Advice Request What information can -kaspersky-steal when installed for - HOME USER?

Please provide comments and solutions that are helpful to the author of this topic.

enaph

Level 28
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,787
Friend of mine installed Kaspersky and all of his food from the fridge, pair of socks and TV remote were stolen.
But seriously, WTF!? Where all this nonsense is coming from? Stop spreading this bs until explicitly proven that Kaspersky is involved in any unethical activity.
 

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779

I made this thread long before the conflict. But you already agree to having Kaspersky collect a lot of information — processes running, file paths, hashes of binaries your execute, and even the uploading of files to their cloud that they deem “suspicious” and those can be manually examined by an analyst. It also includes your identity like MAC addresses and IP addresses (they use terms like “hash of MAC addresses” to make it sound better but this is nonsense. You can brute force a hash of a MAC address in 1 minute using an old computer)

That’s what they already collect. In terms of what they can collect? Anything and everything. AV software hooks into the kernel at a level where they see all memory and all files…. They get constant and silent updates in the background that can cause more things to be flagged suspicious or even just replace their own executables with malicious ones that do anything under SYSTEM privileges.

So yeah, ultimately, you have to decide if you trust your vendor or not. All bets are off if you suspect your vendor is malicious.
 

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
What information can -kaspersky-steal when installed for - HOME USER?
What's more - than google and Microsoft already have?

For the home user - these US recommendations - and others are worth nothing.
Kaspersky - for the home user - is still one of the best choices.
So based on this part, I assume, OP doesn’t believe there’s any danger in using Kaspersky. At least for home users
 

Xjoker

Level 1
Feb 19, 2020
38
What information can -kaspersky-steal when installed for - HOME USER?
What's more - than google and Microsoft already have?

For the home user - these US recommendations - and others are worth nothing.
Kaspersky - for the home user - is still one of the best choices.
Ιt can steal the same information as all the other antiviruses, as simple as that.
 
Last edited:

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,243
I had already talked about it.
Like any antivirus, they collect what is called Telemetry. Basically, usage statistics for product improvement, and if you have an unknown file for analysis.
But they don't touch sensitive files like pictures of your dog or daddy Teddy :D

I had already posted these 2 videos, but I put them back.




 

jetman

Level 10
Verified
Well-known
Jun 6, 2017
470
Kaspersky is a very good product. It has consistently performed well for many years.

The Ukraine- Russia war doesn't change this. Perhaps if many users uninstall Kaspersky software from their devices, Kaspersky may struggle to collect enough malware samples to make their products work as well as they currently do. But at the moment, Kaspersky is among the best that money can buy.

If Kaspersky were found to be spying on their users, or acting maliciously, it would destroy their business. That is in nobody's interests. Kaspersky products have been subject to more scrutiny than any other vendor and no evidence has been found of anything untoward.

In my view, Kaspersky remains a trustworthy product.

I expect that governments of the world have backdoors into operating systems like Windows anyway. If they want to spy on someone, they have many other tools they can use!
 

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
But they don't touch sensitive files like pictures of your dog or daddy Teddy :D
Kaspersky’s wording is more permissive than most in terms of what they ask to collect:

URL addresses of the websites visited and time of visits, response from the DNS server and duration of response buffering, IP addresses (IPv4 or IPv6) of the DNS server or domain of the website, domain name
Information about all scanned objects and operations: name of the object scanned, scan date and time, names and sizes of files scanned and paths to them,
If a potentially malicious object has been detected, the transmission includes information about process memory data,
Objects that can be exploited by intruders to harm the User’s computer can be also sent to Kaspersky Lab to be examined additionally:
• Files or their parts.
In addition, for purposes of preventing and investigating incidents, the transmission may also include executable and non-executable trusted files, segments of random access memory, boot sectors of the operating system, and application activity reports containing

This is way more than, for example, F-Secure which does not collect full paths and only sends executable malware, not even documents or macros stripped from documents.


This kind of data is very beneficial to malware analysis, but the double edged sword is that it pretty much paves the way to extract anything and everything from your machine if they either decide to or are forced to configure their heuristics or KSW in bad faith.
 

Zorro

Level 9
Verified
Well-known
Jun 11, 2019
404
What information can -kaspersky-steal when installed for - HOME USER?
McAfee, Webroot and Norton, for example, share more information with their companies than Kaspersky. Windows Defender, by the way, also sends a lot of information. I think that all the arguments about whether it is dangerous or not dangerous to use one or another antivirus is a purely political aspect.
 

ScandinavianFish

Level 7
Verified
Dec 12, 2021
317
Another thing that should be noted is that in the end its all about where the data is sent, for example, I live in Sweden and the servers that McAfee connects to almost exclusively servers located in Germany, while Bitdefender, despite being in the EU, connects to almost exclusively US servers with only one connection being to Romania, while Kaspersky was connecting mostly to servers in Switzerland, with some in the UK and a few in Russia, latter of which was servers that didnt process user data
 

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
McAfee, Webroot and Norton, for example, share more information with their companies than Kaspersky. Windows Defender, by the way, also sends a lot of information. I think that all the arguments about whether it is dangerous or not dangerous to use one or another antivirus is a purely political aspect.

Yep I mentioned in my thread originally, most AV software has similar wording for cloud submission / telemetry. But of the ones I reviewed, Kaspersky has the strongest wording. Nobody else collects exact URLs of your browsing history to improve Web Protection and few collect memory contents...

But again all could be ordered to collect information about you and most have the means to be specifically targeted too.

Another thing that should be noted is that in the end its all about where the data is sent, for example, I live in Sweden and the servers that McAfee connects to almost exclusively servers located in Germany, while Bitdefender, despite being in the EU, connects to almost exclusively US servers with only one connection being to Romania, while Kaspersky was connecting mostly to servers in Switzerland, with some in the UK and a few in Russia, latter of which was servers that didnt process user data
I have some experience here, and it's both about where the data is sent and who has the keys to the house.

For example, at my company based in the USA, we have complied with legal warrants that target out-of-country non-US-citizens which home to a CDN in the EU. But engineers in the USA have access to said EU servers to comply with the warrant, and therefore it's compelled. OTOH, the way we set up our China operations, we set up a completely independent subsidiary, a different PKI chain for secure boot keys burned into the hardware, and our US employees have zero network or building access to the Chinese subsidiary. In this arrangement, the US cannot compel us to do stuff to Chinese customers, and more importantly China cannot compel us to do things to US customers (and they spend a lot of effort compelling us to do all sorts of stuff to Chinese customers, it's ridiculous)

But as a customer, you'd have to take my word that things are set up this way, and our leadership won't cave to requests from either country to change this.


So for me, the questions I have involve whether Russia has any compelling control over Kaspersky USA products (their signature databases and access to uploaded samples, in particular). Also, where does the company stand in terms of Russian or Ukraine sympathy? Eugene already used minimizing language about this "situation" which projects a little bit of bias (honestly I wish he didn't say anything). That's not enough for me to guess what the company would do.

And yes, unfortunately like everything, this is political. Political with real implications though.
 

Trooper

Level 16
Verified
Top Poster
Well-known
Aug 28, 2015
772
McAfee, Webroot and Norton, for example, share more information with their companies than Kaspersky. Windows Defender, by the way, also sends a lot of information. I think that all the arguments about whether it is dangerous or not dangerous to use one or another antivirus is a purely political aspect.
Amen. They are all phoning home. Why this is suddenly a big deal is because the MSM tells you so.
 

Game Of Thrones

Level 5
Verified
Well-known
Jun 5, 2014
220
Kaspersky actually is the most balanced out there from performance to detection all is balanced. they were on radar since a long time ago so actually much more than other companies they were investigated. some say because the HQ is in Moscow its bad. i will continue to using it but if i were a government or critical infrastructure employee or contractor i wouldn't use it but for any other area i would use it.every software can be banned if you look at the big picture here.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top