Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Kaspersky Antivirus Software Exposed Millions to Web Tracking
Source: Tom's Guide
Kaspersky Antivirus Software Exposed Millions to Web Tracking
By Paul Wagenseil a day ago Security
Program injected JavaScript, unique IDs into web pages
UPDATED with comment from Kaspersky.
Kaspersky antivirus software let websites track users for years, a German journalist revealed today (Aug. 15).
Ronald Eikenberg of c't magazine detailed how the Kaspersky software installed on a test laptop injected JavaScript code onto every web page rendered on every browser on a test laptop.
Even worse, the Kaspersky JavaScript contained an ID number that was replicated in every page rendered on a single machine. The ID number was changed on other PCs.
"That's a remarkably bad idea," Eikenberg wrote in the English version of his article (it's also available in German). "Other scripts running in the context of the website domain can access the entire HTML source any time, which means they can read the Kaspersky ID. In other words, any website can read the user's Kaspersky ID and use it for tracking."
You can disable the Kaspersky ID injection entirely by going into your Kaspersky software's settings, then Additional/Network, then locating Traffic Processing and unchecking "Inject script into web traffic to interact with web pages."
-snip-
By Paul Wagenseil a day ago Security
Program injected JavaScript, unique IDs into web pages
UPDATED with comment from Kaspersky.
Kaspersky antivirus software let websites track users for years, a German journalist revealed today (Aug. 15).
Ronald Eikenberg of c't magazine detailed how the Kaspersky software installed on a test laptop injected JavaScript code onto every web page rendered on every browser on a test laptop.
Even worse, the Kaspersky JavaScript contained an ID number that was replicated in every page rendered on a single machine. The ID number was changed on other PCs.
"That's a remarkably bad idea," Eikenberg wrote in the English version of his article (it's also available in German). "Other scripts running in the context of the website domain can access the entire HTML source any time, which means they can read the Kaspersky ID. In other words, any website can read the user's Kaspersky ID and use it for tracking."
You can disable the Kaspersky ID injection entirely by going into your Kaspersky software's settings, then Additional/Network, then locating Traffic Processing and unchecking "Inject script into web traffic to interact with web pages."
-snip-
Read more: https://www.tomsguide.com/news/kaspersky-antivirus-software-exposed-millions-to-web-tracking
1 replies
= new reply since forum marked as read
= new reply since forum marked as read
