Kaspersky antivirus places a unique identifier on every website you visit

Topic

New Reply

I still swear by Microsoft Defender. Dan Goodin at Ars Technica has the story: For almost four years, AV products from Kaspersky Lab injected a unique
[See the full post at: Kaspersky antivirus places a unique identifier on every website you visit]

2 users thanked author for this post.

jburk07

Reply | Quote

Replies

Guesswork from a user and no I.T. expert, Kaspersky only runs a java script on certain sites. Using Firefox and Noscript, I’ve never run the Kaspersky script and have not noticed lack of function. Of course, Kaspersky uses its own certificates for everything. I’m assuming all my traffic is going through their servers in Massachusetts and/or Mother Russia. As such, I’m assuming bad stuff is blocked on their servers and never reaches me. Just guessing. However, I never get adds based on sites I’ve visited unless I’ve enabled a script for that site, e.g. Youtube, in which case I get recommendations based on previous views. Of course, I’m unsophisticated.

Reply | Quote

I don’t enable kaspersky on one laptop in NoScript also and most of my computers than run Windows use defender or MSE .

I use Linux and Windows 7 and if I totally get rid of kaspersky what can I use for Windows 7 after EOL next year? I still intend to run Windows 7 in the future but I realise most AVs are spyware.

As a side note kaspersky takes minutes to update while Defender, MSE and Malwarebytes ver 2.2.0.1024 takes seconds.

Reply | Quote

Good luck trying to switch Kaspersky off in your browser😒

I use uMatrix and don’t give Kaspersky permission… except when in a hurry on a site I don’t plan to revisit and simply approve everything.

Reply | Quote

This is old news and abot a year ago there was an uproar when Google Chrome recommended uninstalling Kaspersky due to its web injection.

1 user thanked author for this post.

jburk07

Reply | Quote

Defender works for me, before that I used Security Essentials with Malwarebytes. Can’t remember last time I used a paid suite. I do know it was a awful experience.

Reply | Quote

Defender does not protect from viruses in Windows 7. You are obviously using W 10

1 user thanked author for this post.

Fritz

Reply | Quote

I am using a older ver of kaspersky its not affected by this. leak was introduced with Kaspersky’s “2016” editions, released in the Autumn of 2015.To be on the safe side, you can disable the relevant function in Kaspersky’s software: Click the cogwheel icon in the bottom left corner of the main window, then click Additional/Network. Finally, uncheck the “Inject script into web traffic to interact with web pages” option under “Traffic processing.more info on this can be found at this website.https://www.heise.de/ct/artikel/Kasper-Spy-Kaspersky-Anti-Virus-puts-users-at-risk-4496138.html

also I been using Kaspersky for years and saved my butt many times but I did not like the newer version’s of the software. Look’s like I  was lucky.

1 user thanked author for this post.

jburk07

Reply | Quote

Kaspersky has changed the process of checking web pages for malicious activity by removing the usage of unique identifiers for the GET requests. This change was made after Ronald Eikenberg reported to us that using unique identifiers for the GET requests can potentially lead to the disclosure of a user’s personal information.
After our internal research, we have concluded that such scenarios of user’s privacy compromise are theoretically possible but are unlikely to be carried out in practice, due to their complexity and low profitability for cybercriminals. Nevertheless, we are constantly working on improving our technologies and products, resulting in a change in this process. We’d like to thank Ronald Eikenberg for reporting this to us.” I can’t vouch for the authenticity, I didn’t find a KL source for it.

https://community.kaspersky.com/kaspersky-internet-security-13/kaspersky-has-fixed-a-security-issue-cve-2019-8286-in-its-products-that-could-potentially-compromise-user-privacy-by-using-unique-product-id-which-was-accessible-to-third-parties-merged-2871#post15261

Reply | Quote

It would have been helpful to have added that that was a Moderator’s comment on community.kaspersky.com, which you didn’t link to (you linked to a different reply).

 
Further information on Security Week:

Kaspersky Makes Changes After Products Raise Privacy Concerns
By Eduard Kovacs | August 15, 2019

…According to Eikenberg, Kaspersky still injects a script with an ID into every visited website, but the identifier is now the same for all users of a specific Kaspersky product and version.

“A website can no longer recognize individual users. However, that means it is still possible to find out if a visitor has installed Kaspersky software on their system and how old that software is,” Eikenberg said.

“That is actually valuable information to an attacker. They may use that information to distribute malware tailored to the protection software, or to redirect the browser to a suitable scamming page. Imagine something along the lines of ‘Your Kaspersky license has expired. Please enter your credit card number to renew your subscription’,” the researcher added.

 
Read the full article here

1 user thanked author for this post.

Alex5723

Reply | Quote

Kirsty wrote:

It would have been helpful to have added that that was a Moderator’s comment on community.kaspersky.com, which you didn’t link to (you linked to a different reply).

Formal Kaspersky blog :

I heard a bug in Kaspersky products could be used for spying. Is that true?

You may have heard that Kaspersky spies on its clients or helps other spy on them. Some such allegations we have already addressed, but recently a new case emerged, saying that Kaspersky exposed users to cross-site tracking. We address the flap in this short post.

https://www.kaspersky.com/blog/tracking-ids-bug/27979/

Reply | Quote