from the I-remember-an-internet-with-no-ads-or-malware dept.
[Ed. note: I had mixed feelings about running this story. It reads like a slashvertisement, but might be of genuine use to some members of our community (or people whose systems they help support). Decided to give it a try — please provide feedback in the comments.]
Kaspersky Anti-Ransomware review: A free tool that actually works:
Ransomware is malicious software that can lock your computer and files while demanding a ransom be paid to unlock it. This sort of attack can be much more serious than a typical virus or malware attack because much of the time, you end up losing all of your files that weren't backed up. Ransomware can be especially hard to prevent because it typically comes disguised as another trusted file.
Anti-ransomware software comes packed in with most of the best antivirus software or PC security packages including Windows Security. Anti-ransomware software needs to get very frequent updates to stay in front of threats. Since ransomware often comes disguised as something a user wants, they can let it through the first lines of security before they know there's a problem.
Kaspersky's Anti-Ransomware Tool looks for behavior and commonly infected files to offer a last line of defense on your system. It's also backed by a cloud-connected set of definitions to stay updated without waiting for a scheduled definitions update.
Always updated Kaspersky Anti-Ransomware Tool
Bottom line: When it comes to PC security, you can never be 100% sure your PC is risk-free, Kaspersky Anti-Ransomware Tool adds another layer of security with an up-to-date and well-reviewed knowledgebase of safe and risky applications. It's also able to watch out for suspicious app behavior in case a threat is new enough that it hasn't been detected yet.
The author notes some shortcomings in the tool, as well, so it's a mixed recommendation. Read the full article for details. Would you get/use it?
(Score: 1, Informative) by Anonymous Coward on Monday July 20 2020, @09:16PM (4 children)
"The application feels like an ad [...] Asks for an uncomfortable amount of data"
maybe it's like the old adage "you're not the customer, you're the product"?
(Score: 0, Troll) by Anonymous Coward on Monday July 20 2020, @09:17PM (2 children)
I give it 1 star for being Winblows only.
(Score: 2) by zoward on Monday July 20 2020, @09:26PM (1 child)
Of course it's Windows only; how many ransomware packages support Mac, Linux, *BSD, etc?
(Score: -1, Flamebait) by Anonymous Coward on Monday July 20 2020, @10:20PM
It's totally racist that the Linux population has to keep facing the same damn privileged rules set forth by the so called master of all OS's.
(Score: 2) by DECbot on Tuesday July 21 2020, @01:14AM
Took a quick look at the protocol to see how it works. It went something like this:
Don't ask me about the German in there. Maybe my sample russian ransomware was from East Berlin? Who knows wtf this stuff comes from.
cats~$ sudo chown -R us /home/base
(Score: 5, Interesting) by Opportunist on Monday July 20 2020, @09:26PM (2 children)
I have a test from AV-Test [av-test.org] here and while Kaspersky is certainly among the top contenders, the times when they were the gold standard for antivirus protection are over. I had a chance to talk with AV-Test a while ago and what they do is a pretty interesting way to test how these AV-Kits handle unknown threats. They collect samples for various trojans, then pit older version of the AV-suits against the current threats and check how they deal with threats that they can't really know about yet.
To understand the logic behind this, most malware isn't some new development but a variant of existing ones. An "evolved" variant, if you will. The malware writers basically take their existing malware, add some functionality, remove others, and when you analyze malware, you find a lot of legacy code and defunct snippets in the code. This is why some (of the better) AV kits can actually detect newer variants of malware, at the very least with heuristic approaches.
Kaspersky used to excel at this, to the point where they even managed to detect some POCs I created that contained routines that were often found in malware. In the past 5-6 years, though, their quality did decline. Resource usage went up, speed went down and detection rates aren't really where they used to be.
I guess the ex-KGBs Eugene hoovered up back in the days found out they can go work for someone else, too...
(Score: 1, Interesting) by Anonymous Coward on Tuesday July 21 2020, @12:14AM (1 child)
Didn't a number of people from Kaspersky get sniped by Bitdefender and someone else around 2012 and 2015.
(Score: 2) by Opportunist on Thursday July 23 2020, @10:55PM
Glad you said that or someone could say I'm making derisive remarks on the competition.
As an ex-boss of mine once said, never say anything bad about your competition, and only say true things about them. This is why we say "Symantec has really great box art".
(Score: 1) by fustakrakich on Monday July 20 2020, @09:56PM
Whoops!
La politica e i criminali sono la stessa cosa..
(Score: 1, Insightful) by Anonymous Coward on Monday July 20 2020, @10:43PM (7 children)
No thanks, I'd rather not put the fox in charge of the hen house.
(Score: 4, Insightful) by FatPhil on Monday July 20 2020, @11:59PM (6 children)
I don't trust the russkies, but would trust the ________.
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 1, Funny) by Anonymous Coward on Tuesday July 21 2020, @12:23AM
Sentinelese.
(Score: 2) by captain normal on Tuesday July 21 2020, @12:35AM (2 children)
"...but would trust the..." I've had pretty good luck trusting Fins, Swedes, Norwegians, Dutch and the French.
"It is easier to fool someone than it is to convince them that they have been fooled" Mark Twain
(Score: 0) by Anonymous Coward on Tuesday July 21 2020, @08:43AM
You trust the French?
Of the countries you listed there, they're the ones with the secret service (DGSE) most likely to surreptitiously install crap on your systems...this is the country who, back in the day, were so paranoid that they refused to allow any form of encrypted traffic to-fro a certain establishment with international connections as they hadn't the wherewithal at the time to crack/MitM it..
Of course, with sloppy password reuse amongst academics, and the fact that they monitored all external telnet(no encryption remember, so no ssh..)/pop/imap connections from the site, they had quite a stash of username/passwords for a hell of a lot of accounts in other countries to play with..amusingly, this included accounts in another country whose paranoia of a different level had led them to gate access to a lot/all (I never found out which) of their establishments through one Internet visible server which allowed only ssh access from a subset of the rest of the planet, and only allowed ssh connections to then be made to the various 'internal' establishments the users were authorised for, so thanks to the good old telnet from France to our site, then ssh from us to the homeland, the system of the differently paranoid country wasn't as secure as they probably thought it was..
The games people played back in the day....
(Score: 2) by FatPhil on Tuesday July 21 2020, @10:53AM
But I have too many tales of how I wouldn't trust the French further than I could catapault them, and would certainly like the chance to find out exactly how far that is. I do believe the phrase "fucking useless" passed my lips many dozens of times when I was working over there.
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 3, Funny) by DECbot on Tuesday July 21 2020, @01:25AM (1 child)
I don't trust the russkies, but would trust the absolute certainty of death, taxes, that misery loves company, and that my government does all of those the best.
cats~$ sudo chown -R us /home/base
(Score: 2) by tizan on Tuesday July 21 2020, @05:11PM
That is the dream any form of competence in government...the US government is utterly incompetent even in doing bad things. It wastes plenty of money trying to do these things that the ruskies are good at but we have seen the competence of the US in secrecy and non secrecy stuff. A contractor walking around NSA servers with USB sticks and downloading stuff....right and then goes and hide in Russia.
They are the worst but Hollywood has managed to make them sound like super hero geniuses.....which they are not.
Just look how they are dealing with protestors in Portland...they had a premature ejaculation in front of naked Athena (https://twitter.com/DonovanFarley/status/1284410621283328000?s=20) if they were any "1984" good these protests would not even start !
We can hope that they are allowing us still to talk because of the 1st amendment and not because of utter incompetence in being the super russia.
Enough ranting now.
(Score: 2) by progo on Monday July 20 2020, @11:40PM
Probably better to shop around, choose wisely, and pay for something that treats like a friendly customer.
(Score: 2) by FatPhil on Tuesday July 21 2020, @12:02AM (4 children)
Of course a few high profile high value cases will hit the mainstream media, but is that just like other such stories - trying to frighten us into doing something?
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by Runaway1956 on Tuesday July 21 2020, @02:22AM
I see where you're going with this - but I'm still not sitting under the only tree in miles during a lightning storm. ;^)
Abortion is the number one killed of children in the United States.
(Score: 0) by Anonymous Coward on Tuesday July 21 2020, @04:57AM
I know a number of people who have gotten hit, some multiple times. They generally fall into two categories on a bathtub like curve of frequency vs sophistication. The largest number are the lowest end users that don't run content blockers, open bad emails, download sketchy software, or do other risky things with some frequency. At the other end, are those that work at relatively large companies especially when attached to important positions or those that would regularly require opening external attachments. Most people I know that would fall in the middle of that haven't gotten it at all. It is worth pointing out, however, that both ends of my "sophistication" scale are probably considered high risk users for bad things anyway.
(Score: 0) by Anonymous Coward on Tuesday July 21 2020, @09:17AM
When I still supported Windows machines, I'd get maybe one call every couple of months or so, that was a couple of years back, and I'm now out of the IT game, so I've no idea as to the current levels.
The thing was, a lot of 'corporate' cases back then never got reported/publicised, as they usually paid up and they do so love to protect the good old corporate image...It's probably still the same.
I know of one Charity who got hit back then, they've kept quiet about it as turning the spotlight on the fact that the reason it happened in the first place was that the person in charge of their IT has ( yes, present tense...) no relevant qualifications or experience in the field (that is, unless being a relative of the CEO now counts), and any forensic external scrutiny might lead to someone opening up a larger can of worms, in fact, they're hoping no-one ever finds the cupboard full of canned worms...
I've been told this isn't atypical of charities, and the only way to spot the payouts to the ransomers is to look through the accounts for 'unusual'/atypical purchases/training etc. etc. and noting the curiously generous amounts paid.
(Score: 2) by Opportunist on Thursday July 23 2020, @11:00PM
It's a pretty big issue in corporate environments. For a while fake resumes with malware-loaded PDFs were the craze, sent to HR departments and, well, it's basically their job to open PDFs with resumes, so ...
Consumers are mostly hit if they're greedy or stupid, or a combination thereof. "Open this quickly, this is your lawyer, and if you don't read this TODAY we're gonna lose a lot of money!"
(Score: 3, Funny) by Megahard on Tuesday July 21 2020, @02:27AM (1 child)
I doubt even the best anti-ransomware program can stop me from accidentally deleting my files.
(Score: 2) by Opportunist on Thursday July 23 2020, @10:58PM
No anti-ransomware program can stop anything from happen that may well be the user's intention. That's why it is quite hard to protect against file encryption blackmail because, well, what does it do? Open a file, edit it and save it again. The only thing you can actually do is notice that this happens to a LOT of files in a short time period and react to that, but then again, that could as well be some sort of tagging batch job.
Not really that easy to do.