Kaspersky Application Control - KIS 2017 bug?

[Venustus]

Your browser should be well protected out of the box with code injection into web pages.
Kaspersky, differs from many other products in the way it protects you when browsing. Kaspersky injects code into pages you are browsing to better protect you from malware.It is possible to be infected on secured web pages by carefully crafted "advertisements".
As to PDF's you could do that or invest in HMPA.
@harlan4096 can further elaborate

 

[harlan4096]

About to set PDF reader in Low Restriction group: since it can run normally and does not need to access or make some changes sin sensible areas/processes of the system, sure You can try to do it and check

 

[shmu26]

Your browser should be well protected out of the box with code injection into web pages.
Kaspersky, differs from many other products in the way it protects you when browsing. Kaspersky injects code into pages you are browsing to better protect you from malware.It is possible to be infected on secured web pages by carefully crafted "advertisements".
As to PDF's you could do that or invest in HMPA.
@harlan4096 can further elaborate

I have disabled code injection in secure web pages, because it makes them inaccessible. For instance, I would not be able to load MT.

 

[Venustus]

I have disabled code injection in secure web pages, because it makes them inaccessible. For instance, I would not be able to load MT.

Strange I don't have that issue!
I do however get a slight delay in loading of webpages with it enabled but I can live with that.

 

[shmu26]

Strange I don't have that issue!
I do however get a slight delay in loading of webpages with it enabled but I can live with that.

just wondering: if you have the kaspersky extension in the browser, why do you also need scanning from the AV? Aside from special functions, such as parental control, etc.

 

[Venustus]

just wondering: if you have the kaspersky extension in the browser, why do you also need scanning from the AV? Aside from special functions, such as parental control, etc.

I have disabled the KIS extension from the browser and rely on the av module only

 

[harlan4096]

Script injection controls proper functioning of these special features:

Spoiler

Although You disable it, You still are protected in traffic level by Web AV.

 

[shmu26]

I have disabled the KIS extension from the browser and rely on the av module only

any problem with doing it the other way around, aside from the fact that you lose certain special functions, such as parental, and safe money?

 

[shmu26]

Script injection controls proper functioning of these special features:

Spoiler

View attachment 120171

Although You disable it, You still are protected in traffic level by Web AV.

secure data input means encrypting keystrokes?

 

[Venustus]

any problem with doing it the other way around, aside from the fact that you lose certain special functions, such as parental, and safe money?

If you find you don't need that functionality then yes you can.

 

[Venustus]

secure data input means encrypting keystrokes?

Yes!
Because you are not using the hardware keyboard which can be vulnerable.

 

[shmu26]

Yes!
Because you are not using the hardware keyboard which can be vulnerable.

I just want to make sure I understand: there is a virtual keyboard, and there is encrypting keystrokes on the regular keyboard.
which one of these is "secure data input"?

 

[shmu26]

Script injection controls proper functioning of these special features:

Spoiler

View attachment 120171

Although You disable it, You still are protected in traffic level by Web AV.

why is it that on my version of KIS, which is 2017, the pop-up does not mention a limitation on secure data input?

 

[Venustus]

I just want to make sure I understand: there is a virtual keyboard, and there is encrypting keystrokes on the regular keyboard.
which one of these is "secure data input"?

You would use the virtual keyboard which provides that level of security!There is no encrypting on your hardware keyboard.

 

[shmu26]

You would use the virtual keyboard which provides that level of security!There is no encrypting on your hardware keyboard.

I thought that Kaspersky used to scramble keystrokes. Did they discontinue this, or did I misunderstand?

 

[Venustus]

I thought that Kaspersky used to scramble keystrokes. Did they discontinue this, or did I misunderstand?

No, you must use the virtual keyboard provided if you are entering sensitive data online!

 

[harlan4096]

@shmu26: in Your post #33 You are referring to "Scan Encrypted Connections" and I was referring to Traffic Processing -> Script Injection.

Kaspersky Data Input is operational (if Script Injection On) in default browsers: IE, Chrome & FireFox. Also in Edge in the upcoming K2018.

 

[Deleted member 2913]

I thought that Kaspersky used to scramble keystrokes. Did they discontinue this, or did I misunderstand?

I am also not clear on this.

Here, you replied to me Kaspersky encrypts keystroke even if virtual keyboard is not used.
Kaspersky 2016 Suggestion/Info

Any clear info on this?

 

[shmu26]

I am also not clear on this.

Here, you replied to me Kaspersky encrypts keystroke even if virtual keyboard is not used.
Kaspersky 2016 Suggestion/Info

Any clear info on this?

maybe harlan can set us straight?

 

[harlan4096]

As I said before "Secure Data Input" protects against data by keyloggers in supported browsers and always if "Inject Script" is enabled.

Secure Data Input in Kaspersky Total Security 2016