Kaspersky and Internet Security

Wow - not posted here for ages. Sadly I'm breaking the silence with a rant ...

As part of a discount thing, I got a 5 licence copy of Kaspersky Internet Security 2010 a few months ago. The 5 licences went to my laptop, my desktop, my dad's laptop and my sister's laptop with one being held in reserve for when I eventually rebuild my desktop.

On the whole, it's a competent product. It doesn't cause a temporary whole machine freeze like McAfee did, plus it has spotted a few nasties come in. McAfee was allegedly on guard when my Eve account details got stolen. Kaspersky looks like it does the job and it installs and runs easily. You get the occasional alert "Kaspersky is turned off" when starting Windows but that's the Race Condition you sometimes get. I.e. Windows has checked for active AV before the AV has gone active. No big deal.

What is a big deal is when a piece of software does too much. I used to use a program called Zonealarm as a personal firewall, until I got annoyed at it Doing Too Much.

Kaspersky does this as well but how :

Application blocking - if it doesn't trust it, then it'll add it to the restricted applications list. It won't tell you that it's done this. I discovered after asking "why is my BOINC Climateprediction not doing anything?" Kaspersky had decided it didn't like the look of the mini executables that BOINC uses and just blocked them with the only notification being an entry in the Restricted apps list.

Network blocking - If you connect to a wireless SSID and click on "Location : Home", you would expect it to work properly. Not so, Kaspersky will say "I don't know this" and block it. This has the effect of disabling network file shares (Windows workgroups) and network printing. People may be able to see the machine on the LAN but can't connect to it. Again, the only notification is an entry in the Networks list that says "Public". This is sadly avoidable as Kaspersky should really be asking Windows whether the network is Public or Home.

Looking at the problems with cold, hard logic would say "Nothing wrong here, it's attempting to do its best to protect the system it is installed on." Which is fair enough, however the critical aspect is "It hasn't told me".

First noticed this on the Snowdon weekend where I couldn't transfer pictures across the wifi LAN at the house there. Thought it was Windows doing a Funny and dismissed it as network transfers worked when I got home. However, I've changed my wifi SSID here (to prevent jamming of the audio streaming) and when Kaspersky saw that, it decided to block it. No more network transfers ... This continued with my dad reporting problems with his printing, where he has a printer hooked up to a rarely used desktop. His laptop couldn't see the desktop to allow printing.

To troubleshoot, I did the standard thing of thinking Windows had done a Funny and went through setting the filesharing options back to default. No joy, except seeing a desktop that could see the 2 laptops but laptops that couldn't see anything. The "Odd One Out" theory strikes here, the desktop is the only one not running Kaspersky. A quick look in the deeper options of Kaspersky spots the issue, it had tagged the networks as "Public" thereby firewalling the computers.

This is a problem I'd only expect a Nerd Level User to fix, due to the lack of feedback from the application at fault. To be an issue with an all in one product like a major name's Internet Security product is inexcusable. Even with my Nerd Level Knowledge, it was sheer luck that I joined the dots enough to identify the cause of the problem.

I will be voting with my feet, when my Kaspersky licences run out I will be changing who I have my anti virus protection from. I can see the logic behind the protection measures but the lack of any feedback as to what it has blocked just causes a critical level of confusion.

Now then - who knows a competent anti virus supplier ? My blacklist is getting ever longer ...