Oh jeez, the Bloomberg spin doctors are at it again. There is no hint of a suggestion at all in the article that Kaspersky had any nefarious intent
"The JavaScript, presented below this paragraph, was designed to, among other things, present a green icon that corresponded to safe links returned in search results. "
"Kaspersky stopped sending the identifier in June, after Eikenberg privately reported the behavior to the AV company. "
So in short, a) the company had a feature that, unbeknownst to them, could be manipulated for nefarious means and b) as soon as they became aware, they removed it. MS has been caught the same way 100s of time. To suggest that this is a Russian plot, is akin to Hillary's white slavery sex ring being run in pizzeria basements throughout America.
The article goes on to say ...
"Before readers get worked up into too much of a lather, let's review a few things. Even without a unique tracking number, there are plenty of ways for websites to uniquely identify their visitors. IP addresses and cookies are the most obvious ways, but often the specific combination of installed fonts, extensions, and configuration settings are all that's needed to fingerprint a specific user", ,,,The upshot of all this: adding a unique identifier to a security feature seems unnecessary and less than ideal for privacy, ***but it's not something to make a federal case out of. Last, it wouldn't be surprising if other AV products do, or have done in the past, similar things.***"
So Kaspersky, which provides tracking protection that blocks most tracking attempts had a feature that could be manipulated mby a single pathway. Windows Defender provides no tracking protection whatsoever. With Bloomberg as the source of the allegations, it belongs in the same can with the pizza basement stuff. As usual they got it wrong.
There was an incident where a senstive file was uploaded to kaspersky servers. The software has an **option** that, if enabled, you can autosend infected files to kaspersky for analysis. If you have sensitive information on your drives, enabling such an option should be a huge no no. So the user had a zip file, which contained sensitive info and who knows what else ... the software detected an infection and ***because this option was enabled*** and as a result of that user's choice a file was uploaded to kaspersky servers. These servers are now located in Switzerland