Kaspersky Defends Stealth Swap of Antivirus Software on US Computers (techcrunch.com)
- Reference: 0175139031
- News link: https://it.slashdot.org/story/24/09/26/1825249/kaspersky-defends-stealth-swap-of-antivirus-software-on-us-computers
- Source link: https://techcrunch.com/2024/09/26/kaspersky-defends-automatically-force-replacing-its-software-without-users-explicit-consent/
Kaspersky spokesperson Francesco Tius told TechCrunch that the company informed eligible U.S. customers via email about the migration, which began in early September. Windows users experienced an automatic transition to ensure continuous protection, while Mac and mobile users were instructed to manually install UltraAV. Some customers expressed alarm at the unannounced software swap. Kaspersky blamed missed notifications on unregistered email addresses, directing users to in-app messages and an online FAQ. The abrupt change raises concerns about user autonomy and privacy in software updates, particularly as UltraAV lacks an established security track record.
[1] https://techcrunch.com/2024/09/26/kaspersky-defends-automatically-force-replacing-its-software-without-users-explicit-consent/
[2] https://tech.slashdot.org/story/24/09/23/1949250/some-kaspersky-customers-receive-surprise-forced-update-to-new-antivirus-software
[3] https://news.slashdot.org/story/24/06/20/1322221/biden-to-ban-us-sales-of-kaspersky-software-over-ties-to-russia
The Russians tricked me! (Score:2)
No surprise.
What's the controversy? (Score:5, Informative)
I don't understand why this is such a huge controversy, the whole thing seems really straightforward:
1. Kaspersky is banned from the US.
2. Kaspersky plans to replace their soon to be unsupported antivirus software with an American one (a good thing to do, seems like Kaspersky really does care about the security of their users).
3. Kaspersky communicates this to their customers via email and the application (again, this is the right way to do it and a good thing).
4. The time comes and Kaspersky replaces it's software with the US antivirus.
And then the result of this is users saying "omg this software that has complete control of my computer is able to install software?!?! Scary!" Give me a break. This whole thing is such a non-story, please correct me if I'm missing something or if you have a different perspective.
Re: (Score:2)
You're correct. It'd actually irresponsible for them to do otherwise and they communicated pretty clearly on the issue. I'm guessing they got paid by UltraAV (or whatever), though. However, I can't really blame them. The seemed to have made the best of a bad situation and did right by their users. I suspect this was more red meat for the "Russia! Russia! Russia!" hyperventilation crowd which is a significant part of Slashdot's base and admins.
Re: (Score:2)
It is very likely the opposite, that Kaspersky OEMed UltraAV.
Kaspersky is a huge, very profitable company. UltraAV is a nothingburger.
In fact I would not be surprised if Kaspersky has not taken a majority stake in the company.
Re: (Score:2)
In fact I would not be surprised if Kaspersky has not taken a majority stake in the company.
You not being surprised and them actually doing so are not the same thing.
Did it actually happen?
Re: (Score:2)
Can someone tell me what Kasperdky did, or what evidence exists that they did something bad?
Re: What's the controversy? (Score:2)
At [1]https://ultrasecureav.com/faq [ultrasecureav.com]
It says
Due recent restrictions to Kaspersky, UltraAV is operating as an independent service provider in order to offer comparable continued service for Kaspersky US customers.
That makes it very clear that they are contracted out to Kaspersky.
[1] https://ultrasecureav.com/faq
Re: (Score:2)
It's very questionable how "american" UltraAV is. UltraAV is owned by Pango, a site which owns multiple VPN companies and a VPN review site (not suspicious at all).
Pango is in turn owned by WC SACD Holdings Inc, a Massachussets company. The CEO, Hari Ravichandran, [1]is the CEO of Aura and talks as Pango as a subsidiary [jpmorgan.com]. Aura in turn [2]has a technobabble about us page that says nothing [aura.com].
The UltraAV software itself isn't signed by Pango, WC, or Aura. It's signed by " Max Secure Software India Private Limited ".
[1] https://www.jpmorgan.com/insights/banking/commercial-banking/creating-a-safer-internet-with-aura
[2] https://www.aura.com/about
Re: (Score:2)
It's windows they have complete ring-0 root control of the OS it's extremely simple.
We got a workaround? (Score:1)
I'm sticking with kaspersky one way or another....Any known work around yet?
Re:We got a workaround? (Score:5, Interesting)
Considering Kaspersky is on the entity list, it's probably looking to just divest of any US interests ASAP to avoid further sanctions to preserve it's reputation abroad for the rest.
I wouldn't be surprised if they make some effort to block machines in US from installing their AV.
Re: (Score:1)
Send everything on your computer directly to Kremlin without going thru Kaspersky
Re: (Score:2)
Send everything on your computer directly to Kremlin without going thru Kaspersky
What evidence exists that this happens?
I am asking honestly. I do not really know the backstory.