Thanks for posting. I've had a bad feeling about Kaspersky for quite some time. I flat will not use it even tho I purchased it previously, no myth or conspiracy theories here, just my preference.
Yes, I understand. What worries me most is not possible connection to Russian government but news about Israeli intelligence being in their network (when CIA tools were uploaded to their servers). If LEAs can beak in their network we can assume that other AV vendor's networks are compromised also. So it gives me mixed feelings about using AV.
If you worry about Israelis you should also stay away from any Intel chips. Just read this, it gives you the creeps: https://hardenedlinux.github.io/fir...ME_firmware_on_sandybridge_and_ivybridge.html (Isreal significance: https://www.intel.com/content/www/us/en/jobs/locations/israel/sites.html)
If you happen to be developing a nuke bomb for Iran, you should worry about the Israelis. Otherwise, not to worry.
i mean you're asking the obvious, if you disable a feature, it can't provide the maximum protection. you should be able to configure your AV suite whether the decisions you make lowers the overall protection
The point is that I'm trying to figure out why Kaspersky would give an option disable it, if it significantly lowers protection.
Following your approach then no AV should allow disable any security related feature... I am sure many here will be happy with a tool with no custom settings
"Web-Antivirus, Phishing Protection, Anti-Banner" Are these necessary if you have proper extensions to block all of those anyway in your browser? Is Web-Antivirus just a malware-domain blocker? Anyway, I'm still not convinced that it needs to read my search requests in order to offer those protections.
Kaspersky's Web AV is one the best, definetly not a smart choice to disable. the rest is useless indeed
No you're misunderstanding, that's not the point, see next reply. Exactly, and apparently it's not necessary according to Kaspersky either because they give an option to disable. And I believe that with API hooking you can provide the same type of protection, but I'm not an expert. I'm not saying that Kaspersky is doing anything shady, but I would still like to know if other AV's are using this script injecting technology also.
So how the URL advisor will work without this kind of info? How Safe Money will kick to its protected mode? You may not like this injection, but it is really necessary and the reason that Kaspersky gives an option to disable is because some users requested it, it is a tradeoff. Others AV that offer similar protection will use script injecting or will use browsers extensions (Norton, Avast, Bitdefender ...)
Like I said, you can use API hooking of the browser and most AV's already do this. But I forgot that extensions can also inject scripts so I wouldn't be surprised if other AV's do the same via extensions.
Different implementation same end result, i.e. reading your URL. Hopefully this is not another witch hunting exercise on Kaspersky, they had enough for this year.
Does anybody know if Kaspersky changed https scanning with latest release (b)? I have https scanning enabled but Kaspersky certificate is not used for MITM an more. Here is an example for wilderssecurity: It's the same on all https sites I visit.
I did not use Kaspersky for about a month, but in release (a) KIS was performing SSL inspection and MITM if SSL scanning was on. IDK how it can scan SSL traffic if it doesn't decrypt and re-encrypt it.
I'm not sure if they actually aren't scanning SSL traffic or if they are how they are doing it. If I come across an explanation I'll post it. But I'm pretty sure I noticed the same thing previous to patch b as we purchased some EV SSL certs for some of our sites and I was surprised when they worked on my laptop with KTS.