1) What steps do you take to secure suspicious file samples when they are transmitted from a user's PC to your researchers? For example, are all such communications encrypted?
2) Could outside attackers eavesdrop on those communications, and if so, how? What defenses are in place to prevent this?
3) Do you ever share copies of these files with VirusTotal, law enforcement agencies, or intelligence agencies domestic or foreign?
4) For a user, is sharing suspicious files with your researchers optional? If so, do users "opt in" - or must they "opt out"?
5) Do you anonymize the source of suspicious files, and if so, how (and at which point[s] in the submission chain)?
6) Has your firm engaged in any marketing that suggests that Kaspersky Lab products are not reliable, and does it have any hard evidence - aside from U.S. media reports - that cite anonymous sources) to back up these assertions?
Bookmarks