Should you uninstall Kaspersky software?

Q: Should I uninstall Kaspersky anti-virus from my computer?

A recent Wall Street Journal story about a National Security Agency contractor that had classified documents on his home computer and was allegedly targeted because of his use of Kaspersky Lab anti-virus software has once again put the Russian cybersecurity company in the spotlight.

The theory is that hackers used the file inventory process that Kaspersky anti-virus uses to discover the sensitive files and target the contractor.

Concerned?  See below for suggestions on how to remove Kaspersky from your computer.

Government ban

Software from Kaspersky Lab was removed from the U.S. General Services Administration approved list in July and in September, the Department of Homeland Security ordered federal agencies to stop using any software made by Kaspersky Lab because of concerns about the company’s ties to Russian intelligence.

The founder of the company, Eugene Kaspersky, has long had a cloud of uncertainty over him because of his early ties to the KGB and its replacement, the FSB. As a teenager, he studied cryptography in school and by his mid-20s, he created an anti-virus program to protect his own computer that eventually led to Kaspersky Lab.

This most recent allegation certainly makes using the company’s software even more disconcerting.

Should you remove it?

Despite the company’s repeated denials of any connection to the Russian government, with the plethora of security programs that don’t come with the “Russian baggage,” switching to another program is the safest way to go.

To be realistic, the likelihood that you would somehow become the target of Russian government hackers just because you are using a Kaspersky program is pretty slim, but there’s no reason to take the chance.

Alternative programs

The vast majority of security programs on the market are actually from companies outside of the U.S. For example, popular programs such as AVG & Avast (Czech Republic), Bitdefender (Romania), ESET (Slovakia), F-Secure (Finland), Panda (Spain), Sophos (UK) and Trend Micro (Japan) are all controlled by companies outside the U.S.

Many in the U.S., because of ongoing concerns about the U.S. government’s overreach, have proclaimed their preference to using a program based in another country, especially allies such as Finland, the U.K. and Japan.

Switch to Trend Micro, Security You Can Trust.

Removing Kaspersky Lab products

The standard way of removing programs in Windows is via Start > Control Panel > Add/Remove Programs, or you can use Kaspersky’s removal tools for either Windows or MacOS.

Advanced Windows users may want to take the additional step of manually scanning the registry to a make sure that all Kaspersky-related keys have been removed.

Mac users can also use the free Dr. Cleaner app to ensure that it’s properly removed as simply dragging it to the trash does not properly remove it. Some programs like Trend Micro Worry-Free Business Security can automatically remove other programs, which makes converting a large number of computers more efficient.

Ken Colburn is founder and CEO of Data Doctors Computer Services. Ask any tech question on Facebook or Twitter.

Read more »

Why Users Block Ads on Mobile

A new study has been conducted and released by Free Adblocker Browser (FAB), which is a mobile browser option for Android devices. This browser has a built in ad blocker, and they were looking to learn what types of things prompt users to start blocking services. With this in mind, they surveyed US consumers to discover their reasoning.

One survey option that was asked was, “Publishers need to make money – either by showing ads or by asking for users’ payments.” To this, 55.9% said that they agree, 12.5% said they strongly agree, 21.1% do not agree, and 10.5% strongly disagree. This may be a cause for some concern. If more than 31% of all users believe that publishers do not need to make money, it reveals an obvious misunderstanding of how the Internet works and where all the content is coming from.

The survey also looked at what types of ads people dislike the most. 49.8% said that pop-ups were the worst, 20.2% said non-skippable video ads, 10.6% said auto-play video ads, and 9.4% said banner ads. It is understandable that some people don’t like the auto-play ads, given that it can eat into data plans without any benefit to the users.

One other interesting point that came from the survey is that while 68.4% of participants said that they know that high-quality content takes time and money to produce, 60% of them said that they do not subscribe to any sites that offer premium content.

As ad blocking becomes easier and easier, many brands and marketers are going to have a hard time getting their message out.

via Pacedm

Read more »

Password Hacking and You

There are 2 primary methods to hack passwords: Brute Force and Password Guessing. Of the 2, believe it or not, it is easier to guess someone’s password than to try every combination of letters, numbers and symbols. In a brute force attack, password attempts would progress from: a, b, c; to aa, ab, ac; to aaa, aab, aac; and so on.  

The core question is not, “Can my password be hacked?”, but rather “How long would it take?”. That’s where password entropy comes into play for our (the user’s) benefit. Loosely defined, entropy is disorder. Since a brute force attack is a very orderly attack, the more disorder you have in your password = better.  

Numbers Game
With 5 lower case characters, an online attack would get your password right in an average of 1 hour, 21 minutes. However, by introducing say a capital letter, a number, and a special character, that time rises to around 1.5 months.

With 7 lower case characters, a brute force attack would consume ~3.2 months, but if you introduce those other random characters, it rockets up to an average of 11 centuries! Taking it even further, at 8 characters the online crack time goes to 1,000 centuries which is effectively long enough to be considered near impossible under current computing capabilities.  

That said, if the hacker is able to do an offline, or massive cracking array scenario, the password can again be deduced in a matter of hours. As such, even though the typical minimum / safe password length is 8 characters, what you use as your password matters even more.

Simplicity Opens the Door
Every attempt to get your password will begin with guessing. According to a released “hack file” of 5 million passwords, we know what the most common passwords are, so hackers will start there.

Top passwords for 2016:

123456, password, 12345, 12345678, football, qwerty, 1234567890, 1234567, princess, 1234, login, welcome, solo, abc123, admin, 121212, flower, passw0rd, dragon, sunshine, master, hottie, loveme, zaq1zaq1, password1

4% of the passwords were “123456”! That’s 200,000 people in the sample set with that password!

Read more »

New router-based solution protects home IoT devices

As we bring more and more smart devices into our homes, we potentially open ourselves up to a variety of new risks with devices opening back doors into networks or falling prey to botnets.

German antivirus company Avira is launching a new approach to home security which needs no new infrastructure on the domestic network and no configuration done by the user.

SafeThings sits within the home router and works with cloud-based machine learning. Avira licenses the product to router manufacturers and internet service providers, enabling them to protect networks from misuse and to deliver value-added IoT security services directly to end users.

"At Avira, we have been at the forefront of Artificial Intelligence innovation for a decade, being the first vendor within the security industry to identify how to apply AI to our field and to do it," says Travis Witteveen, CEO of Avira. "We have a wealth of experience in protecting both the privacy of end-users and the security of their traditional devices. Today we stand alone in the cyber security industry with the introduction of Avira SafeThings, an innovative router app and behavioral threat intelligence platform that secures all IoT devices in the home. We've designed SafeThings to effectively solve the IoT vulnerabilities without being too invasive, expensive, or complicated for the end user -- and we've done this in a way that provides additional benefits for the internet service providers and router manufacturers."

SafeThings is made up of a number of modules, Protection Cloud builds category and individual device profiles to create device management and rule definitions and automatically protect the device functionality. By analyzing metadata on gateway traffic, no invasive deep packet inspections are needed.

The Sentinel module is a software agent positioned at the gateway to each smart home, embedded in the firmware on the router, Sentinel fingerprints IoT devices and collects packet header metadata for AI analysis. After communicating with Protection Cloud, Sentinel enforces protection and communication rules.

A web-based user interface shows users in real time what each IoT device in their network is doing and enables them to see and modify firewall policies and device rules. There's also a Data Forefront API service that lets service providers and OEMs access and control SafeThings functionality, for example to drill down into specific details and control rules and actions to be taken in case of a compromised device.

It also allows for custom plugins to let SafeThings clients offer their end users additional security apps via a branded secure app store. These integrated services such as VPN or parental controls would operate at router level with management in the cloud.

"We see SafeThings as a 'B2B2C' product, providing consumers with the security and privacy protection they need while delivering it to them via the internet service providers and router manufacturers. As an embedded software solution, SafeThings is imminently flexible according to each client’s technical and marketing needs,” adds Witteveen.

You can find out more on the Avira website.

Image Credit: lucadp / depositphotos.com

via betanews

Read more »