Kaspersky Internet Security for Mac is a comprehensive security suite that gives you real-time protection for you and your family from hackers, phishing and malware websites, viruses and adware.
Kaspersky internet security 2017 free download - Trend Micro Maximum Security, AVG Internet Security, McAfee Internet Security, and many more programs Navigation open search.
With key components Kaspersky Internet Security for Mac is able to protect computers in real time against various forms of malware. The app provides safety from identity theft, phishing, and it is able to secure online financial transactions with the Safe Money feature to give you peace of mind while shopping online.
Key Features include:
- Parental controls monitor.
- Network Attacks Blocker.
- Protection from adware, viruses, trojans, worms and spyware.
- Global threat monitoring.
- Webcam protection.
- Private browsing.
- Safe money.
- Automatic database updates.
- Free technical support.
The interface has a simplistic look that consists of a main window with five borderless buttons aligned horizontally, labeled Scan, Update, Safe Money, Parental Control and privacy protection. These areas can be configured to suit your individual needs.
A great feature of Kaspersky Internet Security for Mac worth noting is the Network Attack Blocker. This component protects your Mac against unwanted intrusions and protects against cybercriminals that use port scanning and brute-force attacks to install malware that could be used to steal your personal data.
Overall, Kaspersky Internet Security for Mac is a great, all-around security suite for the Mac platform. The antivirus protection is top notch, along with solid privacy protection and sturdy banking security makes this security suite one to try.
Note: This is a 30-day commercial trial.
On Tuesday, I got a text message from my father that nearly made me fall off the treadmill at the gym: 'Help! How do I turn off untrusted on my Mac?'
I texted back, 'What do you mean?' and then stepped off to call him. He explained that he was trying to install Kaspersky Internet Security on his MacBook; his auto-renewal for software updates had been cancelled because he had gotten a new credit card, so Kaspersky had told him he needed to do a new install to re-establish his account. After downloading the installer from Digital River through an online purchase, he launched it and got an error: 'Certificate used to sign package is not trusted. Use –allowUntrusted to override.'
Given that there has been a number of cases of MacOS malware protection tools being shown to create security vulnerabilities—including, most recently, the revelation that ESET Endpoint Antivirus 6 for macOS could be used to remotely execute code by an attacker—I was concerned that something was going horribly wrong. I was afraid my father had somehow gotten a maliciously altered copy of the installer or that some other hijinks were involved, so I told him to contact Kaspersky's technical support. Then I got back on the treadmill. As I finished up my morning run, he texted again:
'I went to their chat center and they resolved the problem. I had to set the date on the computer back two weeks. Then it installed properly.'
To summarize: the installer failed, but it gave a command-line flag in its error that showed how to bypass the validation of its software packages' security. The certificate on the packages being sold digitally (a September 15, 2016 build) had expired two weeks previously. And the fix for that problem was to set the system clock back two weeks to perform the install.
I asked my father to send me the installer so I could take a look at it. It arrived in a nearly 200-megabyte MacOS disk image file, along with an uninstaller application. With his permission, I ran the installer to diagnose what was going on—and poked around the installer to see what was under the hood. I did not complete the install myself in the process.
As it turns out, the installer is essentially an encapsulated WebKit application powered partially by JavaScript, plus a 186-megabyte software package file for Apple's own Installer utility. The certificate holding up the install is the one issued by Apple's developer program to Kaspersky Lab UK LTD.
And sure enough, the certificate on the package expired on February 22.
But this isn't something that would normally stop an Apple install—in fact, when executed on its own with Apple's Installer.app, it would proceed normally because Apple allows expired developer certificates on software installations for backward compatibility. MacOS will not, however, allow a package with a revoked certificate to install.
That means that the certificate check was being done not by MacOS but by Kaspersky's own installation wrapper before launching the MacOS installation utility—apparently as part of a validation of the package. But then it also gave instructions within the error message on how to bypass that very check (though they are not instructions an average Mac user would know how to follow).
To see if there were any clues as to how the certificate was being checked by the installer, I ran it while performing a packet capture. And I discovered that there is an effort at install time to validate the contents of the package when the installer is launched over the Internet—but not the sort of check I expected. The installer connects to a Kaspersky website via HTTP and fetches a text file containing the names, sizes, and what appears to be hash values for the files in the installer's 'Packages' payload. Aside from kismac.pkg (the main software payload), the other files are all Rich Text Format files with Kaspersky's end-user license agreement in various languages. At the end of the list is a concatenated string that appears to contain keys.
Again, all of this is in plain text. That's the extent of the installer's communication with Kaspersky over the Internet.
None of this suggests directly that Kaspersky's installer is vulnerable to tampering or exploitation. But it's not exactly a model of best security practices, either. I reached out to Kaspersky on Tuesday to ask about the rationale behind the installer and why, instead of offering a patched version, the company’s support team was telling users to turn their system clocks back.
Update [February 28, 1:00 pm]: A company spokesperson provided the following response:
This was a technical issue that only occurred for 24 hours, which was reviewed and fixed within Kaspersky Internet Security. Also, the system clock was a temporary solution to help address the customer’s needs in a timely manner while the issue was being resolved.
Update [March 1, 12:00 pm]: Kaspersky clarified their response, as follows:
Kaspersky Lab would like to apologize for the inconvenience caused by an outdated certificate in Kaspersky Internet Security for Mac installer. On February 22, some Kaspersky Lab users encountered problems with the installation process: the certificate in Kaspersky Internet Security for Mac, with which the operating system validates the installation of the software, expired on February 22. This issue was reviewed and fixed on February 23. During this 24-hour period, in order not leave our users unprotected, Kaspersky Lab technical support helped users to turn their system clocks back as a temporary solution. We would like to assure all our customers that actions have been taken to prevent such incidents from occurring in the future.
To avoid any confusion, we would also like to comment on some points in the article “Dear Kaspersky Lab: Yours is a very bad installer”.
The certificate had expired for only 24 hours, not two weeks, and the certificate check is being done by macOS installation utility, not by the product's installation wrapper. The message 'Use –allowUntrusted to override” is the standard notification of the macOS installation command-line utility, shown when a user tries to install software with an outdated certificate, and regardless of this notification users don’t have the possibility of installing the product.
We would also like to provide more information the installation process. The product's installation wrapper connects to the Kaspersky Lab website, only to check if a newer version of the product is available. If a new version is in place, the installation wrapper downloads a new package and verifies by its hash that this is the correct file. There is nothing unusual about the text string mentioned in the article – it doesn’t contain keys and is in fact a cryptographic signature of the file that the installer checks to verify the integrity of an installation package being downloaded. Then, it initiates installation, and the operating system checks its signature as well. This installation wrapper is signed by an Apple-issued certificate, and a macOS feature called Gatekeeper regulates its launch and the certificate check.
Despite Kaspersky's contention that the problem lasted only 24 hours, the software in question was purchased and downloaded on February 26, and Kaspersky's technocal support told the user (my father) to turn the clock back on February 27.