Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security

How The Kaspersky Ban Will Hit Resellers in the US (techcrunch.com) 112

The U.S. government last week announced an unprecedented ban on selling Russian cybersecurity firm Kaspersky's software, citing national security concerns. The move, effective July 20, has left American resellers confused and worried about its impact. Kaspersky can provide updates to existing customers until September 29, after which the software's effectiveness will diminish. From a report: Avi Fleischer, the founder of Technical Difficulties, told TechCrunch that not only does he sell Kaspersky to his customers, he also uses its products on his phone and personal computer. He added that the ban is "annoying, to say the least," because he will now have to find another antivirus company and migrate all his customers to the new product, which will cost him time and money. "It's just a lot of time lost for nothing. And I don't see how I can even really charge end users for this," Fleischer said in a phone call. "It was my suggestion that they use Kaspersky and now Kaspersky is being banned by the United States government. What am I supposed to do?"
This discussion has been archived. No new comments can be posted.

How The Kaspersky Ban Will Hit Resellers in the US

Comments Filter:
  • what do? (Score:2, Insightful)

    by Thud457 ( 234763 )
    unsure whether I should post
    "FAKE NEWS demonizing friendly neighbor Russia"
    or
    "How to uninstall McAfee antivirus"
  • by Compaq Disk Rereader ( 10425332 ) on Wednesday June 26, 2024 @11:24AM (#64579839) Journal

    And I don't see how I can even really charge end users for this," Fleischer said in a phone call. "It was my suggestion that they use Kaspersky and now Kaspersky is being banned by the United States government. What am I supposed to do?"

    Kaspersky has been a suspected attack vector against the US government since at least the 00s. As a professional you should learn stuff like this. Consider potential problems with your vendors. Like literally knowing about stuff and doing research is why people are paying you.

    I think Kaspersky is a good product but anything from Russia has been sketch to anyone paying attention for ages. Getting away from them isn't "no reason" if they go back to being a decoupled pariah state again they will lash out using any tool at their disposal and history shows this.

    I'm not crazy either JetBrains had a significant investment in Russia and despite the pain of doing so they divested themselves for security and political reasons.

    • This actually seems a bit late. Around 2018 I was working on a small software house here in europe and we had to remove everything related to kaspersky, maybe because we did a lot of government stuff.

      If I remember correctly there was already very strong evidence that there was data sharing with the FSB.

      • by gweihir ( 88907 )

        Care to reference some of that evidence? Because AFAIK, there still is nothing besides speculation.

        • by Bert64 ( 520050 )

          You don't really need specific evidence. Any company which is based in $COUNTRY is beholden to demands made by the government of $COUNTRY.
          If $COUNTRY is hostile to the country where you operate, then you should not use their products. You should find either domestic products, or some from a friendly country.
          Unless of course you are actively working against your government, in which case you should use products from a country which shares your common enemy.

          It's the same reason why russia has banned the use o

          • You don't really need specific evidence. Any company which is based in $COUNTRY is beholden to demands made by the government of $COUNTRY. If $COUNTRY is hostile to the country where you operate, then you should not use their products. You should find either domestic products, or some from a friendly country. Unless of course you are actively working against your government, in which case you should use products from a country which shares your common enemy.

            It's the same reason why russia has banned the use of american suppliers such as apple, and demands that government employees source products from local or chinese suppliers.

            Aah yes. $FRIENDLY_COUNTRY. Ask Angela Merkle about how friendly the US is. I wonder if she knows how we managed to compromise her phone...

            • News Flash: Even western countries spy on their allies and have done so probably since before you were born. Didn't mean that they'd drop NATO and run off to join the Warsaw Pact.

              • News Flash: Even western countries spy on their allies and have done so probably since before you were born. Didn't mean that they'd drop NATO and run off to join the Warsaw Pact.

                Ooh, let's see if I can madlib reply:
                News derp: Warsaw isn't a city in New York. Doesn't mean they have NATO spies in New York.

                You do realize you replied to a comment that has nothing to do with NATO and/or the Warsaw Pact.
                The comment was about buying from "friendly" countries because the implication appeared to be that unfriendly countries would spy on you and friendly countries wouldn't.

                • 1. Even western (NATO) countries spy on each other
                  2. When they catch one another in the act
                  3. They have beef and sort it out
                  4. They do not get so upset with their allies that they break up
                  5. They do not run off to join the warsaw pact
                  6. The warsaw pact is often viewed as the counterpart to NATO
                  7. The warsaw pact is closely associated with the soviet union (aka USSR in case this confuses you)
                  8. The soviet union is closely associated with present or former Russia, Ruzzia, Rus.

                  Synopsis: The allies of the unit

                  • 1. Even western (NATO) countries spy on each other 2. When they catch one another in the act 3. They have beef and sort it out 4. They do not get so upset with their allies that they break up 5. They do not run off to join the warsaw pact 6. The warsaw pact is often viewed as the counterpart to NATO 7. The warsaw pact is closely associated with the soviet union (aka USSR in case this confuses you) 8. The soviet union is closely associated with present or former Russia, Ruzzia, Rus.

                    Synopsis: The allies of the united states of america spy on america, the united states of america spies on its own allies. They do not hold major grudges over this and it is not considered as big of a deal as when hostile states spy on them

                    This is why it's not a big deal that the USA spies on merkle and jesus christ I can't believe you're still talking about it.

                    Jesus Christ....I can't believe you're still not getting the point that it's about *software* being *secure* or not based on if the country said software is from is friendly or not.

                    I don't run Kaspersky because the software is shit. It doesn't matter if it's developed in Russia, China, Ukraine, Germany, the United States. And yes, the United States Government can put pressure on any company they want to gather intelligence. Even on US citizens.

                    • Nothing is secure when you have physical access to the hardware.
                      No encryption or form of authentication is immune to the rubber hose attack
                      I doubt many if any endpoint protection vendors are even bothering to formally verify the parts of their software that they could so any technical declarations that any of it is secure by any vendor is blatantly dishonest but I have little doubt that any of them would hesitate to make such a claim anyhow.

                      Not sure why but people in the comments seem to have a difficult ti

                    • Hahahaha you're a naive one!

                    • Our recent CIA torture isn't even the worst of our crimes in my lifetime and it's still better than you could expect being on the wrong side of Russia in its borders.

          • by gweihir ( 88907 )

            Specific accusations require specific evidence. Unless you are not interested in truth. Looks like you are not.

            • You're a security expert. That means you're capable of , and sometimes required to make judgement calls with incomplete information.

              • by gweihir ( 88907 )

                That is called risk management. An accusation, on the other hand, requires evidence or it is just a lie.

                • I see
                  well basically you've been arguing with randos who aren't making any specific accusation while the only person who can give you what you want is zenith1111 and he's silent

                  If I remember correctly there was already very strong evidence that there was data sharing with the FSB.

                  and by his own account his recollection sounds a little fuzzy.

                  I'm going to bet he's talking about the NSA tooling leak, which naturally kaspersky denies.

                  The one bone I'm willing to throw them here is that it's certain that the NSA worker in question was dicking around with controlled tools on his home PC running windows and off the sh

        • by Ol Olsoc ( 1175323 ) on Wednesday June 26, 2024 @12:24PM (#64580019)

          Care to reference some of that evidence? Because AFAIK, there still is nothing besides speculation.

          I called the local Russian Embassy. They topld me it was American propaganda, and all Russian software doesn't share one bit of data, Vlad's people have been unfailry besmirched, and they only want peace and harmony in a world where the USA is the real enemy.

          • by gweihir ( 88907 )

            Not even funny. Care to try again?

            • Not even funny. Care to try again?

              It was not supposed to be funny - It was very pointed sarcasm, or being sardonic. If you wish to deal with Russia anything, then so be it. So unless you are kgb, you might not know everything you think you do. And the use of KGB is most intentional.

              And that makes for no need to try again, I take anything involving Putin's Russia as something to be taken deadly seriously

              • by gweihir ( 88907 )

                I never said I wanted to use or even defend Kaspersky. I was asking for evidence because evidence would be interesting.

                • I never said I wanted to use or even defend Kaspersky. I was asking for evidence because evidence would be interesting.

                  And since we are "I never said" thing, I never said you wanted to use or defend Kaspersky. I just noted that trust is perhaps not warranted, and you are welcome to use it if you think that you trust them. I suspect that the evidence is there, you might need to be working for a certain agency to see it.

                  Perhaps in support of that is that it was banned from use for civilian based federal agencies in 2017.

                  I don't trust the Russian government - others might find them in preference to the US.

        • Why are you so pro-Kaspersky?

          • by gweihir ( 88907 )

            I am not. Why do you assume I am?

            If there is evidence, I would be interested in the nature and details of the evidence, since I am an IT security expert. Nothing to do with Kaspersky, really.

            • https://www.consumerreports.or... [consumerreports.org]
              He said she said because everyone involved is a spook or requires denial as a matter of survival you can't believe anything. Which would be the case with or without a link and you should have understood this intuitively.

              since I am an IT security expert

              Debatable.
              In matters of spying and intrigue everything is a lie and you have to have developed gut instincts and weigh benefits and risks.
              The benefit here is but yet one more vendor you could possibly use for endpoint protection, their home country, whose go

              • by gweihir ( 88907 )

                Well, I see your thought processes are deeply corrupt. Essentially, you are arguing on the level of racism or sexism. Sure, many people will go along with "arguments" of that type, but anybody interested in actual reality and truth will not. Note that I never said I trust Kaspersky (I do not). But details matter if you want to see reality.

                • And racism and sexism have proven to be hard beasts to kill. Even getting society in general, to agree that they're bad has taken considerable effort, I sometimes wonder if we're even there as a society.

                  A bias, people form biases, it's what we do and how our brains work and we do awful things with our biases. Even if our biases sometimes work against our self interests as a person or society, the vast majority of biases in fact serve us well, to the point that we generally don't even use the word "bias" t

            • Do you really need evidence of exploitation in the wild to confirm that a significant risk exists? Come on self-declared security expert, you should know this if you passed any GRC certs. Kaspersky would be classified as a high-risk application for all of those who have deployed it, since it has full system or kernel level privileges everywhere it is installed. It regularly receives updates from a central sever controlled by a Russian company. So, the risk is a supply chain attack: If one day the FSB de
              • by gweihir ( 88907 )

                If people act like there ie evidence, I am asking for it if I think it would be interesting. Here I do. Risk management is something else. Also, maybe you have never heard this, "know your enemy and its tools".

                So, after all, there is no evidence, correct?

                • There is evidence of a clear risk, but not active exploitation. That risk is Russian law allows the FSB to turn Kaspersky into a monumentally effective cyber weapon. Intelligence shows that Russia has "capability and intent" to do so. That is reason enough to ban Kaspersky. If there was evidence of previous exploitation, the story would be about what a bunch of idiots in security at US companies installed this crap knowing Russian aggression, law and cyber capabilities.
        • There is probably some Russian law + gag order related to national security access to company data.
          I would not be surprised if the content of the law is also secret.
          We almost had something like this in Romania.

          And I think even the USA, the flagship of democracy, is not foreign to laws containing gag orders (you, as a company, are not allowed to tell that one of the three letter agencies have requested information).

          • by gweihir ( 88907 )

            I really do not care about any of that. What I care for is whether there is any technical evidence Kaspersky is doing shady things. Essentially, I do not even really care about Kaspersky, I would be interested what they tried to do from a technological perspective. As far as I can tell, they have done nothing so far.

            • Kaspersky is probably not doing shady things. Kaspersky's host country has numerous ways to use them to fuck you some with the cooperation of Kaspersky employees or contractors and some without their assistance.
              My gut feeling about Kaspersky as a corporate entity and the general desires and attitudes of their executives is that they're actually probably better dudes than most folks in their business like say... McAfee or whoever the fuck owns Norton anymore. But being a good dude doesn't protect you again

        • The EternalBlue NSA tools leak is widely attributed to Kaspersky AV sending samples back to the mothership from the NSA dev who had it installed on his personal computer.

          Kaspersky denies the allegations, but the timing is interesting.

          https://www.theguardian.com/te... [theguardian.com]

          • by gweihir ( 88907 )

            Sending samples back is what AV does. After the user agrees. This is not in any way surprising or proof that Kaspersky did anything wrong here. Got anything solid? I am genuinely interested whether there is anything. So far, it does not seem to be.

            Note that I trust _no_ AV vendor. They push updates, so they can compromise any system that has their stuff on it. Same for Microsoft and many others. What I am asking is whether there is specific evidence against Kaspersky that they did use that capability agains

          • by jp10558 ( 748604 )

            I have to think that is what any AV product would do - and IDK if other vendors would "leak" the tool, but they'd certainly release CVEs and probably enough detail to patch, so likely enough detail to copy right?

            Pro tip - if you're writing exploit code, don't run commercial AV on that computer that's going to analyze such programs and send off samples on behaviorally shady programs.

        • If you have the security clearance and can demonstrate a need to know, then I'm sure a briefing can be arranged..

          • by gweihir ( 88907 )

            Pathetic. If Kaspersky had gotten caught red handed, then it would have gotten splattered all over the news.

        • Care to reference some of that evidence? Because AFAIK, there still is nothing besides speculation.

          Right!? I'd rather trust Kapersky, tbh. At least, for US corporations, there is clear evidence they're being subverted by the US government. Also why EU govts and corporations are being asked not to use US products and US platforms are being asked to host in the EU, to store EU data outside NSA/FISA/.. jurisdiction.

          No such subversion news from Russia. What we have on Russia, however, is an economic boycott. Ka

          • by gweihir ( 88907 )

            Well, Kaspersky is probably the only AV maker at this time that is willing to expose US government malware. That said, I do not trust them either. But it is something entirely different to not trust an organization and to have evidence they did shady things.

      • Who needs specific evidence? They are Russian, Putin has people killed for not doing what he wants, and the product is has incredibly high potential for spying.

        Even without evidence, that should have the product banned.

    • by evanh ( 627108 )

      Except of course it is really nothing more than sanctions - which is a valid reason in itself. The rest is FUD.

      • by znrt ( 2424692 )

        sanctions ... and propaganda.

        it is indeed a valid securit concern to protect public insitutions and critical infrastructure, which should be only running home produced or opensource sowtfare anyways, anywhere, but very specially once you have pissed off another country until you should reasonably expect every form of retaliation.

        but ... the general public? this part is about propaganda. much like the tik tok thing, they don't give a shit about user's privacy their 3-letter agency routinely violate, but they

        • by jp10558 ( 748604 )

          The problem in the US is - the general public is in many ways inclusive of critical national infrastructure as they're private businesses.

          Also - while I'm far from a media watcher - the US isn't exactly preventing anyone from facebook / X / to telegram / random web forums / mailing lists / podcasts / youtube / CNN - pick your outlet talking about gaza and many many are calling it a genocide. Maybe people don't want graphic images shared, but I don't get the feeling that is about preventing anyone in the US

          • by znrt ( 2424692 )

            that makes sense, though it may be a matter of degree, and there is a subtle difference between what citizens can access and what they are spoonfed. real critical media indeed exists, and with high quality, but has very little reach. my impression is that the majority of media in the us is traditionally markedly pro-israeli, not by coincidence, albeit part of it (cnn) has opened up a bit recently on this issue because of the sheer volume and nature of the evidence. the grip that the israeli lobby has is on

            • by jp10558 ( 748604 )

              People are spoonfed what they choose to be spoonfed. Most of the platforms are just trying to drive engagement.If people are just going to cable news, they'll get whatever that cable news channel wants - but I just don't think there's that many people who are only cable news anymore. There are die hard Fox viewers, but I think that's mostly an ageing out demographic.

              Everyone else is going to see what Facebook etc thinks will keep them engaged.

              I don't know that there's much of a controlling Israel lobby on c

      • It was made clear enough by other users that the most probable reason isn't FUD, even if Kaspersky hasn't done anything (yet). The most likely reasoning of USA authorities is that they know what they can force American companies to do, and due to that American software isn't safe to use by any country not trusting the USA (like Russia). They also know that Russia likes to copy the tricks from the American playbook... which automatically means that Russian software isn't safe to use by any country not trusti

    • And I don't see how I can even really charge end users for this," Fleischer said in a phone call. "It was my suggestion that they use Kaspersky and now Kaspersky is being banned by the United States government. What am I supposed to do?"

      Kaspersky has been a suspected attack vector against the US government since at least the 00s. As a professional you should learn stuff like this.

      So much this. Do people not pay attention to the news? It was pretty clear where Uncle Vlad was taking Russia, and I dumped Kaspersky around that time. We had a short period of time when Russia was an ally. That all changed when KGB officer Putin took over and instituted his warped version of the Soviet Union.

    • "It was my suggestion that they use Kaspersky and now Kaspersky is being banned by the United States government. What am I supposed to do?"

      Have you considered making better suggestions to your paying clients?

      I remember using Kaspersky AV scanners 20+ years ago. They were useful. Not perfect, but useful. They caught some things that Clam missed, and some that MacAfee missed... and vise-versa. Now? I wouldn't rely on any of that stuff. Things have changed. The base OS is different, web browsers are dif

      • Wow does Kaspersky not have modern endpoint protection mechanisms? I'm honestly not that familiar with it, I heard they're decent as far as that sort of shitware goes.

        Agreed that the guy is a cluebag like dude you have a million options for your clients maybe pick one from a country that's not a top nation state hacking threat encompassing dozens of APT subgroups, especially while we're engaged in a proxy war.

        It's really weird to see so many slashdotters and technical types failing this basic test of compr

    • If you're not working with government or an industry of strategic importance, there's something to be said for the security of using an unfriendly country's products. American antivirus products may be doing who knows what on behalf of the US government (usually whatever the US government is accusing other countries of), which actually has an interest in and power over your company, whereas Russia probably couldn't care less about you.

      • This is a good point. Like a legitimately good strategy for some things.
        But also its' best cases have a strong overlap with the "run nothing" and "use open source solutions" cases.
        For the remainder you should maybe ask yourself if you should be doing it or if you should be working there.
        Not saying the answer is no, that's a personal judgement call based on weird circumstance.

    • by AmiMoJo ( 196126 )

      I wonder how many people will be doing chargebacks when the updates stop before their subscription is finished.

      It's the resellers that will take the hit. Kaspersky isn't going to refund them.

    • by dszd0g ( 127522 )

      I agree, I've avoided recommending Kaspersky products to customers since the KGB/FSB and government-sponsored hacker connection articles made the news which was around 2012 I believe. It was also a major news item when the US government banned Kaspersky products on government systems in 2017.

      If people are paying you to make security recommendations, it's your job to understand security risks.

      NIST 800-53r5 SA-21, for example: "Because the system, system component, or system service may be used in critical ac

    • Kaspersky has been a suspected attack vector against the US government since at least the 00s.

      What is so special about Kaspersky? There are lots of programs out there that are created to allow data gathering and for sending commands to your computer. Play any games? Those launchers could do ANYTHING. The anti-cheat mechanisms give kernel level control.

      And you want to worry about one company because it is explicitly owned by a Russian? It makes sense that the software would be banned from government computers... but to forbid the general population from using it? I fail to see the justification.

      • Because Russia is special in it's desire to simply cause havoc for disrupting the status quo. Let's say you sell concrete, Russia would happily fuck with you just to disrupt things happening in the USA. Not likely, but they are special that way.

        I don't care use kasperksy. Also lol at even bothering to install games that load kernel modules.

        • Because Russia is special in it's desire to simply cause havoc for disrupting the status quo.

          Ok, but Kaspersky is not Russia. Sure Russia could cause Kaspersky to give up their entire business by distributing some sort of malware, but why would they disrupt their own economy when they can disrupt by infecting the xv library or having staff at Solar Winds insert code. No economic damage to Russia and the payload is delivered by software that you trust because it is not Russian.

          I don't care use kasperksy. Also lol at even bothering to install games that load kernel modules.

          Exactly how stupid do you think I am? I don't use it and I wouldn't use it. That doesn't give me the right to ban it for any

          • Sure Russia could cause Kaspersky to give up their entire business by distributing some sort of malware, but why would they disrupt their own economy

            Russia causes self inflicted pain for the same reason a dog licks its own asshole.

            • Yeah, and I could cut my nose off to spite my face. Yes, it happens, no, I have never personally met a person without a nose.

              • This lady used to wander around Seattle and she did in fact cut off her own nose.

                https://www.reddit.com/r/Seatt... [reddit.com]
                Her wordpress has been taken down but she posted a play by play of the whole operation. She's wander around with a large sign with the URL on it.
                I have the pictures of her cutting off her nose with a machete saved somewhere in each photo she makes sure her cat is in frame like its a cute selfie despite her own facial expression looking pissed off and deranged (and noseless)

                So anyhow she's probab

  • I don't see how I can even really charge end users for this," Fleischer said in a phone call. "It was my suggestion that they use Kaspersky"

    if you got them to pay for any "antivirus solution" they will pay for a "migration". some even will do it eagerly for "nashonal security". this new move by the biden clique is indeed insidious (it's becoming routine) but doesn't stop you from living off the low hanging fruit and might even increase your profits for a while. precisely in preparation of which you are putting up the drama, i guess ...

  • by AcidFnTonic ( 791034 ) on Wednesday June 26, 2024 @11:42AM (#64579899) Homepage

    I don't see why we aren't allowed to choose for ourselves.

    I personally liked how Kaspersky was one of the only antivirus to flag the FBI GreenLantern keylogger when clearly american companies were forced to not detect it.

    If I choose to run it on my own air-gapped devices to help spot any attempted illegal tampering by american law enforcement, that should be my right.

    • by quantaman ( 517394 ) on Wednesday June 26, 2024 @11:53AM (#64579929)

      I don't see why we aren't allowed to choose for ourselves.

      Because it affects both foreign relations (sending money to a hostile state) and potentially turns your machine into a vector for a Russia cyber attack against the US.

      The US government is entirely in its right to ban it.

      • Because it affects both foreign relations (sending money to a hostile state)

        I was unaware that there was a blanket ban on all commercial transactions with people in Russia. If there is, then Kaspersky is a legitimate target for banning.

        and potentially turns your machine into a vector for a Russia cyber attack against the US.

        So does using Linux or any of the social media apps or Adobe products or Microsoft products or ...

        What is special about Kaspersky?

        The US government is entirely in its right to ban it.

        No. No it is not. We do not live in a Kingdom or Dictatorship. "Feeling" like something is dangerous is no basis for banning it.

        Installing Kaspersky on government computers is provably bad. An individual installing Kaspers

        • Because it affects both foreign relations (sending money to a hostile state)

          I was unaware that there was a blanket ban on all commercial transactions with people in Russia. If there is, then Kaspersky is a legitimate target for banning.

          No there's not a blanket ban, but as of now there's a Kasperky ban.

          and potentially turns your machine into a vector for a Russia cyber attack against the US.

          So does using Linux or any of the social media apps or Adobe products or Microsoft products or ...

          What is special about Kaspersky?

          It can self-update, gather a ton of intel even in its unaltered state, and is possibly under the thumb of the Russian government.

          The US government is entirely in its right to ban it.

          No. No it is not. We do not live in a Kingdom or Dictatorship. "Feeling" like something is dangerous is no basis for banning it.

          Installing Kaspersky on government computers is provably bad. An individual installing Kaspersky on their personal computer is absolutely NOT provably bad. Banning it on personal devices is a step too far without further justification.

          A Democracy is still well within its rights to ban products provided they have a legitimate reason. Sanctions + security are enough of a reason for Kaspersky.

    • I don't see why we aren't allowed to choose for ourselves.

      You would really have been pissed when in WW2, we stopped trading with Germany, Italy and Japan. Such inconvenience.

  • by akw0088 ( 7073305 ) on Wednesday June 26, 2024 @11:42AM (#64579903)
    Antivirus apps essentially scan all of your files and upload "potential" threats back home. If you wanted to analyze what your customers do with their computers it wouldn't be too much work to use it as a spy tool. Upload everything that has the word classified in it etc
    • by Vlad_the_Inhaler ( 32958 ) on Wednesday June 26, 2024 @11:59AM (#64579943)

      I read a test in a German computer magazine a couple of years ago (called C't) and they analysed exactly what the various scanners "send home". Your wild claim came close to the truth with one scanner (and I can't remember which one any more) but it was not Kaspersky. As to the technical competence at C't, a few years earlier they were the ones who proved conclusively that the software which claimed to double your RAM did nothing of the kind - that the system calls which would have been necessary were simply not present. They regularly perform security analysis on various products.

      • A meaningless test result doesn't prove anything. At most you could prove it doesn't routinely send stuff home. To make sure it doesn't would require a code analysis, as it could scan for specific things and send only then and it could accept external commands.

    • Antivirus apps essentially scan all of your files and upload "potential" threats back home.

      Steam does that too. It especially looks at your browser history to see if you have been looking for cheats. Much of the software on a Microsoft based computer is focused on analyzing and extracting data from you and your computer, even the operating system itself is gathering this data. If we are discussing phones, then EVERY piece of software collects data about you and uploads it.

      TL;DR, much of what would cause "fear" in using Kaspersky could be dealt with by enacting privacy laws and enforcing them. Ban

  • Your use? (Score:4, Interesting)

    by kackle ( 910159 ) on Wednesday June 26, 2024 @12:20PM (#64579995)
    I haven't used antivirus software for at least a dozen years (go browser blockers, though!) and it seemed dubious to begin with. I think the only catch I ever saw it make, anywhere, was when it flagged a new Word document that I just made from scratch. Do you guys ever see it being useful in your experiences?
    • I mean like you pretty much have to have something along those lines in any large enterprise or else they can make the case you didn't do your job. Mostly this shit is junk and I remember logging into a box at a former employer, seeing obvious malware running, and it had disabled the endpoint protection.

      I reported it and nothing was done. I used to break into win95 boxes back in the day and would chuckle that the vast majority of them had some of this crap in the system tray, lot of good it did.
      Then agai

    • Seems like Windows Defender got good enough that Windows users seldom need antivirus software. Definitely not Norton.

    • by antdude ( 79039 )

      Yes, a few times since my DOS days in the 90s like on 3.5" floppy disks. Online like macros, adwares, spywares, etc. I have had many false positives too.

    • On Amiga, and on 68k macs, antivirus software was absolutely necessary.

      On Windows through ME, same.

      I've caught actual viruses with antivirus on XP, not just a Word document, and maybe once or twice on 7.

      I occasionally run clamscan, haven't come up with anything in ages. But I'm not doing a bunch of risky stuff any more.

  • by ebrandsberg ( 75344 ) on Wednesday June 26, 2024 @12:28PM (#64580029)

    When you are recommending an anti-virus that has been known to send sensitive information out of the country. It has been found to scan for the signatures of not just viruses, but of known sensitive US documents. Anybody recommending it to their users should have switched to another vendor long ago to begin with, so I don't feel bad for those still pushing it. They had years to adjust what they were pushing to their customers. And most users on Windows just use Windows Defender anyway, which does a decent job, but it is hard to charge for that. Right?

  • antivirus and security software packages out there. eyeroll.
  • Siteground is owned by Russians. I have most of my sites there. Not too hard to move I guess, but I've been wondering when the shoe would drop. Guess it has for Kaspersky.
  • by FudRucker ( 866063 ) on Wednesday June 26, 2024 @12:50PM (#64580093)
    that Kapersky did not whitelist US Government spyware so it would alert users of US Government spying too, i dont know for sure if this is true or not but as crazy as the US Government has been the last 2 decades i would not dismiss it completely, take it with a grain of salt and wait for more evidence to surface
    • Source? I've seen this repeated on Slashdot, but never sourced, and I can't imagine why Kaspersky would be the only non-U.S. antivirus vendor to have this problem. Individual U.S. companies complying, maybe, but every antivirus vendor in the world complying except Kaspersky? Sounds ridiculous on its face. Nation-states don't need cooperation for stuff like this, they just make their tools stealthy enough to avoid detection by heuristic scanners, and deploy them selectively to avoid easy detection that would
      • This does not specifically mention Kaspersky, but this is the incident that started the whole discussion.

        https://en.wikipedia.org/wiki/... [wikipedia.org]

        From memory, Kaspersky was one of the AVs that caught it earlier than the others and their potential cooperation was discussed and dismissed. It is funny that the article does not mention that... but I am getting used to it.

  • by Compaq Disk Rereader ( 10425332 ) on Wednesday June 26, 2024 @12:57PM (#64580119) Journal

    (not saying his name so my comment doesn't give him bad exposure)

    He's running a classic computer and tech services store, like with a storefront and showroom, remember those?
    It's painful that TechCrunch reached out to get a quote from him. Like this would have been an ok source, from a local NBC affiliate, in 1988. Not today, nation wide, from a tech blog.

    No hate on the guy, what he does is cool but to act like the guy has an exactly informed opinion in the grand scheme of things is pretty silly. He's a kind of jack of all trades serving individuals and small business I'm sure. It's borderline irresponsible for TechCrunch to reach out to him on security issues and actually almost evil to give him and his business such broad exposure to let him stick his foot in his mouth in front of a national audience.

    All so TC can have a "balanced viewpoints, you decide". But they're fucking TC they know damn well.

    • True, but they probably had very little time to find someone who was both oblivious enough to still be shilling Kaspersky in 2024and willing to talk to TC.

      I guess they didn't want to run the story with "This ban affects real people. We couldn't actually find any, but it does - trust us."

  • Danny Falin, the president of Georgia IT Consulting, said that the ban is “a burden” on his company, his customers and other MSP services, and that the ban is a “political” decision by the Biden administration that will only damage Americans in the end.

    I wish I'd read the whole article before posting cause I'm definitely ok embarrassing this clown.

  • One could have seen this coming for years. In general, Kaspersky is one of the best products out there, but because of the political climate, it is prudent to go elsewhere, just like it is prudent to store one's data somewhere else than Yandex, even though Yandex is one of the best cloud providers out there.

    The problem is that even if Kaspersky has a 100% clean product, because it comes from Russia, which is a hostile nation, there is grave concern even if the product itsself is above reproach.

    AV especiall

  • They were marked since they disclosed the most important silicon-level back door to "national security".

    The State had used it to spy on everyone including its own journalists.

    Security Now did the best breakdown. It's highly censored in search engines (but try Yandex?)

  • by tiqui ( 1024021 ) on Wednesday June 26, 2024 @07:09PM (#64580981)

    There are American security people selling a Russian anti-virus program to Americans??? Do these supposed security experts in the US who sell people on this idea have ANY proof that the people writing viruses in Russia are not the same people writing the "anti-virus" programs? How do such people get the reputaion for being security experts/professionals?

    This was bad enough when relations between the two countries were better and one only had to suspect shady business practices, but now with the two governments spitting at each other, it's a pretty obviously bad idea. We seem to be in the theater of the absurd.

    Just how many people would buy their software from RussianHackers.com? To flip it the other way, just how many Russians would buy anti-virus software [knowingly, anyway] from the American CIA?

    • There are American security people selling a Russian anti-virus program to Americans??? Do these supposed security experts in the US who sell people on this idea have ANY proof that the people writing viruses in Russia are not the same people writing the "anti-virus" programs? How do such people get the reputaion for being security experts/professionals?

      Bro, get out of your head. How do you know that ANY software that you use was honestly written with good intentions? Being from Russia is a "red flag" if you are American, but a "red flag" is only something to attract your attention to give you a chance to fully analyze what is going on instead of just "winging it" like we normally do. In this case, there are literal Russians working at Microsoft. Does that make all Microsoft software suspect to you? (Microsoft software should be suspect, but not explicitly

      • and you just might realize that we agree... THAT was my point. (note: I commented on the nuttiness of a Russian trusting code from the US).

        If you did not write the code your machine is running, then you are running stuff based on some level of trust in the supplier. It's bad enough when, for example, American medical institutions trust Microsoft (for the Windows OS) and some US vendor for their medical software, and it ends up corrupted or hack-able etc. Adding to that problem a bunch of [presumed] security

You know you've landed gear-up when it takes full power to taxi.

Working...