Kaspersky's antivirus software takes non-threatening files (updated)

Discussions of applications and operating systems and any problems, tips or suggestions. Win XP, 9x/2k, Linux, NT, photo editing, Virus/Spyware help
Post Reply
User avatar
FlyingPenguin
Flightless Bird
Posts: 32773
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Kaspersky's antivirus software takes non-threatening files (updated)

Post by FlyingPenguin »

The dirty little secret is ALL AV apps do this now. When you opt in for 'cloud' features, your AV app sends any suspicious files back to the mothership (yes even Windows Defender - there's a setting to opt out in Defender).

When you install an AV product, you are purposely installing what is essentially a rootkit that we assume is benign. AV apps have high level access to everything in your PC (they need to in order to do their job) and you place your trust in that AV company.

An AV app could easily be tweaked to also send anything else to the mothership - like all your document files. You would hope that a reputable company wouldn't do that.

I don't think Kaspersky is actually doing anything wrong. If McAfee was on that NSA employee's laptop, it would have sent the suspicious NSA files to McAfee's mothership for examination. That's what it's supposed to do. And with the NSA getting into everyone's business over here, that's why American AV companies are losing money over seas. China doesn't trust OUR AV apps not to be compromised. For that matter, neither do I.

The fault here lies with the NSA employee who took home spy tools he wasn't supposed to and kept them on a non-airgapped PC.

But yeah, it's probably prudent for US agencies not to trust foreign AV companies.

Can Putin's government coerce Kaspersky to spy for them? It's certainly possible. ESET's headquarters are in Slovakia BTW. Can we trust them? Can I trust any AV?

Me? I don't care. Any file of any importance on my PC is encrypted. It's a pain, but I zip anything of importance with AES256 encryption. I ASSUME nothing is safe if your PC is connected to the Internet. That's the world we live in now.

I use Windows Defender and I do leave the cloud feature on. Let's be real: if MS was in cahoots with the NSA, that switch would do nothing anyway. Besides, they WROTE the OS. Microsoft could do anything they want in the background. I scan with Malwarebytes once a month and take it on faith they aren't doing anything bad, but who knows?

I would say that if you wanted to be safer, set yourself up as a limited user and don't use ANY AV.

Hopefully your word processor or tax software isn't phoning home either :)

There's a little paranoia I do give into. I don't like/trust 'cloud' connected software which is why I still use Office 2003 and Quickbooks 2002. The other bonus is they run like greased lightning on a modern PC.
"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "

Image
Post Reply