Kaspersky defends force-replacing its security software without users’ explicit consent
Reading Time: 2 minutesEarlier this week, some U.S. customers of Kaspersky’s antivirus were surprised to find out that the Russian-made software disappeared from their computers and had been replaced by a new antivirus called UltraAV, owned by American company Pango.
The move was the result of the U.S. government’s unprecedented ban on Kaspersky, which prohibited the sale of any Kaspersky software in the country. The ban on selling the company’s software became effective on July 20, while the ban on providing subsequent security updates to existing customers will become effective on September 29.
A spokesperson for Pango, the cybersecurity company that owns UltraAV, defended the automatic migration, which in practice meant roughly a million U.S. Kaspersky customers became UltraAV customers overnight. At a technical level, that meant Kaspersky uninstalled itself from customers’ machines, and UltraAV installed itself, without any user interaction.
That lack of user interaction — or request for consent — is what confused and concerned some former Kaspersky customers.
‘They should NEVER push software onto someone’s computer without explicit permission,’ said Fleischer.
Tius said in the email that this was done to ensure Windows users ‘would not experience a gap in protection upon Kaspersky’s exit from the market.’ (Windows 10 and 11 have their own baked-in antivirus made by Microsoft, called Defender. If a Windows user has a third-party antivirus, and then uninstalls it, Defender switches back on automatically, according to Microsoft.)
Users on Mac, Android, and iOS devices, on the other hand, ‘needed to manually install and activate the service following the instructions on the email,’ said Tius.
Tius blamed the fact that some users were unaware of the transition on them not having ‘an email registered with Kaspersky.’
‘These users were informed of the transition via in-app message only,’ said Tius, who also pointed to an FAQ posted on UltraAV’s website. Neither the in-app message, nor UltraAV’s website, explicitly say that Windows users would experience a software uninstalling itself and installing a completely different software. On top of that, UltraAV is a brand-new antivirus with no previous track record or published security audit, adding to the concerns of customers.
Rob Joyce, the former director of cybersecurity at the National Security Agency, wrote in a series of posts on X that this automatic migration showed why granting Kaspersky software trusted access to anyone’s computer was a ‘huge risk.’
‘They had total control of your machine,’ wrote Joyce.
‘That’s all a risk you implicitly accept and all of it happens regularly,’ he said, adding that he does not remember another time an antivirus did the same thing. ‘They should have probably informed people better, given that security software depends on trust, but even in that case, some people would have ignored the warning.’
Ref: techcrunch
MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG