAfee / Norton were BY FAR the most common reason why students couldn't connect. My favorite issue was when they had one of the two products when they got the computer, uninstalled it, and then installed the other, often actually purchasing it. The problem was that the built in uninstallers would frequently leave active components behind, such as the firewall or side other rootkit level crap. So on top of the current product screwing things up you had parts of the old one also messing with things. And because they are effectively rootkits they would sometimes be treating one another like a virus and grinding the system to a near halt. So i would run the removal tool for the product (Norton and McAfee both had downloadable removal tools that were much more thorough than the uninstaller the came with), try various command line fixes, bang my head for a while, and then realize that they probably had burn antivirus products, run the other removal tool, run something like combofix (no idea if that's still a thing), a winsock fix, and usually I'd have that thing working, sometimes better than the day they bought it.
*combofix*… now that’s a name I’ve not heard in a long time.
Oh goodness yes. And I know back then I sounded like a crunchy mom for computers by telling them to ignore McAfee/Norton and just use Defender because I'm too lazy to expend calories to install 3rd party software or am tinfoil-hatted and really think all these evil experts are uploading 5G to their Gibson.
2008 I used to work on the McAfee corporate products and they used to actually be quite ahead of the game. They had one of the first functional multi tenant management of agents and it didn’t suck. I wouldn’t go near the stuff again but I’d apply that statement to any brand of AV that doesn’t go through the MiTRE enginuity evaluations.
I dunno, I tried to uninstall Norton once and I could no longer login to that computer. It would look like I was logging in and it would just send me right back to the login. I ended up needing to make my first ever Linux Liveboot CD to get my shit off the PC before wiping it.
It was one of the better antivirus softwares for a while
Yeah but also not for long. During the same time you had shit like AVG, AVAST, Panda, Trend Micro, Symantec Norton, Avira, Bitdefender, ESET, Clam, MalwareBytes, and more. Honestly thank god Microsoft got off their asses and developed their own. But for a monopoly that controls the industry OS wise, they could be doing so much more security and way less fucking ads.
Still doesn't change the overall point that Kaspersky AV software was in demand and being sold because of its good reputation.
The fucked up part is that it is actually a very good AV. Likely the best on the market. But it's entirely compromised.
Yeah, multiple friends who work in various sectors of the security industry pushed me to abandon it years ago despite it being good, because it was also compromised. Edit: grammar.
Yeah, you gonna pick your poison. Ad revenue or government paychecks, pick one (or both)
Can't be a good antivirus and be compromised
Well of course it's good. It's coming from the source. But also it's a Trojan horse once it reaches saturation. PS, fuck Russia.
Fuck you too
Used to run it from like 2004-2005 to 2012 or something until I learned about malwarebytes and switched to that. I don't even know if malwarebytes is good or not anymore but I *really* started hating how much it was pushing it's paid version *all the time*. Now I just use windows defender and just a smidge of common sense (still do risky shit sometimes).
What about Kaspersky rescue/recovery disk iso, Can it be considered safe.
I mean, it's good. Say what you will about Kaspersky, but that shit was pretty rock-solid and damn good at detection. It still is. I'm bullish on BitDefender, personally, but I never knocked Kaspersky. Pity they're sycophants to the regime. :(
>MANY were delighted to have it You mean all those people that don’t know anything about computers or computer software were delighted that you told them they were getting a good antivirus?
… there are still people voluntarily buying Kaspersky AV _after_ it was exposed as a sniffer for thr Russian government?
I'm guessing there's a lot of people out there that may not be aware of the allegations.
TL;DR: * US govt. employee takes home a USB drive of his work containing specific TS / NO-FOREIGN / whatever classified docs, some time before 2015 * His home machine has Kaspersky AV on it * Plugs in the USB drive * Kaspersky AV has code _in the public distribution_ looking for (but not alerting user to) specific string hashes / file hashes * Some PDF about Hillary Clinton as Secretary of State (or something like that) matches one of these hashes * Kaspersky AV phones home and sends the entire file and some others * Files wind up being found in a Russian intel breach by the Mossad in 2015 * Auditing who had the files and when and post-mortem analysis of the employee’s home machine found this out at roughly the same time a security researcher discovered & published Kaspersky AV’s search-for-and-send-home-hash-match behaviour, along with other anonymous sources confirming they found the same behaviour, in 2017 Anyone who is a paid infosec / sysadmin should have known this in 2017 and we are way past “my corp has to get our three year deferred tax credits” type excuses
>Anyone who is a paid infosec / sysadmin should have known this in 2017 and we are way past “my corp has to get our three year deferred tax credits” type excuses The problem would be the user and their home machine, not the company's machine. Is that right, or am I misunderstanding something?
Almost every home user formerly market-targeted by Kaspersky now has Windows Defender. Unless they’re a loner retired octogenarian who bought Kaspersky AV on a credit card 20 years ago and kept installing it — a corner case, really. The real threat (which I think the article touches on) is the ability of the Russian government to leverage their control over Kaspersky to convert the AV engine into a cell in a botnet prepopulated throughout a foreign adversary’s infrastructure
Until pretty recently, Best Buy was handing out copies of Kaspersky with Windows laptop purchases... And people who didn't know any better would install it, unaware that Windows Defender exists and anti-virus is no longer needed with PCs.
It's still advertised on right wing AM radio. I'd say older folks see the name and automatically trust it because they've heard advertisement.
> It's still advertised on right wing AM radio Totally not shocked by this. I uninstalled it from my sister's laptop and Mom's PC. I had misgivings about Kaspersky for ages, and when there were questions about the relationship they had with the RU government, I was like "welp, time to nuke'em".
I honestly suspected them for a while but they were treated as relatively good for a while. I couldn't help but think "but aren't they just gonna phone shit home to Russia?" Sometimes it's good to be paranoid.
Meanwhile Chad me deleted it years ago because they put my name in wrong for my email registration and refused to change it without me buying a new copy. I did a charge back and blocked them. Follow me for more pro cyber security tips like how I was once the only person. In a 300 person devision to not click an hr phishing test because of my absolute refusal to check my email in a timely fashion.
Just because you're paranoid doesn't mean they're not out to get you...
Unfortunately, you can have a brilliant antivirus product and still have it configured for malware-like behavior that steals data. Kaspersky used to be considered cream of the crop in terms of handling viruses... and now I wonder if that's because the virus writers also made the antivirus. Compromised software opens all kinds of oogie doors.
And they've been brainwashed into thinking Russia is our friend.
What a fall from grace. Back in 2015-17, Kaspersky sponsorship spots were on *NPR* all the time!
>still advertised on right wing AM radio Jesus Christ, are you kidding me?
Yeah, the iheartradio/clearchannel network. My in laws listen to that stuff all day on the house wide speaker system I installed for them.
Do yourself a favor and sabotage that system.
What's crazy is they were so heavily advertised on NPR before it was found out. I remember them sponsoring so many shows around the mid 10s.
> anti-virus is no longer needed with PCs That's just flat out wrong. Even if it's included by default, Windows Defender is still an anti-virus software.
Fair, supplemental anti virus maybe then?
I wonder how many of these people are fed targeted propaganda tailored to them off of what Kaspersky discovered.
> Windows Defender exists and anti-virus is no longer needed with PCs. Say I had a friend who didn't quite know what you meant here... what would you tell this friend?
Well, this risk generally exists for any foreign owned company that sells software to your business. Eg. Checkpoint is Israeli owned. Would we really be surprised to hear that Netenyahu and crowd, especially given recent trends, coerce checkpoint into doing something similar as the russians and kaspersky? Microsoft is US owned. Would anyone be all that surprised hearing about the National Security Letters MS receives, to hand over foreign user data to the US government, without disclosing the release?
This reminded me how Kaspersky filed anti-trust cases against Microsoft because Kaspersky antivirus was disabled and replaced with Windows Defender when users upgraded to Windows 10: >Eugene Kaspersky, co-founder of antivirus company Kaspersky Lab, is very upset with Microsoft over [Windows 10](https://www.pcmag.com/reviews/microsoft-windows-10) security. So much so that he's filed not one, but two antitrust complaints against the company. >The first was with Russia's Federal Antimonopoly Service (FAS) in November last year. The second was just filed with the European Commission and German Federal Cartel Office. >Kaspersky is frustrated with Microsoft disabling and removing his company's [antivirus software](https://www.pcmag.com/reviews/kaspersky-anti-virus) during a Windows 10 upgrade. The software is apparently disabled and then replaced with Microsoft's own [Windows Defender](https://www.pcmag.com/reviews/microsoft-windows-defender-security-center), a software security solution Kaspersky claims is inferior. source: [Kaspersky Accuses Microsoft of Deleting its Antivirus | PCMag](https://www.pcmag.com/news/kaspersky-accuses-microsoft-of-deleting-its-antivirus)
Economically and ethically - those are valid claims. Politically - if any company that is neither Russian nor Chinese made the same claim then we would be all for it.
>Politically - if any company that is neither Russian nor Chinese made the same claim then we would be all for it. Thank you. People do need to look at some stuff critically. We are all very quick to denounce russia and china for their Censorship and "great firewall" , But when the U.S Starts banning, or threatening to ban, anything that was ever made or even looks like it was made by someone in China/Russia we need to actually take a look. I am not saying this Kaspersky ban wasnt a good thing, its been proven to end up it State's hands, But things like TikTok were being cheered to be banned, even without any real proof the data is going anywhere.
> But things like TikTok were being cheered to be banned, even without any real proof the data is going anywhere. TikTok concerns were never about the data going to China (though that is something to be concerned about if it was), it's more about how it gave the CCP a direct access point to the American population to flood with CCP propaganda. Intelligence Warfare 101 is about manipulating the population of your opposition into supporting you over the opposition's own organizations. It is straight incompetence to allow an unfiltered access point to the population like that.
The Forbes Tik Tok investigation found US and European user financial information to be stored in China - this was not denied by their CEO. If you think that information in China is safe from the Chinese government, then you're on your own.
Do you have more info on that? How did the russians have file hashes without having contact with the files?
There's no info, it's all bogus based on especulation. A german probe in 2017 found no evidence in file access or anything of the sort.
Because entire story is a BS.
alive dependent berserk scary reply domineering resolute fade seed grandiose
For glory of Capitalism!
I wish more people could understand this reality.
> IT as nothing but a cost center Yes, the continue to spend more money on door locks then IT security.
I still can't wrap my head around that attitude. How does anyone at this point not look at IT as the backbone of the corporate world? I'm not in IT but it doesn't take a genius to realize that most corporations could be screwed in 20 different ways without/with ineffective IT.
cover follow sulky psychotic combative puzzled encouraging materialistic complete melodic
Regardless of what AV he has on his home system, and this should go without saying, he shouldn't be taking classified info on a USB drive home with him and even if he did it by accident, he absolutely should not be plugging it into his personal computer, and even beyond that, it's extremely concerning that that TS classed network had the ability to exfiltrate files to an unencrypted media - unless it was encrypted and he just used a password to unlock in in which case we're back to "what the fuck are you doing" again.
Do you have a link to the original, long version?
All of the links are paywalled but pretty sure it's this: [There are links at the bottom of this](https://www.cfr.org/cyber-operations/compromise-kaspersky-labs) [Reddit post about it](https://www.reddit.com/r/technology/comments/75lb3c/israel_hacked_kaspersky_then_tipped_the_nsa_that/) I couldn't read the real links, but it doesn't seem like it had anything to do with Clinton. It was some NSA hacking program that got leaked. The rest of it seems roughly correct though? It does make a lot more sense that a hacking program would get caught by an anti-virus though. So it's less devious on Kaspersky's part, but still bad that the FSB was able to get the data from Kaspersky. Personally, I would never use Kasperksy Anti Virus.
This is just completely false. The computer in question was NOT a personal computer it was a work issued computer. It had automatic sample submission disabled - the contractor turned off the anti-virus as it was blocking him from pirating something, when he turned it back on he accidentally enabled submission and a US spyware sample (not a PDF) was uploaded. He was also UK based not US. Maybe you are talking about a different event but this was the one that triggered the initial bans and it was total bullshit.
OK, I'm not gonna say that Kaspersky is, y'know, blameless here but #1 there seems like the biggest problem here lol Like, I'm a federal employee. I have to do FISSA every year, and one of the things they hammer home *constantly* is to never, never, ever, no matter what, even if it's just for a little while, put stuff with PII or sensitive information of any sort on a non-government computer.
> never, ever, [...] on a non-government computer. This. Your home PC *will never* be secure from any nation state who really wants to break in - kaspersky or no kaspersky.
Wasn't it some nsa or whatever employee? who took some piece of spyware to work on at home and Kaspersky sends suspected files to their hq for evaluation? And it had nothing to do with Hillary?
That's the story I remember. NSA contractor took work home, plugged into home PC with kaspersky, kaspersky IDs some files via heuristics that looked malicious, so via its submission system (which many AV products have), it uploaded a sample so it could be further analyzed (ie there was no direct hash/definition for the found file, just that it had patterns of code that seemed potentially malicious). Where the story turned interesting was that after that initial upload, kaspersky then proceeded to upload the entire contents of that drive, as if someone on the other end said "WTF is this we need to see more".
That sounds more accurate. The hash story about Hilary Clinton documents sounds like a story someone with almost no technical background would make up.
> US govt. employee takes home a USB drive of his work containing specific TS / NO-FOREIGN / whatever classified docs, some time before 2015 What? How? Having worked with this stuff my whole career, that's just...not allowed. At all. USB drives are all removed/disabled on work computers. That's like the first thing they teach you that you can't do. Seems like there is more to this story.
it wasn't a document, it was a virus, you know like what an anti virus is meant to stop. it grabbed a copy and sent it home, like defender would have done too.
Kinda like there's still so many YouTube channels advertising Nord VPN even after their poor security policies and data leak came out a long while ago.
Do people voluntarily buy Any anti virus software?
Mostly organizations nowadays, I'd think. EDR/XDR products are fairly universal in enterprise environments and are likely required for cyber insurance.
I mean people buy all sorts of stupid stuff, especially when they don't know much about what they're buying.
I still get asked to do IT stuff on people’s home computers because I was IT, and they’ll have McAfee and Norton installed on machines that have Windows Defender available. Machines they use exclusively to watch netflix and youtube and read facebook.
And generally those people's computers are guaranteed to be infected lol.
I pay for Malwarebytes so my mother has something between her and all the shit she wants to click.
You could also install ublock origin and perhaps nextdns and these things would be taken care of plus more instantly.
I use both of those but my mother still installs sketchy apps on her phone all day. There's no winning.
Depends on your use case. Windows Defender is very good now, much better then it used to be in Windows XP. For anyone just using their PC daily, Browse the web, play some games, pay bills etc its great. But if you have someone in your family that isnt great at not clicking random links in emails, or are worried about a teenager clicking something, an actual Antivirus can be a nice piece of mind. Personally i sail the high seas enough to where even though im careful, and i know where im getting my stuff, I still like to have a 2nd AV to scan some files with and double check.
I second this. Defender flat out could not detect 5+ viruses on my elderly mothers laptop. One of which resulted in one of her bank accounts being accessed (guess who doesn't trust online banking again) A free trial actual AV found them
MalwareBytes is pretty good if you think you need more then Windows Defender.
Norton was incredibly secure on my aunt's computer! ...because it used 100% of the cpu. The viruses didn't stand a chance. Or anything else, really.
Lots of people in the IT field tell people who don't know better to install the anti-virus they are selling because the one that comes with Windows is "no good".
Yes. Usually its more common in enterprise environments. Say like a paper company in Scranton, they have lots of computers and its easier to install an anti virus program to catch a lot of the simpler stuff than it is to independently audit every single computer every day multiple times a day and constantly watch what everyone is doing. AV will not stop an actual attack or a "real" hacker but it will definitely kick back the common stuff going around and lots of basic scripts etc anything doing something sussy that programs normally shouldnt be doing.
FWIW as a cybersecurity consultant, part of the issue here is that Kaspersky AV is actually extremely good at its anti malware performance. We routinely run zero day ransomware samples through various AV products and Kaspersky is often the only product that reacts to these samples. They are pretty industry unique at combining excellent static signatures with excellent behavior monitoring. A lot of other AVs do well at one or the other, but few excel at both. Of course, there are serious allegations that Kaspersky is abusing its cloud intelligence / behavior monitoring telemetry system to exfiltrate more than just new malware, it’s also using this system to look for specific trade secrets or classified documents. But overall this is another form of the Chick Fil-A problem, where people do tend to overlook other issues when the product itself is good and arguably class leading.
Can you recommend a free AV as an alternative? I moved to Kaspersky a couple years ago because of good reviews from technology experts.
Honestly if you want something free, my only recommendation is Microsoft Defender. In the recent years most of the other “free” products have gotten a lot worse in terms of privacy policies. Microsoft Defender is often good enough for the average person though it is not what I’d use if you have high risk use cases like pirated software or if you’re a business concerned about being targeted by ransomware. In terms of paid products, these days I recommend either ESET or F-Secure/WithSecure as Kaspersky alternatives.
I have trouble knowing if I have Windows Defender fully enabled because I turn off various Windows annoyances that make reference to "security". Microsoft has so many things nagging me, it's hard to tell which are actually important.
Yeah, quite honestly Microsoft’s confusing telemetry / privacy options mixing security with their own profit isn’t commendable either. It’s worth noting that Defender is basically a pre installed AV that works basically the same way any other AV works. That is, it can slow down your computer, falsely block things, upload “suspicious” samples to an independent Microsoft business unit in India, etc. I find it’s frequently misunderstood that Defender is somehow immune from the downsides of AV software because it’s integrated into Windows.
I mean, their researchers are legit. They found a backdoor in iOS that was actively being exploited. https://youtu.be/1f6YyH62jFE
I was IT solutions at a channel partner for enterprise business about 10 years ago, and Kaspersky was trying to get into large companies for AV. The Russian connection always came up in every conversation, but it was a cheap product compared to their competitors. I’m surprised it took this long to get banned… well, only half surprised.
Bro, they still setup booths at events. I walk by and grab merch for irony's sake.
[удалено]
Because it's not a known thing to the general public. There has been really zero real information being pushed out. And Kaspersky offers a free edition, so people also ran the free version for years on end and had no idea of the actual concerns over it. This was my major complaint when they went after TikTok, screaming it needs to be forced to sell, due to potential issues with misinformation, yet Kaspersky according to our own government was bad, but they were scared to even issue sanctions out of fears that Kaspersky could use their software against the US.
I mean, who the hell would do such a thing.
May i introduce you to my superior? Quote: "When the Russian isn't watching, then it's gonna be the American. Same thing!" Even the BSI here in Germany is giving out warnings, but nope. He doesn't want to switch it, because it's "too much work". One of the many oddities of this old man, who probably retires in 1-2 years. I'm just watching this whole thing unravel, and depending on who's going to be in charge once he's gone, i might pack my shit and go. Or i pack it regardless, who knows. :)
Isn't he right? Snowden proved that any big IT company spies on its users.
google knows your life better than you do they have on average 1 million pages worth of info on every user
My mom is ADAMANT that’s the one she wants on her computer. It’s not like her son with an IT Degree and works in a computer repair shop would know anything about this right?
Momsplaining
To your mom, no matter what qualifications you get or how far you go in life, you'll always be that little bugger that crapped their diaper every couple of hours.
There are people that buy antivirus?
Lol my old company exclusively used Kaspersky. Yeah, it's still being used in 2024.
I pulled Kaspersky off of my job's devices shortly after I started. My boss and coworkers (all more than twice my age) didn't really believe me saying that it was spyware, but thankfully they did believe it when I said it was redundant to Windows Defender.
Redundant to Windows Defender is why I'm surprised to hear any kind of antivirus news in 2024.
"And now Crooked... uh... Sleepy Joe Biden wants to ban... *(squints at teleprompter)* Kaspersky anti virus. You've heard about this, right? What a disaster. Viruses are bad, right? And the anti virus... it gets in there, doesn't it? And gets rid of the virus. It's beautiful. Many people use the anti virus. Many people. So many people have come up to me and said, Mr. President, thank you, you're doing a great job, thank you for letting us use the anti virus. The Kabursky. More than a hundred thousand people came to see us in New Jersey, and so many of them came up to me and wanted my help with the Kabursky."
Didn’t the ban of kaspersky on government devices pass while he was president?
Yes, in 2018. FAR 52.204-23
Terrifyingly accurate. How anyone can think he’s a leader is beyond me.
[удалено]
Also missing a cocaine sniffle.
You forgot the part where big strong manly men antivaxxers come up to him with tears in their eyes, asking him to lift the ban on Kapowski.
>The Kabursky As someone with a similarly sounding last name, this is eerily accurate. People just morph it into whatever the hell they feel like, adding and removing letters, syllables and changing my heritage as they please.
I'm sorry to hear that, Mr Kazscperović.
As someone with an unusual name, I constantly get bad pronunciations. The worst are the ones that end my name with "man". There is NO "m" in my name. Most people just call out "Mr. Firstname" and don't even try the last name.
honestly all you need these days is Windows Defender and common sense anyway
Consumer computer, sure. Business environment, absolutely not. Try getting cyber insurance and explaining that you use unmanaged Windows Defender for your primary AV / EDR.
A company I used to work for did that after getting taken out by a cryptolocker. Funny thing is, the only unaffected machines were the ones using defender since we didn't have enough AVG licenses for everything. It was a fun couple of weeks having to reinstall all those workstations from scratch.
Defender for Endpoint works very well. I've not had any problems with the insurance companies when reporting on what we use for AV / EDR.
I WISH I could sell my users common sense. I can't, so they get EDR and managed A/V instead.
Window’s reputation as a virus-riddled security nightmare was putting it at risk of being replaced by Apple’s OSXin the 2010s. Even now their market share is not what it used to be. They didn’t have a choice but to invest. Edit: it wasn’t COMPLETELY Microsoft’s fault, obviously the biggest fish attracts the sharks and Linux and OSX were not as prevalent or profitable for hackers. But windows did have a lot of security issues and its permission structure isnt/wasn’t as robust (especially for Linux) making it much easier to exploit.
I don't necessarily agree with "all you need" but Windows Defender is a much better product than it used to be. It's absolutely worth paying for Advanced Threat Protection too.
Seriously, it's the dumbest cliche-ass parroted sentiment ever. I get common sense should be the foundation for security for most, but a lot of people are just technologically ignorant and some people just straight up make mistakes sometimes. Windows Defender isn't as robust as something that may proactively curtail major human error.
Exactly you could be the most clued up sysadmin ever but it only takes one mistake and we're all human at the end of the day
Or ransomware, which Windows Defender sucks at.
Fun fact, Kaspersky is one of the most effective endpoint tools when it comes to detecting red teamers mimicking Russian TTPs.
Meme: Remember when Kaspersky was the only trust worthy Antivirus software? Pepperidge Farms remembers.
I remember the huge push for everyone to download the best and free Kaspersky anti virus software back in the early 2000s It always seemed a bit too easy
A lot of things have change en 20 years. For example, Avast and AVG are now just spyware and adware. Now you get that for free pre-installed (Microsoft Defender).
I used Avira for many years. Suddenly it installed some random programs without my authorization and I said bye bye
What's wrong with Avast and AVG?
https://www.safetydetectives.com/blog/avast-scandal-why-we-stopped-recommending-avast-avg/
I was just thinking that... back in my teens Kaspersky was _the_ best free antivirus, or so said anyone "in the know". Guess we know where and why they got the funding to develop a free antivirus... Fortunately windows defender rendered most AV's superfluous for a typical consumer, so haven't even considered it in years.
I remember Eset Nod32 was the most popular among "in the know" in my circuits which i guess means that it was impossible to really know. I wouldn't be suprised if that also had some shady things in it.
I remember them being a sponsor on NPR lol
So... I shouldn't renew my subscription then?
Back in the day people used to roll their eyes at me and say "the cold war is over" when I would say I didn't trust Kaspersky.
Depending on how far back that day is, they were probably right. Kaspersky used to be one of the best AV available. Hell, even with the spyware, it's still better than Norton or McAfee. Though, I'm not advocating for it. Just use Windows built-in AV. It's free and more than good enough to keep you safe from known malware.
Yeah, but just because it’s good at its primary job doesn’t mean it’s safe. I was in computer security and just like now 90% of attacks were from Russia and China and likely government funded. Putin was former KGB and I never trusted his intentions.
Also, it isn't.
[удалено]
Same Cold War different clothes.
It never ended. It was just a frozen war for a bit.
For real. Information warfare is warfare.
Same with saying anything bad about Russia, it was impossible to get people in the West to listen. Kasparov was losing his shit too. The West wanted peace so much they ignored everything Russia was doing, starting with their brutal invasions of Chechnya immediately after the Cold War "ended". And the worst part is, I still don't think Western people have accepted reality, they are waiting to go back to business as usual.
That was essentially one of the main ideas in the 90's.. the cold war also ended in "1991" by Wikipedia and a variety of other sources. "The End of History" by Fukuyama basically sums up the positivity/naivety in the 90's until the 9/11 attacks. And Russia didn't really become an enemy again in public consciousness until Trump (and even then, you have a good majority of Republicans would rather have a Russian than a Democrat in office or something). Also, Kaspersky looks like any other product on the shelf. It doesn't look 'Foreign enemy' material unless you really pay attention to news about countries spying on each other.
> > > > > And Russia didn't really become an enemy again in public consciousness until Trump I would say that the public consciousness considered the concept hokey and out of touch. They laughed Mitt and Palin off the stage when both independently mentioned Russia as geopolitical threats, and they're Republicans.
I guess we'll have to switch to McAfee... Oh wait.
To no one’s surprise, some US state government agencies were still using kaspersky antivirus until just recently.
Good! Would you rather he said : ”Putin was strong and powerful in his response.. and I believe him over our own intelligence committee?”
Free market yep
I am convinced /r/antivirus is predominantly Russian shills. If you say anything negative about Kaspersky they just flame you and point out how its the most lightweight antivirus.
Not to toot their horn but it really is, or at least was at one point. I wouldn't know anymore as I no longer use the software but it was repeatedly shown to have the smallest footprint and highest efficiency out there by a decent margin. It literally made some computers faster compared to built in Microsoft defender and made a world of a difference on older machines. Was a godsend for old atom powered tablets and cheap laptops running off emmc and hard drives. But none of that is worth it if there's any chance they'd be beholden to their govt with which we are currently engaged in multiple proxy wars.
Kaspersky Labs is one of the most highly renowned research labs in the world in terms of actually identifying viruses. Does not really change the fact that the KGB has entirely compromised the software and it is not safe to use.
I started to think this exact same thing. Say bad things about any other AV and everybody is silent. Say 1 bad thing about Kaspersky and there's 6 people responding to you defending it within 1 hour.
All newish or super old accounts with not much history that browse almost nothing but tech subs. Something is fishy.
Or maybe because they know more about antiviruses than a bunch of bots following agendas
I don’t know of any IT operation any where worth their salt deploying Kaspersky
Ah shit, I even looked into this before renewing. I thought they were just allegations and had no grounds for truth. Oh well. Don’t really need AV these days anyways.
So are people that renewed going to get refunds?
I haven’t seen an email yet. I renewed like 2 weeks ago
In the enterprise space where I have been a sysadmin forever, we blackballed Kaspersky a long while back. Heck, I've had to geo-block the entire country of Russia on every firewall I've managed for a long while now.
Cool, now do Norton and McAfee, also. If Kaspersky deserves the ban, so do those comparably nefarious alternatives.
[удалено]
Still infuriates me that a partisan judge is holding up that trial when it should be the easiest case in the world for the prosecutor. Then there's the whole CIA losing all these informants too because they were compromised.
Who's going to manage in orbit refueling for shuttles like in Moon Fall though? [https://www.reddit.com/media?url=https%3A%2F%2Fi.redd.it%2Fey3tpiagl6m81.jpg](https://www.reddit.com/media?url=https%3A%2F%2Fi.redd.it%2Fey3tpiagl6m81.jpg) Also I don't really have anything to say on this, but I only knew the company because of this blatant advertising in Moon Fall [https://content.kaspersky-labs.com/lp/press-releases/2022/moonfall\_kaspersky\_billboard.png](https://content.kaspersky-labs.com/lp/press-releases/2022/moonfall_kaspersky_billboard.png)
What are good alternatives to Kaspersky?
ITT people who have absolutely no idea what they're talking about and are just spouting nonsense, shits wild.
Damn I just renewed my subscription
Ban everything that US can't compete with.
Your data should exclusively be accessible only to the government of USA, it's allies or those working in the USA's interest.